Javascript Wrapper Release #246
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Javascript Wrapper Release | |
| on: | |
| workflow_call: | |
| inputs: | |
| cliTag: | |
| description: 'CLI tag name' | |
| required: false | |
| type: string | |
| default: 2.0.0-nightly | |
| jsTag: | |
| description: 'JS Wrapper tag name' | |
| required: false | |
| type: string | |
| default: nightly | |
| dev: | |
| description: 'Is dev build' | |
| required: false | |
| default: true | |
| type: boolean | |
| workflow_dispatch: | |
| inputs: | |
| cliTag: | |
| description: 'CLI tag name (ignored if not dev build)' | |
| required: false | |
| jsTag: | |
| description: 'Tag name (ignored if not dev build)' | |
| required: false | |
| type: string | |
| default: rc | |
| dev: | |
| description: 'Is dev build' | |
| required: false | |
| default: true | |
| type: boolean | |
| permissions: | |
| id-token: write | |
| contents: write | |
| packages: write | |
| jobs: | |
| delete: | |
| uses: CheckmarxDev/ast-cli-javascript-wrapper/.github/workflows/delete-packages-and-releases.yml@main | |
| with: | |
| tag: ${{ inputs.jsTag }} | |
| secrets: inherit | |
| if: inputs.dev == true | |
| release: | |
| runs-on: ubuntu-latest | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.OR_GITHUB_TOKEN }} | |
| BRANCH_NAME: npm-version-patch | |
| outputs: | |
| TAG_NAME: ${{ steps.set_tag_name.outputs.TAG_NAME }} | |
| CLI_VERSION: ${{ steps.extract_cli_version.outputs.CLI_VERSION }} | |
| steps: | |
| # CHECKOUT PROJECT | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| lfs: true # Ensure LFS files are checked out | |
| # GIT CONFIGURATION | |
| - run: | | |
| git config user.name github-actions | |
| git config user.email [email protected] | |
| # SETUP NODE | |
| - uses: actions/[email protected] | |
| with: | |
| node-version: 22.11.0 | |
| registry-url: https://npm.pkg.github.com/ | |
| # GET TAG NAME | |
| - name: Generate Tag name | |
| id: set_tag_name | |
| run: | | |
| if [ ${{ inputs.dev }} == true ]; then | |
| TAG_NAME=$(npm version prerelease --preid=${{ inputs.jsTag }} --no-git-tag-version --allow-same-version) | |
| else | |
| TAG_NAME=$(npm version patch --no-git-tag-version) | |
| fi | |
| echo "TAG_NAME=$TAG_NAME" >> $GITHUB_ENV | |
| echo "::set-output name=TAG_NAME::$TAG_NAME" | |
| # DOWNLOAD CLI IF IT IS A DEV VERSION AND A CLI TAG WAS PROVIDED | |
| - name: Download cli with tag ${{ inputs.cliTag }} | |
| if: inputs.dev == true && inputs.cliTag != '' | |
| run: | | |
| # Update binaries | |
| chmod +x ./.github/scripts/update_cli.sh | |
| ./.github/scripts/update_cli.sh ${{ inputs.cliTag }} | |
| - name: Extract CLI version | |
| id: extract_cli_version | |
| run: | | |
| CLI_VERSION=$(./src/main/wrapper/resources/cx-linux version | grep -Eo '^[0-9]+\.[0-9]+\.[0-9]+') | |
| echo "CLI version being packed is $CLI_VERSION" | |
| echo "CLI_VERSION=$CLI_VERSION" >> $GITHUB_ENV | |
| echo "::set-output name=CLI_VERSION::$CLI_VERSION" | |
| # RUN NPM INSTALL AND BUILD | |
| - name: NPM ci and build | |
| run: | | |
| npm ci | |
| npm run build | |
| # CREATE PR FOR VERSION | |
| - name: Create Pull Request | |
| id: create_pr | |
| if: inputs.dev == false | |
| uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c #v6.1.0 | |
| with: | |
| token: ${{ env.GITHUB_TOKEN }} | |
| branch: ${{ env.BRANCH_NAME }} | |
| title: "Update Version - Automated Changes" | |
| body: "This is an automated PR created by GitHub Actions" | |
| base: main | |
| draft: false | |
| # WAIT FOR PR CREATION | |
| - name: Wait for PR to be created | |
| id: pr | |
| if: inputs.dev == false | |
| uses: octokit/request-action@872c5c97b3c85c23516a572f02b31401ef82415d #v2.3.1 | |
| with: | |
| route: GET /repos/${{ github.repository }}/pulls?head=${{ github.repository_owner }}:${{ env.BRANCH_NAME }} | |
| # MERGE PR TO MAIN | |
| - name: Merge Pull Request | |
| if: inputs.dev == false | |
| uses: octokit/request-action@872c5c97b3c85c23516a572f02b31401ef82415d #v2.3.1 | |
| with: | |
| route: PUT /repos/${{ github.repository }}/pulls/${{ steps.create_pr.outputs.pull-request-number }}/merge | |
| merge_method: squash | |
| # PUSH TAGS IF IT IS A RELEASE | |
| - name: Push tag | |
| if: inputs.dev == false | |
| run: | | |
| git pull | |
| git tag ${{env.TAG_NAME}} | |
| git push --tags | |
| # PUBLISH NPM PACKAGE | |
| - name: Publish npm package | |
| run: | | |
| if [ ${{ inputs.dev }} == true ]; then | |
| npm publish --tag=${{ inputs.jsTag }} | |
| else | |
| npm publish --access public | |
| fi | |
| env: | |
| NODE_AUTH_TOKEN: ${{secrets.PERSONAL_ACCESS_TOKEN}} | |
| # CREATE RELEASE | |
| - name: Create Release | |
| uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 #v2 | |
| with: | |
| name: ${{env.TAG_NAME}} | |
| tag_name: ${{env.TAG_NAME}} | |
| generate_release_notes: true | |
| prerelease: ${{ inputs.dev }} | |
| notify: | |
| if: inputs.dev == false | |
| needs: release | |
| uses: Checkmarx/plugins-release-workflow/.github/workflows/release-notify.yml@main | |
| with: | |
| product_name: Javascript Wrapper | |
| release_version: ${{ needs.release.outputs.TAG_NAME }} | |
| cli_release_version: ${{ needs.release.outputs.CLI_VERSION }} | |
| release_author: "Phoenix Team" | |
| release_url: https://github.com/CheckmarxDev/ast-cli-javascript-wrapper/releases/tag/${{ needs.release.outputs.TAG_NAME }} | |
| jira_product_name: JAVASCRIPT_WRAPPER | |
| secrets: inherit | |
| dispatch_auto_release: | |
| name: Update VS Code Extension With new Wrapper Version | |
| if: inputs.dev == false | |
| needs: notify | |
| uses: Checkmarx/plugins-release-workflow/.github/workflows/dispatch-workflow.yml@main | |
| with: | |
| cli_version: ${{ needs.release.outputs.CLI_VERSION }} | |
| is_cli_release: false | |
| is_js_release: true | |
| secrets: inherit |