Update changesets to fix CVE in cross-spawn #345
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build, test, publish | |
env: | |
CI: true | |
B2B_FLAVOUR: PREOPS | |
B2B_ENDPOINT: https://b2b-proxy.4me.im/ | |
B2B_XSD_REMOTE_URL: https://wsdl.b2B-proxy.4me.im/27.0.0.tar.gz | |
B2B_API_KEY_ID: ${{ secrets.B2B_API_KEY_ID }} | |
B2B_API_SECRET_KEY: ${{ secrets.B2B_API_SECRET_KEY }} | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
# REAL_B2B_CONNECTIONS: true | |
on: | |
push: | |
branches: | |
- 'master' | |
pull_request: | |
branches: | |
- '*' | |
jobs: | |
dedupe-check: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: 'Install pnpm' | |
uses: pnpm/action-setup@v4 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Get pnpm store directory | |
id: pnpm-cache | |
shell: bash | |
run: | | |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | |
- name: Setup pnpm cache | |
uses: actions/cache@v4 | |
with: | |
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | |
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
restore-keys: | | |
${{ runner.os }}-pnpm-store- | |
- name: Check duplicate dependencies | |
run: pnpm dedupe --check | |
lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: 'Install pnpm' | |
uses: pnpm/action-setup@v4 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Get pnpm store directory | |
id: pnpm-cache | |
shell: bash | |
run: | | |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | |
- name: Setup pnpm cache | |
uses: actions/cache@v4 | |
with: | |
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | |
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
restore-keys: | | |
${{ runner.os }}-pnpm-store- | |
- name: Install dependencies | |
run: pnpm install | |
- name: Lint | |
run: pnpm lint | |
# Test the lib, runs on every commit | |
test: | |
runs-on: ubuntu-latest | |
env: | |
# This will enable real b2b connections on node 20 and if secrets.B2B_API_KEY_ID is set | |
REAL_B2B_CONNECTIONS: ${{ matrix.node-version == '20' && secrets.B2B_API_KEY_ID && '1' || '' }} | |
strategy: | |
matrix: | |
node-version: | |
- 18 | |
- 20 | |
- 22 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: 'Install pnpm' | |
uses: pnpm/action-setup@v4 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Get pnpm store directory | |
id: pnpm-cache | |
shell: bash | |
run: | | |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | |
- name: Setup pnpm cache | |
uses: actions/cache@v4 | |
with: | |
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | |
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
restore-keys: | | |
${{ runner.os }}-pnpm-store- | |
- name: 'Create b2b-xsd folder' | |
run: mkdir b2b-xsd && touch b2b-xsd/.ghcache | |
- name: '[GH Cache] B2B XSD' | |
uses: actions/cache@v4 | |
with: | |
path: 'b2b-xsd' | |
key: ${{ runner.os }}-b2b-xsd-${{ hashFiles('**/b2b-xsd/**')}} | |
restore-keys: | | |
${{ runner.os }}-b2b-xsd | |
- name: 'Install deps' | |
run: pnpm install --frozen-lockfile | |
- name: 'TypeScript check' | |
run: pnpm typecheck | |
- name: 'Build' | |
run: pnpm build | |
- name: 'Download B2B WSDL' | |
run: pnpm downloadWSDL | |
- name: 'Run test suite' | |
run: pnpm test:ci | |
- name: 'Upload coverage' | |
uses: codecov/codecov-action@v4 | |
if: env.REAL_B2B_CONNECTIONS == '1' | |
with: | |
fail_ci_if_error: true | |
directory: ./coverage | |
# Publish package to npm | |
# deploy-packages: | |
# if: github.repository == 'DGAC/nmb2b-client-js' && startsWith(github.ref, 'refs/tags/v') | |
# runs-on: ubuntu-latest | |
# needs: | |
# - lint | |
# - test | |
# - dedupe-check | |
# steps: | |
# - uses: actions/checkout@v4 | |
# - name: 'Install pnpm' | |
# uses: pnpm/action-setup@v4 | |
# - name: Use Node.js ${{ matrix.node-version }} | |
# uses: actions/setup-node@v4 | |
# with: | |
# node-version: ${{ matrix.node-version }} | |
# registry-url: 'https://registry.npmjs.org' | |
# - name: Get pnpm store directory | |
# id: pnpm-cache | |
# shell: bash | |
# run: | | |
# echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | |
# - name: Setup pnpm cache | |
# uses: actions/cache@v4 | |
# with: | |
# path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | |
# key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
# restore-keys: | | |
# ${{ runner.os }}-pnpm-store- | |
# - name: Install deps | |
# run: pnpm install --frozen-lockfile | |
# - name: Build | |
# run: pnpm build | |
# - name: deploy packages | |
# # --no-git-checks because we're publishing from a tag pipeline and not a branch pipeline | |
# # See here: https://github.com/pnpm/pnpm/issues/5894 | |
# run: pnpm publish --no-git-checks --provenance | |
# env: | |
# NODE_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }} |