feat(trusted-publishing): add github actions for main, check, build, install_setup

ethan-ozelius-contentful · ethan-ozelius-contentful · commit ca7118b784f5 · 2025-11-07T12:05:35.000-07:00
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -9,12 +9,12 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version: '24'
           cache: 'npm'
 
       - name: Install dependencies
diff --git a/.github/workflows/check.yaml b/.github/workflows/check.yaml
@@ -9,18 +9,6 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '22'
-          cache: 'npm'
-
-      - name: Install dependencies
-        run: npm ci
-
       - name: Restore the build folders
         uses: actions/cache/restore@v4
         with:
@@ -31,8 +19,17 @@ jobs:
       - name: Run linter
         run: npm run lint
 
+      - name: Check prettier formatting
+        run: npm run prettier:check
+
       - name: Check formatting
         run: npm run format:check
 
       - name: Run tests
         run: npm test
+
+      - name: Test bundle size
+        run: npm run test:size
+
+      - name: Test TypeScript types
+        run: npm run test:types
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -19,14 +19,14 @@ jobs:
       security-events: write
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: actions
 
       - name: Run CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           category: actions
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
@@ -10,15 +10,17 @@ on:
 
 jobs:
   build:
+    needs: setup_checkout_install_deps
     uses: ./.github/workflows/build.yml
 
   check:
-    needs: build
+    needs: [setup_node_checkout_code_and_install_dependencies, build]
     uses: ./.github/workflows/check.yml
 
   release:
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-    needs: [build, check]
+    # TODO: remove 'testing-oidc-trusted-publishing' branch once trusted publishing is stable
+    if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/testing-oidc-trusted-publishing' || github.ref == 'refs/heads/next')
+    needs: [setup_node_checkout_code_and_install_dependencies, build, check]
     permissions:
       contents: write
       id-token: write
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -0,0 +1,41 @@
+name: release
+
+permissions:
+  contents: read
+  packages: read
+
+on:
+  push:
+    branches:
+      - master
+      - next
+      - testing-oidc-trusted-publishing
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  release:
+    name: Release
+    permissions:
+      packages: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Restore the build folders
+        uses: actions/cache/restore@v4
+        with:
+          path: |
+            dist
+          key: build-cache-${{ github.run_id }}-${{ github.run_attempt }}
+
+      - name: Setup Chrome
+        uses: browser-actions/setup-chrome@v1
+
+      - name: Setup ChromeDriver
+        uses: browser-actions/setup-chromedriver@v1
+
+      - name: Run semantic release
+        run: npm run semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
diff --git a/.github/workflows/setup_node_checkout_code_and_install_dependencies.yaml b/.github/workflows/setup_node_checkout_code_and_install_dependencies.yaml
@@ -0,0 +1,30 @@
+name: "Setup node, checkout code and install dependencies"
+
+permissions:
+  contents: read
+  packages: read
+
+on:
+  workflow_call:
+
+jobs:
+  setup_node_checkout_code_and_install_dependencies:
+    name: Configure github npm package registry for installing private @contentful packages, any public/non-contentful dependencies will be installed from npmjs.com
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: '24'
+          cache: 'npm'
+    
+      - name: config npmrc
+      - run: |
+          echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_PACKAGES_READ_TOKEN }}" > ~/.npmrc
+          echo "@contentful:registry=https://npm.pkg.github.com" >> ~/.npmrc
+
+      - name: Install dependencies
+        run: npm ci
