Update release workflow to use latest version with OIDC #14
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Validate Pull Request | |
| on: | |
| pull_request: | |
| branches: | |
| - '**' | |
| concurrency: | |
| group: pr-validation-${{ github.event.pull_request.number }} | |
| cancel-in-progress: true | |
| jobs: | |
| validate: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 | |
| with: | |
| node-version: '20.x' | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Run tests | |
| id: tests | |
| run: npm test | |
| continue-on-error: true | |
| - name: Build if build script exists | |
| run: | | |
| if jq -e '.scripts.build' package.json > /dev/null; then | |
| echo "Build script found, running build..." | |
| npm run build | |
| else | |
| echo "No build script found, skipping build step" | |
| fi | |
| - name: Create and validate tarball | |
| id: tarball | |
| continue-on-error: true | |
| run: | | |
| echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" | |
| echo "Creating tarball..." | |
| npm pack | |
| TARBALL=$(ls *.tgz) | |
| echo "✓ Created: $TARBALL" | |
| echo "" | |
| echo "Testing tarball installation..." | |
| TEST_DIR=$(mktemp -d) | |
| cd "$TEST_DIR" | |
| npm install "$OLDPWD/$TARBALL" --verbose | |
| echo "" | |
| echo "Verifying installation..." | |
| if [ ! -d "node_modules/get-shit-done-multi" ]; then | |
| echo "❌ Installation failed - package not found in node_modules" | |
| exit 1 | |
| fi | |
| echo "✓ Tarball installs successfully" | |
| echo "" | |
| cd "$OLDPWD" | |
| rm -rf "$TEST_DIR" | |
| rm -f "$TARBALL" | |
| echo "✓ Cleanup complete" | |
| - name: Comment on PR - Success | |
| if: success() | |
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 | |
| with: | |
| script: | | |
| const runUrl = `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`; | |
| const timestamp = new Date().toISOString(); | |
| // 1. Retrieve existing bot comments for the PR | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| }); | |
| const botComment = comments.find(comment => { | |
| return comment.user.type === 'Bot' && comment.body.includes('PR Validation Results') | |
| }); | |
| // 2. Prepare format of the comment | |
| const output = `## ✅ Validation Passed | |
| **All checks completed successfully:** | |
| - ✓ Tests passed | |
| - ✓ Tarball created and validated | |
| - ✓ Installation verified | |
| This PR is ready for review. | |
| <details> | |
| <summary>View details</summary> | |
| [Workflow run details](${runUrl}) | |
| </details> | |
| --- | |
| *Last updated: ${timestamp}* | |
| <!-- PR Validation Results -->`; | |
| // 3. If we have a comment, update it, otherwise create a new one | |
| if (botComment) { | |
| await github.rest.issues.updateComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: botComment.id, | |
| body: output | |
| }); | |
| } else { | |
| await github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: output | |
| }); | |
| } | |
| - name: Comment on PR - Failure | |
| if: failure() | |
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 | |
| with: | |
| script: | | |
| const runUrl = `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`; | |
| const timestamp = new Date().toISOString(); | |
| let failureDetails = ''; | |
| if ('${{ steps.tests.outcome }}' === 'failure') { | |
| failureDetails += '- ❌ Tests failed\n'; | |
| } | |
| if ('${{ steps.tarball.outcome }}' === 'failure') { | |
| failureDetails += '- ❌ Tarball creation/validation failed\n'; | |
| } | |
| // 1. Retrieve existing bot comments for the PR | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| }); | |
| const botComment = comments.find(comment => { | |
| return comment.user.type === 'Bot' && comment.body.includes('PR Validation Results') | |
| }); | |
| // 2. Prepare format of the comment | |
| const output = `## ❌ Validation Failed | |
| **The following checks failed:** | |
| ${failureDetails} | |
| Please review the errors and push fixes. | |
| <details> | |
| <summary>View full logs</summary> | |
| [Workflow run details](${runUrl}) | |
| </details> | |
| --- | |
| *Last updated: ${timestamp}* | |
| <!-- PR Validation Results -->`; | |
| // 3. If we have a comment, update it, otherwise create a new one | |
| if (botComment) { | |
| await github.rest.issues.updateComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: botComment.id, | |
| body: output | |
| }); | |
| } else { | |
| await github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: output | |
| }); | |
| } | |
| - name: Fail workflow if any step failed | |
| if: steps.tests.outcome == 'failure' || steps.tarball.outcome == 'failure' | |
| run: exit 1 | |
| - name: Validation summary | |
| if: success() | |
| run: | | |
| echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" | |
| echo "✅ Pull Request Validation Passed" | |
| echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" | |
| echo "" | |
| echo "✓ All tests passed" | |
| echo "✓ Tarball creation successful" | |
| echo "✓ Tarball installation verified" | |
| echo "" | |
| echo "This PR is ready for review." | |