ci: separate codecov workflow #498
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Deployment | |
| # Triggers the following workflows: | |
| # - .github/workflows/codecov.yml | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.ref }} | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| jobs: | |
| continuous-integration: | |
| name: Continuous integration | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download code from GitHub | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| - name: Configure GitHub Pages | |
| uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 | |
| - name: Install pnpm package manager | |
| uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 | |
| - name: Set up Node.js version | |
| uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 | |
| with: | |
| node-version-file: .nvmrc | |
| - name: Check for known security issues with npm packages | |
| run: | | |
| echo "Auditing npm dependencies before installing them. For more information, see: https://nldesignsystem.nl/pnpm-audit" | |
| pnpm audit --audit-level critical | |
| - name: Install dependencies specified in package.json | |
| run: pnpm install --frozen-lockfile | |
| - name: Run the lint script in package.json scripts | |
| run: pnpm run --if-present lint | |
| - name: Run the build script in package.json scripts | |
| run: pnpm run --if-present build | |
| - name: Run the test script in package.json scripts | |
| run: pnpm run --if-present test | |
| - name: Upload coverage-report artifact | |
| uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 | |
| with: | |
| name: coverage-report | |
| path: "**/coverage/" | |
| retention-days: 1 | |
| - name: Publish to Chromatic | |
| uses: chromaui/action@4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694 # v13.3.4 | |
| if: | | |
| github.event.pull_request.draft == false && | |
| github.actor != 'dependabot[bot]' | |
| with: | |
| autoAcceptChanges: main | |
| projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} | |
| storybookBaseDir: packages/storybook/ | |
| storybookBuildDir: packages/storybook/dist/ | |
| storybookConfigDir: packages/storybook/config/ | |
| onlyChanged: true | |
| externals: | | |
| proprietary/**/tokens.json | |
| proprietary/**/*.tokens.json | |
| - name: Upload the Storybook artifact from the build step | |
| uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0 | |
| with: | |
| path: packages/storybook/dist/ | |
| publish-storybook: | |
| runs-on: ubuntu-latest | |
| needs: continuous-integration | |
| if: github.ref == 'refs/heads/main' | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deploy-pages.outputs.page_url }} | |
| permissions: | |
| pages: write | |
| id-token: write | |
| steps: | |
| - name: Deploy to GitHub Pages | |
| id: deploy-pages | |
| uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 | |
| publish-npm: | |
| runs-on: ubuntu-latest | |
| needs: continuous-integration | |
| if: github.ref == 'refs/heads/main' | |
| environment: publish | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Download code from GitHub | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| token: ${{ secrets.GH_TOKEN }} | |
| - name: Install pnpm package manager | |
| uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 | |
| - name: Set up Node.js version | |
| uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 | |
| with: | |
| node-version-file: .nvmrc | |
| - name: Check for known security issues with npm packages | |
| run: | | |
| echo "Auditing npm dependencies before installing them. For more information, see: https://nldesignsystem.nl/pnpm-audit" | |
| pnpm audit --audit-level critical | |
| - name: Install dependencies specified in package.json | |
| run: pnpm install --frozen-lockfile | |
| - name: Run the build script in package.json | |
| run: pnpm run --if-present build | |
| - name: Check the release | |
| run: pnpm run lint-release | |
| - name: Publish to GitHub repository | |
| uses: changesets/action@e0145edc7d9d8679003495b11f87bd8ef63c0cba # v1.5.3 | |
| id: changeset | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} | |
| GIT_AUTHOR_NAME: "NL Design System" | |
| GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} | |
| GIT_COMMITTER_NAME: "NL Design System" | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| with: | |
| commit: "docs(release): design system packages" | |
| setupGitUser: false | |
| title: "docs(release): design system packages" | |
| publish: "pnpm run publish" |