update publish command #57

Workflow file for this run

	name: CI/CD

	jobs:
	# Stage 1: codacy, devskim, install
	codacy:
	name: Codacy
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Analyze
	uses: codacy/codacy-analysis-cli-action@master
	with:
	project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
	format: sarif
	gh-code-scanning-compat: true
	max-allowed-issues: 2147483647
	output: codacy.sarif
	verbose: true
	- name: Upload SARIF
	if: always()
	uses: github/codeql-action/upload-sarif@main
	with:
	sarif_file: codacy.sarif
	wait-for-processing: true

	devskim:
	name: DevSkim
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	- 8126:8126
	permissions:
	actions: read
	contents: read
	security-events: write
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Scan
	uses: microsoft/DevSkim-Action@v1
	- name: Upload SARIF
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: devskim-results.sarif
	wait-for-processing: true

	install:
	name: Install
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	- name: Install dependencies
	run: yarn install --immutable

	# Stage 2: prepack
	prepack:
	name: Prepack
	needs: install
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	- name: Install dependencies
	run: yarn install --immutable
	- name: Prepack
	run: yarn prepack
	env:
	CI: false
	REACT_APP_GITHUB_REPOSITORY: ${{ github.repository }}
	REACT_APP_GITHUB_SHA: ${{ github.sha }}
	- name: Upload artifacts
	uses: actions/upload-artifact@v3
	with:
	name: prepack
	path: \|
	packages/*/.next/
	packages/*/dist/
	packages/*/out/

	# Stage 3: lighthouse, prepublish, prepublish-applications
	lighthouse:
	name: Lighthouse
	needs: prepack
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: prepack
	path: packages/
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	- name: Install dependencies
	run: yarn install --immutable
	- name: Audit
	run: yarn run lighthouse
	working-directory: packages/next/
	- name: Upload report
	if: always()
	uses: actions/upload-artifact@v3
	with:
	name: lighthouse
	path: \|
	packages/*/lighthouse.report.html
	packages/*/lighthouse.report.json

	prepublish:
	name: Prepublish
	needs: prepack
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: prepack
	path: packages/
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	- name: Install dependencies
	run: yarn install --immutable
	- name: Prepublish
	run: yarn prepublish

	# Run prepublish on applications, because prepublish won't be triggered for
	# applications by the publish step.
	prepublish-applications:
	name: Prepublish applications
	needs: prepack
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: prepack
	path: packages/
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	- name: Install dependencies
	run: yarn install --immutable
	- name: Prepublish quisi.do
	run: yarn packages/next run prepublish
	- name: Upload artifacts
	uses: actions/upload-artifact@v3
	with:
	name: prepublish-applications
	path: packages/*/jest/

	# Stage 4: github-pages, npm, opensource-registry, sentry-release, wrangler-deploy
	github-pages:
	name: GitHub Pages
	needs: [lighthouse, prepublish-applications]
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: prepack
	path: packages/
	- name: Deploy
	uses: JamesIves/github-pages-deploy-action@v4
	with:
	branch: gh-pages
	clean: true
	folder: packages/next/out/
	single-commit: true

	npm:
	name: NPM
	needs: [prepack, prepublish]
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: prepack
	path: packages/
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	- name: Install dependencies
	run: yarn install --immutable
	- name: Publish
	env:
	NPM_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}
	run: >
	yarn config set npmAuthToken $NPM_AUTH_TOKEN;
	yarn workspaces foreach \
	--jobs unlimited \
	--no-private \
	--parallel \
	--topological-dev \
	--verbose \
	npm publish --tolerate-republish;
	- name: Upload artifacts
	uses: actions/upload-artifact@v3
	with:
	name: npm
	path: packages/*/jest/

	opensource-registry:
	name: OpenSource registry
	needs: [prepack, prepublish]
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: prepack
	path: packages/
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	registry-url: 'https://npm-publish.opensourceregistry.com'
	- name: Install dependencies
	run: yarn install --immutable
	- name: Publish
	env:
	NPM_AUTH_TOKEN: ${{ secrets.OPENSOURCE_REGISTRY_NPM_TOKEN }}
	run: >
	yarn config set npmAuthToken $NPM_AUTH_TOKEN;
	yarn run publish;

	sentry-release:
	name: Sentry release
	needs: [lighthouse, prepublish-applications]
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: prepack
	path: packages/
	- name: Sentry release
	uses: getsentry/action-release@v1
	env:
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	SENTRY_LOG_LEVEL: info
	SENTRY_ORG: charles-stover
	SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
	with:
	environment: production
	sourcemaps: build
	version: ${{ github.sha }}

	wrangler-deploy:
	name: Wrangler deploy
	needs: [lighthouse, prepublish-applications]
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	- name: Install dependencies
	run: yarn install --immutable
	- name: Deploy
	run: yarn packages/cloudflare-analytics-worker run deploy
	env:
	CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_EDIT_WORKERS_API_KEY }}

	# Stage 5: cloudflare-purge, github-packages
	cloudflare-purge:
	name: Cloudflare purge
	needs: github-pages
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Purge Cloudflare files
	env:
	CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
	CLOUDFLARE_ZONE_ID: ${{ secrets.CLOUDFLARE_ZONE_ID }}
	run: >
	curl \
	--data '{
	"files": [
	"https://quisi.do",
	"https://quisi.do/index.html"
	]
	}' \
	--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
	--header "Content-Type:application/json" \
	--request POST \
	"https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/purge_cache"

	github-packages:
	name: GitHub Packages
	needs: npm
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	permissions:
	contents: read
	packages: write
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: prepack
	path: packages/
	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: yarn
	check-latest: true
	node-version: 'lts/*'
	registry-url: 'https://npm.pkg.github.com'
	scope: '@${{ github.repository_owner }}'
	- name: Install dependencies
	run: yarn install --immutable
	- name: Publish
	env:
	NPM_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: >
	yarn config set npmAuthToken $NPM_AUTH_TOKEN;
	yarn config set \
	npmScopes.${{ github.repository_owner }}.npmPublishRegistry \
	'https://npm.pkg.github.com';
	yarn run publish;

	# Stage 6: neuralegion
	neuralegion:
	name: NeuraLegion
	needs: cloudflare-purge
	runs-on: ubuntu-latest
	env:
	DD_ENV: ci
	services:
	datadog-agent:
	image: datadog/agent:latest
	env:
	DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
	DD_HOSTNAME: none
	DD_INSIDE_CI: true
	ports:
	- 8126:8126
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	- name: Scan
	continue-on-error: true
	# id: scan
	uses: NeuraLegion/run-scan@release
	with:
	api_token: ${{ secrets.NEURALEGION_TOKEN }}
	name: GitHub SHA - ${{ github.sha }}
	crawler_urls: \|
	["https://quisi.do/"]
	discovery_types: \|
	["crawler"]
	# - name: Wait for breakpoint
	# continue-on-error: true
	# uses: NeuraLegion/wait-for@release
	# with:
	# api_token: ${{ secrets.NEURALEGION_TOKEN }}
	# code_scanning_alerts: true
	# github_token: ${{ secrets.GITHUB_TOKEN }}
	# scan: ${{ steps.scan.outputs.id }}
	# timeout: 600
	# wait_for: any

	on:
	push:
	branches: [main]
	workflow_dispatch:

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

update publish command #57

Workflow file

update publish command #57

Jobs

Run details

Workflow file for this run