mirror of
https://github.com/pnpm/pnpm.git
synced 2026-07-14 01:32:40 -04:00
Bumps the github-actions group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `4.0.1` | `4.0.2` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.36.2` | `4.36.3` | | [github/codeql-action/autobuild](https://github.com/github/codeql-action) | `4.36.2` | `4.36.3` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.36.2` | `4.36.3` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.1.0` | `4.2.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.1.0` | `4.2.0` | | [docker/login-action](https://github.com/docker/login-action) | `4.2.0` | `4.4.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `7.2.0` | `7.3.0` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.82.5` | `2.82.9` | | [crate-ci/typos](https://github.com/crate-ci/typos) | `1.47.2` | `1.48.0` | | [garnet-org/action](https://github.com/garnet-org/action) | `2.0.2` | `2.2.0` | | [warpdotdev/oz-agent-action](https://github.com/warpdotdev/oz-agent-action) | `1.0.21` | `1.0.23` | Updates `dorny/paths-filter` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](fbd0ab8f3e...7b450fff21) Updates `github/codeql-action/init` from 4.36.2 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](8aad20d150...54f647b7e1) Updates `github/codeql-action/autobuild` from 4.36.2 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](8aad20d150...54f647b7e1) Updates `github/codeql-action/analyze` from 4.36.2 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](8aad20d150...54f647b7e1) Updates `docker/setup-qemu-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](06116385d9...96fe6ef7f3) Updates `docker/setup-buildx-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](d7f5e7f509...bb05f3f551) Updates `docker/login-action` from 4.2.0 to 4.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](650006c6eb...af1e73f918) Updates `docker/build-push-action` from 7.2.0 to 7.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](f9f3042f7e...53b7df96c9) Updates `taiki-e/install-action` from 2.82.5 to 2.82.9 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](bffeee26d4...4684b84056) Updates `crate-ci/typos` from 1.47.2 to 1.48.0 - [Release notes](https://github.com/crate-ci/typos/releases) - [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md) - [Commits](37bb98842b...bee27e3a4f) Updates `garnet-org/action` from 2.0.2 to 2.2.0 - [Release notes](https://github.com/garnet-org/action/releases) - [Commits](2b7fc9d79b...3d47f4a900) Updates `warpdotdev/oz-agent-action` from 1.0.21 to 1.0.23 - [Release notes](https://github.com/warpdotdev/oz-agent-action/releases) - [Commits](1922f22c00...8ba4e14206) --- updated-dependencies: - dependency-name: crate-ci/typos dependency-version: 1.48.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: 7.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-qemu-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: dorny/paths-filter dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: garnet-org/action dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/analyze dependency-version: 4.36.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action/autobuild dependency-version: 4.36.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action/init dependency-version: 4.36.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.82.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: warpdotdev/oz-agent-action dependency-version: 1.0.23 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
115 lines
3.7 KiB
YAML
115 lines
3.7 KiB
YAML
name: Docker
|
|
|
|
on:
|
|
release:
|
|
types: [published]
|
|
workflow_dispatch:
|
|
inputs:
|
|
version:
|
|
description: "pnpm version to build (without leading v)"
|
|
required: true
|
|
prerelease:
|
|
description: "Treat as prerelease (skips mutable tags)"
|
|
type: boolean
|
|
default: false
|
|
|
|
jobs:
|
|
build:
|
|
name: Build
|
|
runs-on: ubuntu-latest
|
|
environment: release
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
id-token: write
|
|
env:
|
|
IMAGE: ghcr.io/${{ github.repository_owner }}/pnpm
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Resolve release metadata
|
|
id: meta
|
|
env:
|
|
EVENT_NAME: ${{ github.event_name }}
|
|
RELEASE_TAG: ${{ github.event.release.tag_name }}
|
|
RELEASE_PRERELEASE: ${{ github.event.release.prerelease }}
|
|
INPUT_VERSION: ${{ inputs.version }}
|
|
INPUT_PRERELEASE: ${{ inputs.prerelease }}
|
|
run: |
|
|
set -eu
|
|
if [ "$EVENT_NAME" = "release" ]; then
|
|
version="${RELEASE_TAG#v}"
|
|
prerelease="$RELEASE_PRERELEASE"
|
|
else
|
|
version="${INPUT_VERSION#v}"
|
|
prerelease="$INPUT_PRERELEASE"
|
|
fi
|
|
case "$version" in
|
|
*[!0-9A-Za-z.+-]*) echo "invalid version: $version" >&2; exit 1 ;;
|
|
[0-9]*.[0-9]*.[0-9]*) ;;
|
|
*) echo "invalid version: $version" >&2; exit 1 ;;
|
|
esac
|
|
major="${version%%.*}"
|
|
echo "version=$version" >> "$GITHUB_OUTPUT"
|
|
echo "major=$major" >> "$GITHUB_OUTPUT"
|
|
echo "prerelease=$prerelease" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Compute image tags
|
|
id: tags
|
|
env:
|
|
VERSION: ${{ steps.meta.outputs.version }}
|
|
MAJOR: ${{ steps.meta.outputs.major }}
|
|
PRERELEASE: ${{ steps.meta.outputs.prerelease }}
|
|
run: |
|
|
set -eu
|
|
tags="${IMAGE}:${VERSION}"
|
|
if [ "$PRERELEASE" != "true" ]; then
|
|
tags="${tags},${IMAGE}:${MAJOR},${IMAGE}:latest"
|
|
fi
|
|
echo "tags=$tags" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Compute pnpm tarball checksums
|
|
id: checksums
|
|
env:
|
|
VERSION: ${{ steps.meta.outputs.version }}
|
|
run: |
|
|
set -eu
|
|
base="https://github.com/pnpm/pnpm/releases/download/v${VERSION}"
|
|
for pair in amd64:x64 arm64:arm64; do
|
|
key="${pair%:*}"
|
|
name="${pair#*:}"
|
|
sha="$(curl -fsSL --retry 3 --retry-delay 2 "${base}/pnpm-linux-${name}.tar.gz" \
|
|
| sha256sum | awk '{print $1}')"
|
|
echo "sha_${key}=${sha}" >> "$GITHUB_OUTPUT"
|
|
done
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@96fe6ef7f33517b61c61be40b68a1882f3264fb8 # v4.2.0
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4.2.0
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4.4.0
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build and push
|
|
uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7.3.0
|
|
with:
|
|
context: ./docker
|
|
platforms: linux/amd64,linux/arm64
|
|
push: true
|
|
tags: ${{ steps.tags.outputs.tags }}
|
|
build-args: |
|
|
PNPM_VERSION=${{ steps.meta.outputs.version }}
|
|
PNPM_SHA256_AMD64=${{ steps.checksums.outputs.sha_amd64 }}
|
|
PNPM_SHA256_ARM64=${{ steps.checksums.outputs.sha_arm64 }}
|
|
provenance: mode=max
|
|
sbom: true
|