diff options
Diffstat (limited to '.github/workflows')
| -rw-r--r-- | .github/workflows/autobot.yaml | 28 | ||||
| -rw-r--r-- | .github/workflows/ci.yaml | 70 | ||||
| -rw-r--r-- | .github/workflows/codeql.yaml | 10 | ||||
| -rw-r--r-- | .github/workflows/eslint.yaml | 42 | ||||
| -rw-r--r-- | .github/workflows/update-flake.yaml | 4 |
5 files changed, 52 insertions, 102 deletions
diff --git a/.github/workflows/autobot.yaml b/.github/workflows/autobot.yaml deleted file mode 100644 index 4e74d0a..0000000 --- a/.github/workflows/autobot.yaml +++ /dev/null @@ -1,28 +0,0 @@ -name: Auto-merge Dependabot - -on: pull_request - -jobs: - automerge: - name: Check and merge PR - if: github.actor == 'dependabot[bot]' - - runs-on: ubuntu-latest - - permissions: - contents: write - pull-requests: write - - steps: - - name: Fetch metadata - uses: dependabot/fetch-metadata@v2 - id: metadata - with: - github-token: ${{ github.token }} - - - name: Enable auto-merge - if: steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' - run: gh pr merge --auto --squash "$PR" - env: - GH_TOKEN: ${{ github.token }} - PR: ${{ github.event.pull_request.html_url }} diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index b77ed84..b1b0b78 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,12 +1,28 @@ name: CI on: + push: + branches: [main] + paths: + - "**.ts" + - "**.lock" + - "**.nix" + - "deno.json" + + - ".github/wokrflows/ci.yaml" pull_request: + paths: + - "**.ts" + - "**.lock" + - "**.nix" + - "deno.json" + + - ".github/wokrflows/ci.yaml" workflow_dispatch: jobs: - build: - name: Build + lint-and-format: + name: Lint & Format runs-on: ubuntu-latest @@ -15,39 +31,35 @@ jobs: uses: actions/checkout@v4 - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v13 + uses: DeterminateSystems/nix-installer-action@v14 - - name: Install Dependencies - run: nix develop .#ci --command pnpm install --frozen-lockfile + - name: Run deno lint + run: nix develop .#ci --command deno lint - - name: Run build - run: nix develop .#ci --command nrr build + - name: Run treefmt + run: nix fmt -- --ci - treefmt: - name: Treefmt + deploy: + name: Deploy + needs: lint-and-format runs-on: ubuntu-latest + permissions: + id-token: write + steps: - - name: Checkout repository + - name: Clone repository uses: actions/checkout@v4 - - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v13 - - - name: Run checks - run: | - nix develop .#ci --command treefmt --fail-on-change - - release-gate: - name: CI Release gate - needs: [build, treefmt] - - if: always() - - runs-on: ubuntu-latest - - steps: - - name: Exit with error - if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') - run: exit 1 + - name: Upload to Deno Deploy + uses: denoland/deployctl@v1 + with: + project: teawie-api + entrypoint: main.ts + include: | + main.ts + lib + + deno.json + deno.lock diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 9d82771..017332c 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -1,12 +1,20 @@ name: CodeQL on: + push: + branches: [main] + paths: + - "**.ts" + - ".github/workflows/codeql.yaml" pull_request: + paths: + - "**.ts" + - ".github/workflows/codeql.yaml" workflow_dispatch: jobs: codeql: - name: Run CodeQL scan + name: Run scan runs-on: ubuntu-latest diff --git a/.github/workflows/eslint.yaml b/.github/workflows/eslint.yaml deleted file mode 100644 index 0a6f7ce..0000000 --- a/.github/workflows/eslint.yaml +++ /dev/null @@ -1,42 +0,0 @@ -name: ESLint - -on: - push: - branches: [main] - paths: - - "**.ts" - - "package.json" - - "pnpm-lock.yaml" - - "tsconfig.json" - pull_request: - -jobs: - eslint: - name: Run scan - - runs-on: ubuntu-latest - - permissions: - security-events: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v13 - - - name: Install Dependencies - run: nix develop .#ci --command pnpm install --frozen-lockfile - - - name: Run ESLint - continue-on-error: true - run: | - nix develop .#ci --command \ - nrr lint --format @microsoft/eslint-formatter-sarif --output-file /tmp/results.sarif - - - name: Upload Results - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: /tmp/results.sarif - wait-for-processing: true diff --git a/.github/workflows/update-flake.yaml b/.github/workflows/update-flake.yaml index bfebbc7..32206de 100644 --- a/.github/workflows/update-flake.yaml +++ b/.github/workflows/update-flake.yaml @@ -21,10 +21,10 @@ jobs: uses: actions/checkout@v4 - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v13 + uses: DeterminateSystems/nix-installer-action@v14 - name: Update flake.lock & make PR - uses: DeterminateSystems/update-flake-lock@v23 + uses: DeterminateSystems/update-flake-lock@v24 with: commit-msg: "nix: update flake.lock" pr-title: "nix: update flake.lock" |