Skip to content
.github/workflows/ci.yaml

Bump lodash from 4.17.21 to 4.17.23 #127

Sign in to view logs

Bump lodash from 4.17.21 to 4.17.23

Bump lodash from 4.17.21 to 4.17.23 #127

Workflow file for this run

.github/workflows/ci.yaml at 7c403b0
on:
merge_group:
pull_request:
workflow_dispatch:
push:
branches:
- main
- master
release:
types:
- released
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
Lints:
name: Check the dist/ folder is up to date
runs-on: UbuntuLatest32Cores128G
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@v5
- uses: DeterminateSystems/flake-checker-action@main
with:
fail-mode: true
- if: success() || failure()
uses: DeterminateSystems/determinate-nix-action@main
- if: success() || failure()
uses: DeterminateSystems/flakehub-cache-action@main
- name: Install npm dependencies
if: success() || failure()
run: nix develop --command npm ci
- name: Check formatting
if: success() || failure()
run: nix develop --command npm run check-fmt
- name: Run ESLint
if: success() || failure()
run: nix develop --command npm run lint
- name: Build bundle
if: success() || failure()
run: nix develop --command npm run build
- name: Package as Node.js runnable
if: success() || failure()
run: nix develop --command npm run package
- name: Check git status
if: success() || failure()
run: git status --porcelain=v1
- name: "Nix formatting"
if: success() || failure()
run: git ls-files '*.nix' | nix develop --command xargs nixfmt --check
- name: "Rust formatting"
if: success() || failure()
run: nix develop --command cargo fmt --check
- name: "Clippy"
if: success() || failure()
run: nix develop --command cargo clippy --all-targets --all-features -- -Dwarnings
- name: Ensure no staged changes
if: success() || failure()
run: git diff --exit-code
DeterminateCI:
uses: DeterminateSystems/ci/.github/workflows/workflow.yml@main
permissions:
id-token: "write"
contents: "read"
with:
visibility: public
runner-map: |
{
"aarch64-darwin": "namespace-profile-mac-m2-12c28g",
"aarch64-linux": "UbuntuLatest32Cores128GArm",
"x86_64-linux": "UbuntuLatest32Cores128G"
}
ProductionTest:
needs:
- Lints
- DeterminateCI
runs-on: UbuntuLatest32Cores128G
timeout-minutes: 5
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/determinate-nix-action@main
if: ${{ github.event_name == 'merge_group' }}
- uses: DeterminateSystems/flakehub-cache-action@main
if: ${{ github.event_name == 'merge_group' }}
- run: |
nix build -j0 .#
if: ${{ github.event_name == 'merge_group' }}
- name: Production test
if: ${{ github.event_name == 'merge_group' }}
uses: ./
with:
visibility: "hidden"
rolling-minor: 0
rolling: true
log-directives: "flakehub_push=trace"
logger: "pretty"
flakehub-push-binary: ./result/bin/flakehub-push
_internal-strict-mode: true
PushToIDS:
needs: ProductionTest
runs-on: ubuntu-latest
permissions:
id-token: "write"
contents: "read"
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/determinate-nix-action@main
- uses: DeterminateSystems/flakehub-cache-action@main
- run: |
mkdir artifacts
nix build -j0 .#packages.x86_64-linux.default
cp -r ./result/bin/flakehub-push ./artifacts/X64-Linux
nix build -j0 .#packages.aarch64-linux.default
cp -r ./result/bin/flakehub-push ./artifacts/ARM64-Linux
nix build -j0 .#packages.aarch64-darwin.default
cp -r ./result/bin/flakehub-push ./artifacts/ARM64-macOS
- uses: DeterminateSystems/push-artifact-ids@main
with:
s3_upload_role: ${{ secrets.AWS_S3_UPLOAD_ROLE }}
bucket: ${{ secrets.AWS_S3_UPLOAD_BUCKET }}
directory: ./artifacts
ids_project_name: flakehub-push
ids_binary_prefix: flakehub-push