chore(ci): udpate artifact actions to v4 (#2292) #1039
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
tags: | |
- '*' | |
pull_request: | |
branches: | |
- main | |
env: | |
XDG_CACHE_HOME: ${{ github.workspace }}/.cache | |
jobs: | |
build: | |
name: build | |
uses: ./.github/workflows/build.yml | |
test-unit: | |
name: 'test:unit' | |
uses: ./.github/workflows/test-unit.yml | |
publishPreview: | |
name: publish preview | |
needs: build | |
environment: Deploy | |
runs-on: ubuntu-latest | |
outputs: | |
cid: ${{ steps.ipfs.outputs.cid }} | |
steps: | |
- uses: actions/[email protected] | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: lts/* | |
cache: 'npm' | |
- name: Cache build output | |
uses: actions/cache@v4 | |
id: build-cache | |
with: | |
path: build | |
# Build hash should be based on runner.os, src files, and dependencies used. | |
key: ${{ runner.os }}-build-${{ hashFiles('package.json', 'package-lock.json', 'public', 'src/**', '*.js', '*.ts') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ hashFiles('package.json', 'package-lock.json', 'public', 'src/**', '*.js', '*.ts') }} | |
- name: Cache bigger downloads | |
uses: actions/cache@v4 | |
id: cache | |
with: | |
path: ${{ github.workspace }}/.cache | |
key: ${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json') }} | |
${{ runner.os }}- | |
# pin the built site to ipfs-websites cluster, output the cid as `steps.ipfs.outputs.cid` | |
# see: https://github.com/ipfs-shipyard/ipfs-github-action | |
- uses: ipfs/download-ipfs-distribution-action@v1 | |
with: | |
name: kubo | |
- uses: ipfs/download-ipfs-distribution-action@v1 | |
with: | |
name: ipfs-cluster-ctl | |
- name: Fix DNS resolver | |
run: | | |
# fix resolv - DNS provided by Github is unreliable for DNSLik/dnsaddr | |
sudo sed -i -e 's/nameserver 127.0.0.*/nameserver 1.1.1.1/g' /etc/resolv.conf | |
- uses: ipfs/start-ipfs-daemon-action@v1 | |
- name: Import build/ to IPFS | |
id: ipfs | |
run: | | |
root_cid=$(ipfs add --cid-version 1 -Q -r ./build) | |
echo "cid=$root_cid" >> $GITHUB_OUTPUT | |
- run: echo ${{ steps.ipfs.outputs.cid }} | |
- run: echo ${{ github.ref }} | |
- name: Create ipfs-webui.car file | |
run: | | |
ipfs dag export ${{ steps.ipfs.outputs.cid }} > ipfs-webui_${{ github.sha }}.car | |
- name: Attach produced build to Github Action | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ipfs-webui_${{ github.sha }}.car | |
path: ipfs-webui_${{ github.sha }}.car | |
if-no-files-found: error | |
# Instructions for this are at https://github.com/ipfs/ipfs-webui/issues/2161#issuecomment-1836835068 | |
- name: Pin to web3.storage with w3cli | |
id: pin-w3up | |
# only pin for main commits | |
if: github.ref == 'refs/heads/main' | |
continue-on-error: true | |
run: | | |
# ensure whoami | |
npx -y --package=@web3-storage/w3cli@latest -- w3 whoami | |
# convert base64 env var to file | |
echo $W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING | base64 -d > ipfs-webui-ci-space.ucan.proof | |
# Add space | |
export W3CLI_SPACE_DID=$(npx -y --package=@web3-storage/w3cli@latest -- w3 space add ipfs-webui-ci-space.ucan.proof) | |
# use space | |
npx -y --package=@web3-storage/w3cli@latest -- w3 space use $W3CLI_SPACE_DID | |
# upload car | |
npx -y --package=@web3-storage/w3cli@latest -- w3 up --no-wrap -c ipfs-webui_${{ github.sha }}.car | |
env: | |
W3_STORE_NAME: ipfs-webui-ci | |
W3_AGENT_DID: ${{ secrets.W3_AGENT_DID }} | |
# set w3cli principal from https://github.com/web3-storage/w3cli#w3_principal | |
W3_PRINCIPAL: ${{ secrets.W3_AGENT_PRINCIPAL }} | |
W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING: ${{ secrets.W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING }} | |
- name: Pin to ipfs-websites.collab.ipfscluster.io | |
id: pin-cluster | |
# only pin for main commits | |
if: github.ref == 'refs/heads/main' | |
continue-on-error: true | |
run: | | |
ipfs-cluster-ctl --enc=json \ | |
--host "${CLUSTER_HOST}" \ | |
--basic-auth "$CLUSTER_USER:$CLUSTER_PASSWORD" \ | |
peers ls > cluster-peers-ls | |
for maddr in $(jq -r '.ipfs.addresses[]?' cluster-peers-ls); do | |
ipfs swarm peering add "$maddr" & | |
ipfs swarm connect "$maddr" & | |
done | |
ipfs-cluster-ctl --enc=json \ | |
--host "${CLUSTER_HOST}" \ | |
--basic-auth "${CLUSTER_USER}:${CLUSTER_PASSWORD}" \ | |
pin add \ | |
--name "${PIN_NAME}" \ | |
--replication-min 1 \ | |
--replication-max 3 \ | |
--wait \ | |
$PIN_CID | |
env: | |
CLUSTER_HOST: "/dnsaddr/ipfs-websites.collab.ipfscluster.io" | |
CLUSTER_USER: ${{ secrets.CLUSTER_USER }} | |
CLUSTER_PASSWORD: ${{ secrets.CLUSTER_PASSWORD }} | |
PIN_CID: ${{ steps.ipfs.outputs.cid }} | |
PIN_NAME: "ipfs-webui@${{ github.sha }}" | |
- name: Fail job due to pinning failure | |
# only fail if pinning failed for main commits | |
if: github.ref == 'refs/heads/main' && steps.pin-w3up.outcome == 'failure' && steps.pin-cluster.outcome == 'failure' | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
core.setFailed('Pinning did not succeed') | |
# dnslink-dnsimple requires go | |
- uses: actions/setup-go@v4 | |
if: github.ref == 'refs/heads/main' | |
with: | |
go-version: "1.20.x" | |
- name: Set up dnslink updater | |
if: github.ref == 'refs/heads/main' | |
run: go install github.com/ipfs/[email protected] | |
# dev dnslink is updated on each main branch update | |
- run: dnslink-dnsimple --domain ipfs.tech --record _dnslink.dev.webui --link /ipfs/${{ steps.ipfs.outputs.cid }} | |
if: github.ref == 'refs/heads/main' | |
env: | |
DNSIMPLE_TOKEN: ${{ secrets.DNSIMPLE_TOKEN }} | |
# production dnslink is updated on release (during tag build) | |
- run: dnslink-dnsimple --domain ipfs.tech --record _dnslink.webui --link /ipfs/${{ steps.ipfs.outputs.cid }} | |
if: github.ref == 'refs/heads/main' && github.event_name == 'workflow_dispatch' | |
env: | |
DNSIMPLE_TOKEN: ${{ secrets.DNSIMPLE_TOKEN }} | |
test-e2e: | |
name: 'test:e2e' | |
uses: ./.github/workflows/test-e2e.yml | |
test-storybook: | |
name: 'test:storybook' | |
uses: ./.github/workflows/test-storybook.yml | |
# separate check for TS | |
typecheck: | |
name: typecheck | |
needs: build | |
uses: ./.github/workflows/typecheck.yml | |
# separate check for eslint | |
eslint: | |
name: eslint | |
needs: build | |
uses: ./.github/workflows/eslint.yml | |
# separate check for dep-check | |
depcheck: | |
name: depcheck | |
needs: build | |
uses: ./.github/workflows/depcheck.yml | |
# automatically commit new tag and changelog updates when a push to main happens. | |
# This will then trigger | |
# 1. The 'ci.yml' workflow for the newly committed git tag, | |
# 2. The 'publish-release-build.yml' workflow | |
release: | |
name: 'Run semantic release' | |
runs-on: ubuntu-latest | |
needs: [build, publishPreview, eslint, typecheck, depcheck, test-e2e, test-unit, test-storybook] | |
steps: | |
- name: Checkout 🛎️ | |
uses: actions/[email protected] | |
with: | |
persist-credentials: false | |
- name: Cache bigger downloads | |
uses: actions/cache@v4 | |
id: cache | |
with: | |
path: ${{ github.workspace }}/.cache | |
key: ${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json') }} | |
${{ runner.os }}- | |
- name: Cache build dir | |
uses: actions/cache@v4 | |
id: build-cache | |
with: | |
path: build | |
key: ${{ runner.os }}-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-${{ github.sha }} | |
# This is needed for custom-release-notes-generator.js to inject the CID in the release notes | |
- name: Write CID to tmp file | |
run: | | |
echo ${{ needs.publishPreview.outputs.cid }} > .cid | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: lts/* | |
cache: 'npm' | |
- name: Install dependencies | |
run: npm ci --prefer-offline --no-audit --progress=false | |
- name: Download CAR artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: ipfs-webui_${{ github.sha }}.car | |
- name: Dry-run semantic release | |
if: github.ref != 'refs/heads/main' | |
run: | | |
git config user.name "ipfs-gui-bot" | |
git config user.email "[email protected]" | |
npx semantic-release --ci --dry-run -b ${{ github.ref }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
# Update the version (npm version [major|minor|patch]) | |
- name: Run semantic release | |
if: github.ref == 'refs/heads/main' && github.event_name == 'workflow_dispatch' | |
run: | | |
git config user.name "ipfs-gui-bot" | |
git config user.email "[email protected]" | |
npx semantic-release --ci | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} |