.github/workflows/release.yml
---
name: Release
on: # yamllint disable-line rule:truthy
push:
tags:
- 'v*.*.*'
defaults:
run:
shell: sh
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
outputs:
deploy-time: "${{ steps.metadata.outputs.deploy-time }}"
steps:
- name: Checkout ${{ github.repository }}
uses: actions/checkout@v4
- name: Cache yarn dependencies
id: yarn-cache
uses: actions/cache@v4
with:
path: |
.yarn/cache
node_modules
key: "${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('**/.yarnrc.yml') }}"
restore-keys: |
${{ runner.os }}-yarn-
- name: Compile
if: ${{ steps.yarn-cache.outputs.cache-hit != 'true' }}
run: yarn install
- name: Build
run: yarn run build:prod
- name: Prepare metadata
id: metadata
run: echo "deploy-time=$(date -u +"%Y-%m-%dT%H:%M:%SZ")" >> "$GITHUB_OUTPUT"
- name: Deploy to GitHub Pages
uses: peaceiris/actions-gh-pages@v4
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./public
github:
name: GitHub
needs: [deploy]
uses: fabasoad/reusable-workflows/.github/workflows/wf-github-release.yml@main
with:
bump-tags: false
trigger-security-dast:
name: Trigger Security DAST
needs: [deploy]
runs-on: ubuntu-latest
steps:
- name: Dispatch workflow
uses: actions/github-script@v7
with:
github-token: ${{ secrets.PAT_TOKEN }}
script: |
github.rest.actions.createWorkflowDispatch({
owner: "fabasoad",
repo: "business-card",
workflow_id: "security-dast.yml",
ref: "main",
inputs: {
"deploy-time": "${{ needs.deploy.outputs.deploy-time }}"
}
});