fix: When setting a new zcfBundleCap, store it in baggage (#8806) #1756
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Run after merge to trunk | |
# Note that this relies on branch protection having: | |
# Require branches to be up to date before merging | |
on: | |
push: | |
branches: | |
# $default-branch | |
- master | |
- 'release-*' | |
- 'dev-*' | |
workflow_dispatch: | |
jobs: | |
build: | |
if: ${{ github.repository_owner == 'agoric' }} | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: ['16.x', '18.x'] | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'true' | |
- uses: ./.github/actions/restore-node | |
with: | |
node-version: ${{ matrix.node-version}} | |
- name: notify on failure | |
if: failure() | |
uses: ./.github/actions/notify-status | |
with: | |
from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
dev-canary: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
# note: only use one node-version | |
node-version: ['18.x'] | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/restore-node | |
with: | |
node-version: ${{ matrix.node-version }} | |
# Adapted from https://johnny.sh/notes/publish-canary-lerna-cicd/ | |
- name: configure NPM token | |
run: | | |
echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc | |
env: | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: check credentials | |
run: npm whoami | |
- name: publish to NPM tag | |
run: | | |
case $GITHUB_REF_NAME in | |
release-*) | |
# A pre-release. | |
TAG=${GITHUB_REF_NAME#release-}-dev | |
;; | |
dev-*) | |
# A pre-release while our release branch is straying from master | |
TAG=${GITHUB_REF_NAME#dev-}-dev | |
;; | |
master) | |
# A trunk dev release. | |
TAG=dev | |
;; | |
*) | |
# Some other dev release. | |
TAG=other-dev | |
;; | |
esac | |
# without concurrency until https://github.com/Agoric/agoric-sdk/issues/8091 | |
yarn lerna publish --concurrency 1 --conventional-prerelease --canary --exact \ | |
--dist-tag=$TAG --preid=$TAG-$(git rev-parse --short=7 HEAD) \ | |
--no-push --no-verify-access --yes | |
- name: notify on failure | |
if: failure() | |
uses: ./.github/actions/notify-status | |
with: | |
from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
coverage: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
# note: only use one node-version | |
node-version: ['18.x'] | |
if: ${{github.event_name == 'push' }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/restore-node | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: generate coverage for all tests | |
run: 'yarn test:c8-all || :' | |
- name: generate coverage/html reports | |
run: mkdir -p coverage/tmp && yarn c8 report --reporter=html-spa --reports-dir=coverage/html --temp-directory=coverage/tmp | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: coverage | |
path: coverage | |
- name: Find Netlify site ID | |
run: | | |
echo "NETLIFY_SITE_ID=$(cat COVERAGE_NETLIFY_SITE_ID)" >> $GITHUB_ENV | |
- uses: nwtgck/[email protected] | |
with: | |
# Production deployment if a push or merged PR. | |
production-deploy: ${{ github.event_name == 'push' && github.ref_name == 'master' }} | |
publish-dir: coverage/html | |
# SECURITY: we don't want to hand out the Github token to this action. | |
# github-token: ${{ secrets.GITHUB_TOKEN }} | |
env: | |
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} | |
- name: notify on failure | |
if: failure() | |
uses: ./.github/actions/notify-status | |
with: | |
from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
benchmark: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
# note: only use one node-version | |
node-version: ['18.x'] | |
if: ${{github.event_name == 'push'}} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/restore-node | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: benchmark changes | |
env: | |
AUTOBENCH_METRICS_URL: ${{ secrets.AUTOBENCH_METRICS_URL }} | |
run: cd packages/swingset-runner && yarn ci:autobench | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: benchmarkstats.json | |
path: packages/swingset-runner/benchstats*.json | |
- name: notify on failure | |
if: failure() | |
uses: ./.github/actions/notify-status | |
with: | |
from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
webhook: ${{ secrets.SLACK_WEBHOOK_URL }} |