Skip to content

Reinstate use of secrets.TOKEN because GITHUB_TOKEN cannot push to protected main #53

Reinstate use of secrets.TOKEN because GITHUB_TOKEN cannot push to protected main

Reinstate use of secrets.TOKEN because GITHUB_TOKEN cannot push to protected main #53

Workflow file for this run

name: CI
on:
push:
branches:
- main
paths-ignore:
- "docs/**"
- ".vscode/**"
- ".github/**"
- "*.md"
- "**/*.md"
pull_request:
branches:
- main
release:
types:
- released
concurrency:
group: ${{ github.workflow }}-${{ github.base_ref || github.run_id }}
cancel-in-progress: false
jobs:
build:
timeout-minutes: 10
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macOS-latest]
outputs:
taggedbranch: ${{ steps.find-branch.outputs.taggedbranch }}
steps:
- uses: actions/checkout@v4
- run: git fetch --depth=1 origin +refs/tags/*:refs/tags/*
- name: Find which branch the release tag points at
id: find-branch
if: github.event_name == 'release' && runner.os == 'Linux'
shell: bash
run: |
git fetch --depth=1 origin +refs/heads/*:refs/heads/*
set -x
TAGGEDBRANCH=$(git for-each-ref --points-at=${{github.sha}} --format='%(refname:lstrip=2)' refs/heads/)
echo "taggedbranch=$TAGGEDBRANCH" >> $GITHUB_OUTPUT
- name: Set an output
id: set-version
if: runner.os == 'Linux'
run: |
set -x
VERSION=$(jq -r '.version' package.json | cut -d- -f1)
[ $GITHUB_EVENT_NAME == 'release' ] && VERSION=${{ github.event.release.tag_name }} && VERSION=${VERSION/v/}
CHANGELOG=$(cat CHANGELOG.md | sed -n "/## \[${VERSION}\]/,/## /p" | sed '/^$/d;1d;$d')
CHANGELOG="${CHANGELOG//$'\n'/'%0A'}"
echo "changelog=$CHANGELOG" >> $GITHUB_OUTPUT
git tag -l | cat
[ $GITHUB_EVENT_NAME == 'push' ] && VERSION+=-beta && VERSION+=.$(($(git tag -l "v$VERSION.*" | sort -nt. -k4 2>/dev/null | tail -1 | cut -d. -f4)+1))
[ $GITHUB_EVENT_NAME == 'pull_request' ] && VERSION+=-dev.${{ github.event.pull_request.number }}
echo "version=$VERSION" >> $GITHUB_OUTPUT
NAME=$(jq -r '.name' package.json)-$VERSION
echo "name=$NAME" >> $GITHUB_OUTPUT
tmp=$(mktemp)
jq --arg version "$VERSION" '.version = $version' package.json > "$tmp" && mv "$tmp" package.json
mkdir dist
echo $VERSION > meta.version
echo $NAME > meta.name
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: 20
- run: npm install
- name: lint
if: runner.os == 'Linux-NOSUCH'
run: npm run lint
- run: npm run compile
- name: npm test
uses: coactions/setup-xvfb@v1
with:
run: npm run test
- name: Build package
if: runner.os == 'Linux'
run: |
npx vsce package -o ${{ steps.set-version.outputs.name }}.vsix
- uses: actions/upload-artifact@v4
if: (runner.os == 'Linux') && (github.event_name != 'release')
with:
name: ${{ steps.set-version.outputs.name }}.vsix
path: ${{ steps.set-version.outputs.name }}.vsix
- uses: actions/upload-artifact@v4
if: runner.os == 'Linux'
with:
name: meta
path: |
meta.name
meta.version
beta:
if: (github.event_name == 'push')
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/download-artifact@v4
with:
name: meta
path: .
- name: Set an output
id: set-version
if: runner.os == 'Linux'
run: |
set -x
echo "version=`cat meta.version`" >> $GITHUB_OUTPUT
echo "name=`cat meta.name`" >> $GITHUB_OUTPUT
- uses: actions/download-artifact@v4
with:
name: ${{ steps.set-version.outputs.name }}.vsix
- name: Create Release
id: create-release
uses: softprops/action-gh-release@v1
if: runner.os == 'Linux'
with:
tag_name: v${{ steps.set-version.outputs.version }}
prerelease: ${{ github.event_name != 'release' }}
files: ${{ steps.set-version.outputs.name }}.vsix
token: ${{ secrets.GITHUB_TOKEN }}
publish:
needs: build
if: github.event_name == 'release' && needs.build.outputs.taggedbranch == 'main'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.TOKEN }}
- uses: actions/download-artifact@v4
with:
name: meta
path: .
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: 20
- name: Prepare build
id: set-version
run: |
VERSION=`cat meta.version`
NEXT_VERSION=`cat meta.version | awk -F. '/[0-9]+\./{$NF++;print}' OFS=.`
echo "name=`cat meta.name`" >> $GITHUB_OUTPUT
tmp=$(mktemp)
git config --global user.name 'ProjectBot'
git config --global user.email '[email protected]'
jq --arg version "${NEXT_VERSION}-SNAPSHOT" '.version = $version' package.json > "$tmp" && mv "$tmp" package.json
git add package.json
git commit -m 'auto bump version with release'
jq --arg version "$VERSION" '.version = $version' package.json > "$tmp" && mv "$tmp" package.json
npm install
jq 'del(.enableProposedApi,.enabledApiProposals)' package.json > "$tmp" && mv "$tmp" package.json
git push
- name: Build package
run: |
npx vsce package -o ${{ steps.set-version.outputs.name }}.vsix
- name: Upload Release Asset
id: upload-release-asset
uses: softprops/action-gh-release@v1
if: runner.os == 'Linux'
with:
tag_name: ${{ github.event.release.tag_name }}
files: ${{ steps.set-version.outputs.name }}.vsix
token: ${{ secrets.GITHUB_TOKEN }}
- name: Publish to VSCode Marketplace
run: |
[ -n "${{ secrets.VSCE_TOKEN }}" ] && \
npx vsce publish --packagePath ${{ steps.set-version.outputs.name }}.vsix -p ${{ secrets.VSCE_TOKEN }} || true