Bug fix 4 #785
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: | |
branches: [main] | |
types: [opened, synchronize, reopened] | |
pull_request_target: | |
types: [closed] | |
jobs: | |
setup: | |
runs-on: ubuntu-latest | |
outputs: | |
package-lock-hash: ${{ runner.os }}-repo-${{ steps.hash.outputs.hash }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: "22" | |
- name: Install dependencies | |
run: npm ci | |
- name: Calculate package-lock.json hash | |
id: hash | |
run: echo "hash=$(sha256sum package-lock.json | awk '{ print $1 }')" >> "$GITHUB_OUTPUT" | |
- name: Cache repository | |
uses: actions/cache@v4 | |
with: | |
path: . | |
key: ${{ runner.os }}-repo-${{ steps.hash.outputs.hash }} | |
package: | |
runs-on: ubuntu-latest | |
needs: setup | |
steps: | |
- name: Restore repository cache | |
uses: actions/cache@v4 | |
with: | |
path: . | |
key: ${{ needs.setup.outputs.package-lock-hash }} | |
fail-on-cache-miss: true | |
- name: Install vsce | |
run: npm install -g vsce | |
- name: Get latest tag | |
run: | | |
LATEST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "0.0.0") | |
echo "LATEST_TAG=$LATEST_TAG" >> $GITHUB_ENV | |
shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0} | |
- name: Get latest commit | |
run: | | |
LAT_COMMIT=${{ github.event.pull_request.head.sha }} | |
echo "LAT_COMMIT=$LAT_COMMIT" >> $GITHUB_ENV | |
- name: Update version in package.json | |
run: | | |
jq ".version = \"$LATEST_TAG+$LAT_COMMIT-review\"" package.json > package.tmp.json | |
mv package.tmp.json package.json | |
shell: bash | |
- name: Verify updated package.json | |
run: cat package.json | |
- name: Package VS Code Extension | |
run: vsce package | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} | |
SENTRY_URL: ${{ secrets.SENTRY_URL }} | |
- name: Upload VSIX artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: vsce-package | |
path: "*.vsix" | |
retention-days: 10 | |
- name: Install Sentry CLI | |
run: npm install -g @sentry/cli | |
- name: Create Sentry release | |
uses: getsentry/action-release@v1 | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} | |
SENTRY_URL: ${{ secrets.SENTRY_URL }} | |
with: | |
environment: review | |
version: vs-code-extension@${{ env.LATEST_TAG }}+${{ env.LAT_COMMIT }}-review | |
test: | |
runs-on: ubuntu-latest | |
needs: setup | |
env: | |
NODE_ENV: test | |
steps: | |
- name: Restore repository cache | |
uses: actions/cache@v4 | |
with: | |
path: . | |
key: ${{ needs.setup.outputs.package-lock-hash }} | |
fail-on-cache-miss: true | |
- name: Install system dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y libasound2 libgbm1 libgtk-3-0 libnss3 xvfb | |
- name: Run tests | |
run: xvfb-run -a npm run test | |
- name: Upload coverage | |
uses: actions/upload-artifact@v4 | |
with: | |
name: coverage | |
path: coverage/ | |
retention-days: 10 | |
if-no-files-found: warn | |
compression-level: 6 | |
overwrite: false | |
include-hidden-files: false | |
cleanup: | |
runs-on: ubuntu-latest | |
needs: [setup, package] | |
if: always() | |
steps: | |
- name: Cleanup | |
run: npm cache clean --force | |
- name: Delete GitHub Actions cache | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
CACHE_KEY="${{ needs.setup.outputs.package-lock-hash }}" | |
if [ -n "$CACHE_KEY" ]; then | |
curl -L \ | |
-X DELETE \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "Authorization: token $GH_TOKEN" \ | |
"https://api.github.com/repos/${{ github.repository }}/actions/caches?key=$CACHE_KEY" | |
echo "Cache deleted successfully" | |
else | |
echo "No matching cache found" | |
fi | |
delete-branch: | |
if: github.event.pull_request.merged == true | |
runs-on: ubuntu-latest | |
steps: | |
- name: Delete branch | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
BRANCH_REF=${{ github.event.pull_request.head.ref }} | |
REPO=${{ github.repository }} | |
if [ "$BRANCH_REF" != "main" ]; then | |
curl -X DELETE -H "Authorization: token $GH_TOKEN" \ | |
"https://api.github.com/repos/$REPO/git/refs/heads/$BRANCH_REF" | |
echo "Branch '$BRANCH_REF' deleted successfully" | |
else | |
echo "Main branch not deleted" | |
fi | |
vulnerabilities-scan: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: debricked/actions@v4 | |
env: | |
DEBRICKED_TOKEN: ${{ secrets.DEBRICKED_TOKEN }} |