name: 'CI: lint, build and release' permissions: contents: read pull-requests: read concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true on: push: branches: ['main'] pull_request: branches: ['main'] workflow_dispatch: env: NODE_VERSION: 22.x jobs: lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Use Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' - run: npm ci - run: npm run style-lint - run: npm run lint build: needs: - lint runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Use Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' - run: npm ci - run: npm run build - uses: actions/upload-artifact@v4 with: name: build-output path: ./dist retention-days: 1 release: if: github.event_name == 'workflow_dispatch' needs: build runs-on: ubuntu-latest permissions: contents: write # to be able to publish a GitHub release issues: write # to be able to comment on released issues pull-requests: write # to be able to comment on released pull requests id-token: write # to be able to specify the provenance of the npm package steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Use Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' - name: Download build output uses: actions/download-artifact@v4 with: name: build-output path: ./dist - run: npm ci -D - name: Release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }} run: npx semantic-release