Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#68: proper ci cd for npm package publishing #2

Merged
merged 9 commits into from
Feb 19, 2024
Merged
156 changes: 156 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,156 @@
###
# @format
# -----
# Project: zenstack-monorepo
# File: dependabot.yml
# Path: \.github\dependabot.yml
# Created Date: Monday, February 19th 2024
# Author: Jonathan Stevens, jonathan@resnovas.com
# Github: https://github.com/TGTGamer
# -----
# Contributing: Please read through our contributing guidelines.
# Included are directions for opening issues, coding standards,
# and notes on development. These can be found at
# https://github.com/zenstack-monorepo/blob/develop/CONTRIBUTING.md
# -----
# Code of Conduct: This project abides by the Contributor Covenant, v2.0
# Please interact in ways that contribute to an open, welcoming, diverse,
# inclusive, and healthy community. Our Code of Conduct can be found at
# https://github.com/zenstack-monorepo/blob/develop/CODE_OF_CONDUCT.md
# -----
# Copyright (c) 2024 ZenstackHQ - All Rights Reserved
# LICENSE: MIT License (MIT)
# -----
# This program has been provided under confidence of the copyright holder and
# is licensed for copying, distribution and modification under the terms
# of the MIT License (MIT) published as the License,
# or (at your option) any later version of this license.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# MIT License for more details.
# You should have received a copy of the MIT License
# along with this program. If not, please write to: jonathan@resnovas.com,
# or see https://opensource.org/licenses/MIT
# -----
# DELETING THIS NOTICE AUTOMATICALLY VOIDS YOUR LICENSE
###

version: 2
updates:
- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/ide/jetbrains"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/language"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/misc/redwood"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/plugins/openapi"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/plugins/swr"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/plugins/tanstack-query"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/plugins/trpc"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/runtime"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/sdk"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/server"

- package-ecosystem: "npm"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/packages/testtools"

- package-ecosystem: "github-actions"
schedule:
interval: "daily"
time: "02:00"
commit-message:
prefix: ":arrow_up: maint"
include: scope
directory: "/"
14 changes: 14 additions & 0 deletions .github/release/.release-manifest.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
".": "2.0.0-alpha.1",
"packages/ide/jetbrains": "2.0.0-alpha.1",
"packages/language": "2.0.0-alpha.1",
"packages/misc/redwood": "2.0.0-alpha.1",
"packages/plugins/openapi": "2.0.0-alpha.1",
"packages/plugins/swr": "2.0.0-alpha.1",
"packages/plugins/tanstack-query": "2.0.0-alpha.1",
"packages/plugins/trpc": "2.0.0-alpha.1",
"packages/runtime": "2.0.0-alpha.1",
"packages/sdk": "2.0.0-alpha.1",
"packages/server": "2.0.0-alpha.1",
"packages/testtools": "2.0.0-alpha.1"
}
60 changes: 60 additions & 0 deletions .github/release/release-main-config.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
{
"packages": {
".": {
"package-name": "zenstack-monorepo",
"component": "Monorepo"
},
"packages/ide/jetbrains": {
"package-name": "jetbrains",
"component": "JetBrains IDE"
},
"packages/language": {
"package-name": "@zenstackhq/language",
"component": "Language"
},
"packages/misc/redwood": {
"package-name": "@zenstackhq/redwood",
"component": "Redwood"
},
"packages/plugins/openapi": {
"package-name": "@zenstackhq/openapi",
"component": "OpenAPI Plugin"
},
"packages/plugins/swr": {
"package-name": "@zenstackhq/swr",
"component": "SWR Plugin"
},
"packages/plugins/tanstack-query": {
"package-name": "@zenstackhq/tanstack-query",
"component": "Tanstack Query Plugin"
},
"packages/plugins/trpc": {
"package-name": "@zenstackhq/trpc",
"component": "tRPC Plugin"
},
"packages/runtime": {
"package-name": "@zenstackhq/runtime",
"component": "Runtime"
},
"packages/sdk": {
"package-name": "@zenstackhq/sdk",
"component": "SDK"
},
"packages/server": {
"package-name": "@zenstackhq/server",
"component": "Server"
},
"packages/testtools": {
"package-name": "@zenstackhq/testtools",
"component": "Test Tools"
}
},
"pull-request-footer": "This PR was generated by [Release-Please](https://github.com/googleapis/release-please), and approved by the ZenStack Team.",
"bump-minor-pre-major": true,
"bump-patch-for-minor-pre-major": true,
"sequential-calls": true,
"separate-pull-requests": true,
"versioning": "default",
"release-type": "node",
"$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json"
}
18 changes: 16 additions & 2 deletions .github/workflows/build-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,22 @@ env:
DO_NOT_TRACK: '1'

on:
pull_request:
branches: ['dev', 'main', 'v2']
merge_group:
push:
branches:
- main
- develop
- release/*
- v2
pull_request:
branches:
- main
- develop
- release/*
- v2

permissions:
contents: read

jobs:
build-test:
Expand Down
114 changes: 114 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
###
# @format
# -----
# Project: zenstack-monorepo
# File: codeql.yml
# Path: \.github\workflows\codeql.yml
# Created Date: Monday, February 19th 2024
# Author: Jonathan Stevens, jonathan@resnovas.com
# Github: https://github.com/TGTGamer
# -----
# Contributing: Please read through our contributing guidelines.
# Included are directions for opening issues, coding standards,
# and notes on development. These can be found at
# https://github.com/zenstack-monorepo/blob/develop/CONTRIBUTING.md
# -----
# Code of Conduct: This project abides by the Contributor Covenant, v2.0
# Please interact in ways that contribute to an open, welcoming, diverse,
# inclusive, and healthy community. Our Code of Conduct can be found at
# https://github.com/zenstack-monorepo/blob/develop/CODE_OF_CONDUCT.md
# -----
# Copyright (c) 2024 ZenstackHQ - All Rights Reserved
# LICENSE: MIT License (MIT)
# -----
# This program has been provided under confidence of the copyright holder and
# is licensed for copying, distribution and modification under the terms
# of the MIT License (MIT) published as the License,
# or (at your option) any later version of this license.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# MIT License for more details.
# You should have received a copy of the MIT License
# along with this program. If not, please write to: jonathan@resnovas.com,
# or see https://opensource.org/licenses/MIT
# -----
# DELETING THIS NOTICE AUTOMATICALLY VOIDS YOUR LICENSE
###

name: Security - CodeQL

on:
merge_group:
push:
branches:
- main
- develop
- release/*
- v2
pull_request:
branches:
- main
- develop
- release/*
- v2
schedule:
- cron: "0 0 * * 1"

permissions:
contents: read


jobs:
analyze:
permissions:
actions: read
contents: read
security-events: write
name: Analyze
runs-on: ubuntu-latest

strategy:
fail-fast: false
matrix:
language: ["javascript", "typescript"]
# CodeQL supports [ $supported-codeql-languages ]
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit

- name: Checkout repository
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@1500a131381b66de0c52ac28abb13cd79f4b7ecc # v2.22.12
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.

# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@1500a131381b66de0c52ac28abb13cd79f4b7ecc # v2.22.12

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun

# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.

# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@1500a131381b66de0c52ac28abb13cd79f4b7ecc # v2.22.12
with:
category: "/language:${{matrix.language}}"
Loading
Loading