Skip to content

Add provenance

Add provenance #152

Workflow file for this run

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Build app
on:
workflow_dispatch:
push:
branches:
- main
tags:
- "*"
paths-ignore:
- "*.md"
- "*.txt"
- "*.yml"
- .editorconfig
- ".github/**"
- .gitignore
- .npmignore
pull_request:
branches:
- main
paths-ignore:
- "*.md"
- "*.txt"
- "*.yml"
- .editorconfig
- ".github/**"
- .gitignore
- .npmignore
jobs:
build:
name: Build amd64
runs-on: ${{ matrix.runner }}
strategy:
fail-fast: false
matrix:
node: ["18.x", "20.x"]
runner: ["windows-latest", "ubuntu-latest", "macos-latest"]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node }}
registry-url: "https://registry.npmjs.org"
cache: npm
- run: |
node --version
npm --version
npm ci
name: Install npm dependencies
- run: npm run lint .
name: Lint
if: matrix.runner == 'ubuntu-latest'
- run: npm run typecheck
name: Type check
if: matrix.runner == 'ubuntu-latest'
- run: |
set -euo pipefail
sudo apt-get update
sudo apt-get install -y libnss3
name: Install OS dependencies
if: matrix.runner == 'ubuntu-latest'
- run: ./test-driver.sh
name: Verify install
shell: bash
build_arm64:
name: Build arm64
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
node: ["18", "20"]
steps:
- uses: actions/checkout@v4
- uses: uraimo/[email protected]
name: Verify install
id: build
with:
arch: aarch64
distro: ubuntu20.04
env: | # this is just so we can cache each version
GITHUB_WORKFLOW: ${{ github.workflow }}-${{ github.job }}-${{ matrix.node }}
dockerRunArgs: |
--volume "$PWD:/app"
githubToken: ${{ github.token }}
install: |
set -euo pipefail
apt-get update
apt-get -y install xz-utils curl libnss3
curl -fsSL --output sha https://nodejs.org/dist/latest-v${{ matrix.node }}.x/SHASUMS256.txt
FULL_FILE=`grep 'node-v${{ matrix.node }}.*-linux-arm64.tar.gz' sha | tr -s ' ' | cut -d' ' -f2`
NODE_VERSION=`echo $FULL_FILE | grep --color=never -Eo '[0-9]{2,}\.[0-9]{1,}\.[0-9]{1,}'`
echo "Node version is $NODE_VERSION"
ARCH=arm64
curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz"
tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner
rm sha
rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz"
run: |
node --version
npm --version
cd /app
npm ci --no-progress
BIN="./lib/chromedriver/chromedriver"
if ! [ -e $BIN ]; then
echo "Binary not found at $BIN"
exit 1
fi
build_s390x:
name: Build s390x
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
node: ["18", "20"]
steps:
- uses: actions/checkout@v4
- uses: uraimo/[email protected]
name: Verify install
id: build
with:
arch: s390x
distro: ubuntu20.04
env: | # this is just so we can cache each version
GITHUB_WORKFLOW: ${{ github.workflow }}-${{ github.job }}-${{ matrix.node }}
dockerRunArgs: |
--volume "$PWD:/app"
githubToken: ${{ github.token }}
install: |
set -euo pipefail
apt-get update
apt-get -y install xz-utils curl libnss3
curl -fsSL --output sha https://nodejs.org/dist/latest-v${{ matrix.node }}.x/SHASUMS256.txt
FULL_FILE=`grep 'node-v${{ matrix.node }}.*-linux-s390x.tar.gz' sha | tr -s ' ' | cut -d' ' -f2`
NODE_VERSION=`echo $FULL_FILE | grep --color=never -Eo '[0-9]{2,}\.[0-9]{1,}\.[0-9]{1,}'`
echo "Node version is $NODE_VERSION"
ARCH=s390x
curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz"
tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner
rm sha
rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz"
npm install -g npm@latest
run: |
node --version
npm --version
cd /app
npm ci --no-progress
BIN="./lib/chromedriver/chromedriver"
if ! [ -e $BIN ]; then
echo "Binary not found at $BIN"
exit 1
fi
build_proxy:
name: Build with proxy
runs-on: ubuntu-latest
services:
squid:
image: ubuntu/squid:5.2-22.04_beta
ports:
- 3128:3128
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: 20.x
registry-url: "https://registry.npmjs.org"
cache: npm
- run: |
node --version
npm --version
export http_proxy=http://localhost:3128 https_proxy=http://localhost:3128
npm ci
name: Install npm dependencies
- run: |
set -euo pipefail
sudo apt-get update
sudo apt-get install -y libnss3
name: Install OS dependencies
- run: ./test-driver.sh
name: Verify install
publish:
permissions:
contents: read
id-token: write
name: Publish to npm
runs-on: ubuntu-latest
needs: [build, build_arm64, build_s390x, build_proxy]
if: success() && startsWith(github.ref, 'refs/tags/')
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: 20.x
registry-url: "https://registry.npmjs.org"
- run: npm publish --provenance --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}