build(deps): bump ws from 7.5.7 to 7.5.10 in /example-service #3615
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node | |
| # For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions | |
| name: Node.js CI | |
| on: | |
| push: | |
| branches: ["**"] | |
| pull_request: | |
| branches: [master] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| # Don't build if Semantic Release pushes a ci skip commit | |
| if: "!contains(github.event.head_commit.message, '[ci skip]')" | |
| strategy: | |
| matrix: | |
| node-version: [14.x, 16.x, 18.x] | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| # Prevents interference with release credentials | |
| # See https://github.com/semantic-release/semantic-release/blob/master/docs/recipes/github-actions.md#pushing-packagejson-changes-to-a-master-branch | |
| persist-credentials: false | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| # Skip post-install scripts here, as a malicious | |
| # script could steal NODE_AUTH_TOKEN. | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Build | |
| run: yarn build | |
| - name: Type Coverage | |
| run: yarn type-coverage | |
| - name: Test | |
| run: yarn test --coverage | |
| - name: Check formatting | |
| run: yarn format-check | |
| - name: Package example service to ensure compatibility | |
| run: cd example-service && yarn install --frozen-lockfile && yarn sls package | |
| - name: Run Semantic Release | |
| env: | |
| # TODO: While not ideal to have to use a developer's token to push to master here, | |
| # it is currently the only way to do it with GitHub actions at the moment if master | |
| # is a protected branch. | |
| # Secrets are not exposed in PR builds for security reasons, but semantic release will | |
| # never have to push or release anything in that case so its fine. | |
| # Not the same as GITHUB_TOKEN | |
| # This token authenticates on behalf of the maintainer, not github actions itself to allow changes to be pushed | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| run: yarn semantic-release | |
| if: matrix.node-version == '14.x' |