sync with cordis boilerplate

satorijs · May 14, 2024 · d481e88 · d481e88
1 parent 1bb61dc
commit d481e88
Show file tree

Hide file tree

Showing 14 changed files with 392 additions and 449 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,4 +1,4 @@
-name: Build
+name: build
 
 on:
   release:
@@ -8,6 +8,9 @@ on:
 
 jobs:
   build:
+    permissions:
+      contents: write
+
     strategy:
       fail-fast: false
       matrix:
@@ -44,8 +47,6 @@ jobs:
 
       - name: Check out
         uses: actions/checkout@v4
-        with:
-          ref: develop
 
       - name: Set up Node
         if: ${{ !matrix.target.emulate }}
@@ -66,8 +67,7 @@ jobs:
         run: bash .github/workflows/prepare.sh
 
       - name: Install dependencies
-        run: |
-          yarn --no-immutable
+        run: yarn --no-immutable
 
       - name: Pack file
         run: bash .github/workflows/pack.sh
@@ -78,17 +78,4 @@ jobs:
           bash .github/workflows/upload.sh
           '${{ matrix.target.platform }}-${{ steps.vars.outputs.ARCH }}-node${{ steps.vars.outputs.NODE_VERSION }}'
         env:
-          GITHUB_TOKEN: ${{ secrets.WORKFLOW_TOKEN }}
-
-  docker:
-    runs-on: ubuntu-latest
-    needs: build
-    steps:
-      - name: Check out
-        uses: actions/checkout@v4
-      - name: Trigger docker build
-        env:
-          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-          GITHUB_TOKEN: ${{ secrets.WORKFLOW_TOKEN }}
-        if: ${{ env.DOCKER_USERNAME != null }}
-        run: gh workflow run Docker
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/clean.yml b/.github/workflows/clean.yml
@@ -1,4 +1,4 @@
-name: Clean
+name: clean
 
 on:
   release:
@@ -7,6 +7,9 @@ on:
 
 jobs:
   clean:
+    permissions:
+      contents: write
+
     runs-on: ubuntu-latest
 
     steps:

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
diff --git a/.github/workflows/npm.sh b/.github/workflows/npm.sh
@@ -0,0 +1,38 @@
+mkdir -p $RUNNER_TEMP/dist
+cp -a * $RUNNER_TEMP/dist
+cp -a .github $RUNNER_TEMP/dist
+cp -a .vscode $RUNNER_TEMP/dist
+cp .* $RUNNER_TEMP/dist
+
+cd .yarn
+mkdir $RUNNER_TEMP/dist/.yarn
+cp -a patches $RUNNER_TEMP/dist/.yarn
+cp -a plugins $RUNNER_TEMP/dist/.yarn
+cp -a releases $RUNNER_TEMP/dist/.yarn
+cp -a sdks $RUNNER_TEMP/dist/.yarn
+cp -a versions $RUNNER_TEMP/dist/.yarn
+
+mv $RUNNER_TEMP/dist dist
+cd dist
+
+rm -rf node_modules
+
+# do not ignore lockfiles
+sed -i .gitignore \
+-e '/yarn.lock/d'
+
+# if $GITHUB_REF is in the form of refs/tags/v* then it's a release
+if [[ $GITHUB_REF == refs/tags/v* ]]; then
+  cat package.json | jq ".private=false" > package.json.tmp
+  mv -f package.json.tmp package.json
+  cd ..
+  tar -czf dist.tgz dist
+  npm publish dist.tgz --access public
+else
+  VERSION=$(cat package.json | grep '"version":' | cut -d '"' -f 4)
+  cat package.json | jq ".version=\"$VERSION-$GITHUB_SHA\" | .private=false" > package.json.tmp
+  mv -f package.json.tmp package.json
+  cd ..
+  tar -czf dist.tgz dist
+  npm publish dist.tgz --access public --tag nightly
+fi
diff --git a/.github/workflows/npm.yml b/.github/workflows/npm.yml
@@ -0,0 +1,36 @@
+name: npm
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - v*
+  release:
+    types:
+      - created
+  workflow_dispatch:
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          registry-url: https://registry.npmjs.org/
+
+      - name: Install dependencies
+        run: yarn --no-immutable
+
+      - name: Publish
+        if: ${{ env.NODE_AUTH_TOKEN }}
+        run: bash .github/workflows/npm.sh
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          GITHUB_REF: ${{ github.ref }}
+          GITHUB_SHA: ${{ github.sha }}
diff --git a/.github/workflows/prepare.cjs b/.github/workflows/prepare.cjs
@@ -1,7 +1,6 @@
 const { readFileSync, writeFileSync } = require('fs')
 
 const source = JSON.parse(readFileSync('package.json', 'utf8'))
-Object.assign(source.dependencies, source.optionalDependencies)
 
 source.scripts = {
   start: source.scripts.start,
@@ -10,6 +9,5 @@ source.scripts = {
 delete source.yakumo
 delete source.workspaces
 delete source.devDependencies
-delete source.optionalDependencies
 
 writeFileSync('package.json', JSON.stringify(source, null, 2))
diff --git a/.github/workflows/publish.sh b/.github/workflows/publish.sh
diff --git a/.github/workflows/sync.sh b/.github/workflows/sync.sh
diff --git a/.github/workflows/sync.yml b/.github/workflows/sync.yml
diff --git a/.github/workflows/tag.sh b/.github/workflows/tag.sh
@@ -1,9 +1,5 @@
 TAG=v$(cat package.json | grep '"version":' | cut -d '"' -f 4)
 
-if [ $TAG == 'v0.0.0' ]; then
-  exit 0
-fi
-
 REG=^$(echo $TAG | sed 's/\./\\./g')$
 
 if [ -z "$(git tag -l | grep $REG)" ]; then

diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml
@@ -1,12 +1,15 @@
-name: Tag
+name: tag
 
 on:
   push:
     branches:
-      - develop
+      - main
 
 jobs:
   release:
+    permissions:
+      contents: write
+
     runs-on: ubuntu-latest
 
     steps:
@@ -25,7 +28,7 @@ jobs:
           curl
           -X POST
           -H "Accept: application/vnd.github.v3+json"
-          -H "Authorization: token ${{ secrets.WORKFLOW_TOKEN }}"
+          -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}"
           https://api.github.com/repos/${{ github.repository }}/releases
           -d '{
             "name": "${{ steps.version.outputs.tag }}",