Skip to content

at some point the pain will end #32

at some point the pain will end

at some point the pain will end #32

Workflow file for this run

name: Build
on:
push:
branches: [main]
pull_request:
branches: [main]
workflow_dispatch:
inputs:
version:
description: "Version bump type"
required: true
type: choice
options:
- patch
- minor
- major
default: "minor"
jobs:
test-matrix:
strategy:
fail-fast: false
matrix:
os: [windows-latest, macos-14]
node-version: [18, 20, 22, 23]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: "npm"
- name: Install dependencies
run: npm ci
- name: Compile native code
run: npm run prebuild
- name: Run tests
run: npm run tests
- name: Upload prebuilds
if: ${{ matrix.node-version == 18 && github.event_name == 'workflow_dispatch' }}
uses: actions/upload-artifact@v4
with:
name: prebuilds-${{ matrix.os }}
path: prebuilds/
test-ubuntu:
strategy:
fail-fast: false
matrix:
arch: [x64, arm64]
node-version: [18, 20, 22, 23]
runs-on: ubuntu-latest
steps:
- name: Setup QEMU
if: ${{ matrix.arch == 'arm64' }}
uses: docker/setup-qemu-action@v3
with:
platforms: linux/arm64
- run: sudo apt-get update && sudo apt-get install -y docker libglib2.0-dev libblkid-dev uuid-dev
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- uses: actions/checkout@v4
- run: npm ci
- run: npm run prebuild
- run: npm run tests
- name: Upload prebuilds
if: ${{ matrix.node-version == 18 && github.event_name == 'workflow_dispatch' }}
uses: actions/upload-artifact@v4
with:
name: prebuilds-linux-${{ matrix.arch }}-glibc
path: prebuilds/
test-alpine:
strategy:
fail-fast: false
matrix:
# my eyes can't discern arm64 from amd64
arch: [x64, arm64]
node-version: [18, 20, 22, 23]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: docker/setup-qemu-action@v3
if: ${{ matrix.arch == 'arm64' }}
with:
platforms: linux/arm64
- run: |
docker run --rm -v $(pwd):/tmp/project --entrypoint /bin/sh --platform linux/${{ matrix.arch == 'x64' && 'amd64' || 'arm64' }} node:${{ matrix.node-version }}-alpine -c "\
apk add build-base git python3 py3-setuptools util-linux-dev --update-cache && \
cd /tmp/project && \
npm ci && \
npm run prebuild && \
npm run tests"
- name: Upload prebuilds
if: ${{ matrix.node-version == 18 && github.event_name == 'workflow_dispatch' }}
uses: actions/upload-artifact@v4
with:
name: prebuilds-linux-${{ matrix.arch }}-musl
path: prebuilds/
publish:
if: ${{ github.event_name == 'workflow_dispatch' }}
runs-on: ubuntu-latest
needs: [test-matrix, test-ubuntu, test-alpine]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 18
- name: Install dependencies
run: npm ci
- name: Download all artifacts
uses: actions/download-artifact@v4
with:
path: ./prebuilds
merge-multiple: true # < because prebuilds/linux-x64/ will contain both a glibc and musl build
- name: List ./prebuilds/
run: ls -laR ./prebuilds
- name: Set up GPG
run: |
# Import key more securely
echo "$GPG_PRIVATE_KEY" | gpg --batch --import 2>/dev/null
# Configure gpg more securely
cat > ~/.gnupg/gpg.conf << EOF
default-key ${{ secrets.GPG_KEY_ID }}
pinentry-mode loopback
use-agent
EOF
# Reload agent
gpg-connect-agent RELOADAGENT /bye
# Add key using configuration file instead of CLI args
echo "$GPG_PASSPHRASE" | gpg --batch --passphrase-fd 0 --quick-add-key ${{ secrets.GPG_KEY_ID }}
- name: Configure Git to use GPG
run: |
git config --global user.signingkey ${{ secrets.GPG_KEY_ID }}
git config --global commit.gpgSign true
git config --global gpg.program gpg
- name: Configure git for publishing
run: |
git config user.name "${GITHUB_ACTOR}"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
- name: Configure npm for publishing
run: echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc
- name: Publish to npm
run: npm run release -- --ci ${{ github.event.inputs.version }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Cleanup GPG keys
if: always()
run: |
gpg --batch --yes --delete-secret-keys ${{ secrets.GPG_KEY_ID }}
gpg --batch --yes --delete-keys ${{ secrets.GPG_KEY_ID }}
rm -rf ~/.gnupg/
- name: Remove npm token
if: always()
run: rm -f ~/.npmrc