name: build on: pull_request: push: branches-ignore: - gh-readonly-queue/** workflow_dispatch: inputs: dryRun: description: 'Dry-Run' default: 'true' required: false merge_group: concurrency: group: ${{ github.workflow }}-${{ github.event.number || github.ref }} cancel-in-progress: ${{ github.ref_name != 'main' && !startsWith(github.ref_name, 'maint/') && github.event_name != 'push' }} env: HUSKY: 0 DRY_RUN: ${{ github.ref_name != github.event.repository.default_branch && !startsWith(github.ref_name, 'maint/') }} permissions: contents: read jobs: setup: runs-on: ubuntu-24.04 timeout-minutes: 15 steps: - name: ⚙️ Setup uses: containerbase/internal-tools/setup@341980c7f4dc6144856c893ee9adac284eb9601e # v4.1.22 with: save-cache: true lint: runs-on: ubuntu-24.04 needs: setup timeout-minutes: 15 permissions: contents: read checks: write steps: - name: ⚙️ Setup uses: containerbase/internal-tools/setup@341980c7f4dc6144856c893ee9adac284eb9601e # v4.1.22 - name: lint run: | # pnpm eslint -f gha pnpm prettier # pnpm lint:types - name: shellcheck if: ${{ github.event_name != 'merge_group' }} uses: reviewdog/action-shellcheck@4c07458293ac342d477251099501a718ae5ef86e # v1.32.0 with: fail_level: any reporter: github-pr-annotations filter_mode: nofilter path: | .husky pattern: | *.sh *.bats check_all_files_with_shebangs: 'true' build: runs-on: ubuntu-24.04 needs: setup timeout-minutes: 15 env: NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages steps: - name: ⚙️ Setup uses: containerbase/internal-tools/setup@341980c7f4dc6144856c893ee9adac284eb9601e # v4.1.22 - name: 📥 Setup Java uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: 'temurin' java-version: '17' cache: 'gradle' # https://github.com/dotnet/sdk/issues/39635 - name: Remove pre-existing dotnet installs run: sudo apt remove --purge '^dotnet-.*' '^aspnetcore-.*' - name: 📥 Setup Dotnet uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5.2.0 with: global-json-file: global.json cache: true cache-dependency-path: '**/packages.lock.json' - name: Restore dotnet packages run: | dotnet workload restore dotnet restore --locked-mode - name: build run: pnpm build - name: upload dist uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: dist path: | dist/ test: runs-on: ubuntu-24.04 needs: - build timeout-minutes: 15 permissions: id-token: write steps: - name: ⚙️ Setup uses: containerbase/internal-tools/setup@341980c7f4dc6144856c893ee9adac284eb9601e # v4.1.22 - name: fetch dist uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: dist path: dist - name: vitest run: pnpm test - name: Codecov test results if: github.event_name != 'merge_group' && !cancelled() uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2 with: use_oidc: true report_type: test_results - name: Codecov coverage results if: github.event_name != 'merge_group' uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2 with: use_oidc: true benchmark: runs-on: ubuntu-24.04 needs: - build timeout-minutes: 5 steps: - name: ⚙️ Setup uses: containerbase/internal-tools/setup@341980c7f4dc6144856c893ee9adac284eb9601e # v4.1.22 - name: fetch dist uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: dist path: dist - name: benchmark run: pnpm vitest bench --run release: needs: - lint - build - test - benchmark runs-on: ubuntu-latest # tests shouldn't need more time timeout-minutes: 15 permissions: contents: write id-token: write issues: write steps: # full checkout for semantic-release - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 show-progress: false filter: blob:none # we don't need all blobs - name: ⚙️ Setup uses: containerbase/internal-tools/setup@341980c7f4dc6144856c893ee9adac284eb9601e # v4.1.22 with: checkout: false - name: fetch dist uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: dist path: dist - name: semantic-release run: | pnpm semantic-release --dry-run ${{env.DRY_RUN}} --ci ${{env.DRY_RUN != 'true'}} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Catch-all required check for test matrix success: needs: - lint - build - test - benchmark - release runs-on: ubuntu-24.04 timeout-minutes: 1 if: always() steps: - name: Fail for failed or skipped lint job if: | needs.lint.result == 'failure' || needs.lint.result == 'skipped' run: exit 1 - name: Fail for failed or skipped build job if: | needs.build.result == 'failure' || needs.build.result == 'skipped' run: exit 1 - name: Fail for failed or skipped test job if: | needs.test.result == 'failure' || needs.test.result == 'skipped' run: exit 1 - name: Fail for failed or skipped benchmark job if: | needs.benchmark.result == 'failure' || needs.benchmark.result == 'skipped' run: exit 1 - name: Fail for failed or skipped release job if: | needs.release.result == 'failure' || needs.release.result == 'skipped' run: exit 1