build(deps): bump github/codeql-action from 3.30.3 to 3.30.6 #2807
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "release" | |
| on: | |
| workflow_call: | |
| inputs: | |
| dry-run-flag: | |
| description: 'enable dry-run on artifact push' | |
| required: false | |
| type: boolean | |
| default: true | |
| pull_request: | |
| types: [closed] | |
| branches: | |
| - develop | |
| - master | |
| - develop-patch* | |
| - master-patch* | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: false | |
| env: | |
| BASE_REF: ${{ github.base_ref }} | |
| HEAD_REF: ${{ github.head_ref }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| GITHUB_BRANCH: ${{ github.ref_name }} | |
| GH_BUILD_DIR: ${{ github.workspace }} | |
| GH_COMMIT: ${{ github.sha }} | |
| BUILD_ID: ${{ github.run_id }} | |
| GH_RUN_NUMBER: ${{ github.run_attempt }} | |
| GH_BUILD_NUMBER: ${{ github.run_id }} | |
| JOB_ID: ${{ github.run_id }} | |
| E2E_ADMIN_EMAIL_IDENTITY: ${{ secrets.E2E_ADMIN_EMAIL_IDENTITY }} | |
| E2E_ADMIN_PASSWORD_IDENTITY: ${{ secrets.E2E_ADMIN_PASSWORD_IDENTITY }} | |
| LOG_LEVEL: "ERROR" | |
| S3_BUILD_BUCKET_SHORT_NAME: ${{ secrets.S3_BUILD_BUCKET_SHORT_NAME }} | |
| NODE_OPTIONS: "--max-old-space-size=5120" | |
| DOCKER_REPOSITORY_DOMAIN: ${{ secrets.DOCKER_REPOSITORY_DOMAIN }} | |
| DOCKER_REPOSITORY_USER: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_REPOSITORY_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} | |
| REPO_OWNER: "Alfresco" | |
| REPO_NAME: "alfresco-ng2-components" | |
| BUILT_LIBS_DIR: "./dist/libs" | |
| NODE_MODULES_DIR: "./node_modules" | |
| REDIRECT_URI: / | |
| jobs: | |
| setup: | |
| timeout-minutes: 20 | |
| if: github.event.pull_request.merged == true || github.ref_name == 'master' || github.ref_name == 'master-patch-*' | |
| name: "Setup" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/setup | |
| with: | |
| enable-cache: false | |
| enable-node-modules-cache: false | |
| - name: install | |
| run: | | |
| npm ci | |
| npm run bundle:js-api | |
| npm run bundle:cli | |
| - uses: ./.github/actions/upload-node-modules-and-artifacts | |
| release-npm: | |
| needs: [setup] | |
| outputs: | |
| release_version: ${{ steps.set-version.outputs.release_version }} | |
| timeout-minutes: 30 | |
| if: github.event.pull_request.merged == true || github.ref_name == 'master' || github.ref_name == 'master-patch-*' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/setup | |
| with: | |
| enable-cache: false | |
| enable-node-modules-cache: false | |
| - id: set-dryrun | |
| uses: ./.github/actions/enable-dryrun | |
| with: | |
| dry-run-flag: ${{ inputs.dry-run-flag }} | |
| - uses: ./.github/actions/download-node-modules-and-artifacts | |
| - name: Set libraries versions | |
| id: set-version | |
| run: | | |
| set -u; | |
| ./scripts/github/build/bumpversion.sh | |
| - name: Set migrations | |
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 | |
| with: | |
| script: | | |
| const setMigrations = require('./scripts/github/release/set-migrations.js'); | |
| setMigrations(); | |
| - name: build libraries | |
| run: | | |
| npm run build:libs | |
| npm run build:schematics | |
| - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 | |
| name: release libraries GH registry | |
| with: | |
| node-version-file: '.nvmrc' | |
| registry-url: 'https://npm.pkg.github.com' | |
| scope: '@alfresco' | |
| - run: npm run publish -- --tag=$TAG_NPM || exit 1 | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.PAT_WRITE_PKG }} | |
| - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 | |
| name: release libraries Npm registry | |
| with: | |
| node-version-file: '.nvmrc' | |
| registry-url: 'https://${{ vars.NPM_REGISTRY_ADDRESS }}' | |
| scope: '@alfresco' | |
| - run: npm run publish -- --tag=$TAG_NPM || exit 1 | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_REGISTRY_TOKEN }} | |
| create-git-tag: | |
| runs-on: ubuntu-latest | |
| needs: [setup, release-npm] | |
| name: Create github tag | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 1 | |
| - uses: './.github/actions/create-git-tag' | |
| with: | |
| tagName: ${{ needs.release-npm.outputs.release_version }} | |
| propagate: | |
| needs: [release-npm] | |
| if: ${{ contains(toJson(github.event.pull_request.labels.*.name), 'hxp-upstream') }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - name: HxP upstream invoke | |
| uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7 # v4.0.0 | |
| with: | |
| repo: Alfresco/hxp-frontend-apps | |
| ref: develop | |
| workflow: upstream-adf.yml | |
| token: ${{ secrets.ALFRESCO_BUILD_GH_TOKEN }} | |
| wait-for-completion: false | |
| inputs: > | |
| { | |
| "tag_version": "alpha" | |
| } | |
| npm-check-bundle: | |
| needs: [release-npm] | |
| timeout-minutes: 15 | |
| if: github.event.pull_request.merged == true || github.ref_name == 'master' || github.ref_name == 'master-patch-*' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - uses: ./.github/actions/npm-check-bundle | |
| push-translation-keys-to-crowdin: | |
| name: Push translations keys to Crowdin | |
| if: ${{ github.ref == 'refs/heads/develop' }} | |
| runs-on: ubuntu-latest | |
| needs: [setup] | |
| permissions: | |
| contents: read | |
| packages: read | |
| actions: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - name: Push Source Files to Crowdin | |
| uses: crowdin/github-action@0749939f635900a2521aa6aac7a3766642b2dc71 # v2.11.0 | |
| with: | |
| upload_sources: true | |
| upload_sources_args: --delete-obsolete | |
| env: | |
| CROWDIN_TOKEN: ${{ secrets.CROWDIN_TRANSLATIONS_TOKEN }} | |
| finalize: | |
| if: always() | |
| runs-on: ubuntu-latest | |
| name: Final Results | |
| needs: [release-npm, npm-check-bundle] | |
| steps: | |
| - name: Check job execution status | |
| if: >- | |
| ${{ | |
| contains(needs.*.result, 'failure') | |
| || contains(needs.*.result, 'cancelled') | |
| }} | |
| run: exit 1 |