From 3007f2643e31c3a28edbac692bec4c65dff32c03 Mon Sep 17 00:00:00 2001 From: Denis Rossati Ramos Date: Mon, 30 Mar 2026 16:13:58 -0300 Subject: [PATCH 1/8] Use reusable workflows --- .../workflows/deploy-published-releases.yaml | 59 ++++-------- .github/workflows/library-validations.yaml | 95 ++----------------- 2 files changed, 27 insertions(+), 127 deletions(-) diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-published-releases.yaml index 5756c75c..2244a504 100644 --- a/.github/workflows/deploy-published-releases.yaml +++ b/.github/workflows/deploy-published-releases.yaml @@ -14,7 +14,27 @@ env: PREVIEW_WIDGET_URL: https://cdn.croct.io/js/v1/lib/plug/widget-${{ github.ref_name }}.html jobs: + publish-npm: + uses: croct-tech/github-workflows/.github/workflows/general/publish-npm-package.yml@unify-workflows + with: + node-version: "23" + publish-access: "public" + prepare-script: >- + cp LICENSE README.md build/ && + cd build && + find . -type f -path '*/*\.js.map' -exec sed -i -e "s~../src~src~" {} + && + sed -i -e "s~\"version\": \"0.0.0-dev\"~\"version\": \"${GITHUB_REF##*/}\"~" package.json && + sed -i -e "s~<@cdnUrl@>~${CDN_URL}~" constants.* && + sed -i -e "s~<@playgroundOrigin@>~${PLAYGROUND_ORIGIN}~" constants.* && + sed -i -e "s~<@playgroundConnectUrl@>~${PLAYGROUND_CONNECT_URL}~" constants.* && + sed -i -e "s~<@previewWidgetOrigin@>~${PREVIEW_WIDGET_ORIGIN}~" constants.* && + sed -i -e "s~<@previewWidgetUrl@>~${PREVIEW_WIDGET_URL}~" constants.* + secrets: + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + deploy-library: + if: ${{ !github.event.release.prerelease }} + needs: publish-npm permissions: id-token: write # This is required for requesting the JWT contents: read # This is required for actions/checkout @@ -37,44 +57,9 @@ jobs: - name: Install dependencies if: steps.cache-dependencies.outputs.cache-hit != 'true' - run: |- - npm ci - rm -rf ~/.npmrc - - - name: Build package - run: |- - npm run build - - - name: Prepare release - run: |- - cp LICENSE README.md build/ - cd build - find . -type f -path '*/*\.js.map' -exec sed -i -e "s~../src~src~" {} + - sed -i -e "s~\"version\": \"0.0.0-dev\"~\"version\": \"${GITHUB_REF##*/}\"~" package.json - sed -i -e "s~<@cdnUrl@>~${CDN_URL}~" constants.* - sed -i -e "s~<@playgroundOrigin@>~${PLAYGROUND_ORIGIN}~" constants.* - sed -i -e "s~<@playgroundConnectUrl@>~${PLAYGROUND_CONNECT_URL}~" constants.* - sed -i -e "s~<@previewWidgetOrigin@>~${PREVIEW_WIDGET_ORIGIN}~" constants.* - sed -i -e "s~<@previewWidgetUrl@>~${PREVIEW_WIDGET_URL}~" constants.* - - - name: Publish pre-release to NPM - if: ${{ github.event.release.prerelease }} - run: |- - cd build - npm publish --access public --tag next - env: - NPM_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: Publish release to NPM - if: ${{ !github.event.release.prerelease }} - run: |- - cd build - npm publish --access public - env: - NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + run: npm ci - name: Bundle package - if: ${{ !github.event.release.prerelease }} run: |- rm -rf build npm run bundle -- --config-cdn-url=${CDN_URL} \ @@ -85,7 +70,6 @@ jobs: - id: 'auth' name: 'Authenticate to Google Cloud' - if: ${{ !github.event.release.prerelease }} uses: 'google-github-actions/auth@v3' with: workload_identity_provider: '${{ secrets.GCLOUD_WORKLOAD_IDENTITY }}' @@ -95,7 +79,6 @@ jobs: uses: google-github-actions/setup-gcloud@v3 - name: Deploy to GCS - if: ${{ !github.event.release.prerelease }} env: GCLOUD_BUCKET: ${{ secrets.GCLOUD_BUCKET }} run: |- diff --git a/.github/workflows/library-validations.yaml b/.github/workflows/library-validations.yaml index 9a4c209c..bb500c12 100644 --- a/.github/workflows/library-validations.yaml +++ b/.github/workflows/library-validations.yaml @@ -12,92 +12,9 @@ on: - opened jobs: - security-checks: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - - uses: actions/setup-node@v6 - with: - node-version: 23 - - - name: Cache dependencies - id: cache-dependencies - uses: actions/cache@v5 - with: - path: node_modules - key: node_modules-${{ hashFiles('package-lock.json') }} - - - name: Install dependencies - if: steps.cache-dependencies.outputs.cache-hit != 'true' - run: npm ci - - - name: Check dependency vulnerabilities - run: npm audit - - validate: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - - uses: actions/setup-node@v6 - with: - node-version: 23 - - - name: Cache dependencies - id: cache-dependencies - uses: actions/cache@v5 - with: - path: node_modules - key: node_modules-${{ hashFiles('package-lock.json') }} - - - name: Install dependencies - if: steps.cache-dependencies.outputs.cache-hit != 'true' - run: npm ci - - - name: Check compilation errors - run: npm run validate - - lint: - runs-on: ubuntu-latest - needs: [ validate ] - steps: - - uses: actions/checkout@v6 - - uses: actions/setup-node@v6 - with: - node-version: 23 - - - name: Cache dependencies - id: cache-dependencies - uses: actions/cache@v5 - with: - path: node_modules - key: node_modules-${{ hashFiles('package-lock.json') }} - - - name: Install dependencies - if: steps.cache-dependencies.outputs.cache-hit != 'true' - run: npm ci - - - name: Check coding standard violations - run: npm run lint - - test: - runs-on: ubuntu-latest - needs: [ validate ] - steps: - - uses: actions/checkout@v6 - - uses: actions/setup-node@v6 - with: - node-version: 23 - - - name: Cache dependencies - id: cache-dependencies - uses: actions/cache@v5 - with: - path: node_modules - key: node_modules-${{ hashFiles('package-lock.json') }} - - - name: Install dependencies - if: steps.cache-dependencies.outputs.cache-hit != 'true' - run: npm ci - - - name: Run tests - run: npm run test + validations: + uses: croct-tech/github-workflows/.github/workflows/general/javascript-validations.yml@unify-workflows + with: + node-version: '23' + run-security: true + use-private-registry: false From a17ad4ff715ab35b76877829e50417ca0b78d3e8 Mon Sep 17 00:00:00 2001 From: Denis Rossati Ramos Date: Wed, 1 Apr 2026 16:10:01 -0300 Subject: [PATCH 2/8] Update workflow --- .github/workflows/deploy-published-releases.yaml | 2 +- .github/workflows/library-validations.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-published-releases.yaml index 2244a504..b6dd7a42 100644 --- a/.github/workflows/deploy-published-releases.yaml +++ b/.github/workflows/deploy-published-releases.yaml @@ -15,7 +15,7 @@ env: jobs: publish-npm: - uses: croct-tech/github-workflows/.github/workflows/general/publish-npm-package.yml@unify-workflows + uses: croct-tech/github-workflows/.github/workflows/publish-npm-package.yml@unify-workflows with: node-version: "23" publish-access: "public" diff --git a/.github/workflows/library-validations.yaml b/.github/workflows/library-validations.yaml index bb500c12..fbf2199e 100644 --- a/.github/workflows/library-validations.yaml +++ b/.github/workflows/library-validations.yaml @@ -13,7 +13,7 @@ on: jobs: validations: - uses: croct-tech/github-workflows/.github/workflows/general/javascript-validations.yml@unify-workflows + uses: croct-tech/github-workflows/.github/workflows/javascript-validation.yml@unify-workflows with: node-version: '23' run-security: true From 4c597e508016f479991be48d2af43620459c9879 Mon Sep 17 00:00:00 2001 From: Denis Rossati Ramos Date: Mon, 6 Apr 2026 15:44:18 -0300 Subject: [PATCH 3/8] Set default node version --- .github/workflows/deploy-published-releases.yaml | 1 - .github/workflows/library-validations.yaml | 3 +-- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-published-releases.yaml index b6dd7a42..d393ba5a 100644 --- a/.github/workflows/deploy-published-releases.yaml +++ b/.github/workflows/deploy-published-releases.yaml @@ -17,7 +17,6 @@ jobs: publish-npm: uses: croct-tech/github-workflows/.github/workflows/publish-npm-package.yml@unify-workflows with: - node-version: "23" publish-access: "public" prepare-script: >- cp LICENSE README.md build/ && diff --git a/.github/workflows/library-validations.yaml b/.github/workflows/library-validations.yaml index fbf2199e..d1b1c412 100644 --- a/.github/workflows/library-validations.yaml +++ b/.github/workflows/library-validations.yaml @@ -13,8 +13,7 @@ on: jobs: validations: - uses: croct-tech/github-workflows/.github/workflows/javascript-validation.yml@unify-workflows + uses: croct-tech/renovate-public-presets/.github/workflows/javascript-validations.yml@unify-workflows with: - node-version: '23' run-security: true use-private-registry: false From a792a3482d26704d2b5ab68c2b15473439aee9c5 Mon Sep 17 00:00:00 2001 From: Denis Rossati Date: Mon, 13 Apr 2026 11:03:19 -0300 Subject: [PATCH 4/8] Correct workflow --- .github/workflows/deploy-published-releases.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-published-releases.yaml index d393ba5a..fd7c328c 100644 --- a/.github/workflows/deploy-published-releases.yaml +++ b/.github/workflows/deploy-published-releases.yaml @@ -15,7 +15,7 @@ env: jobs: publish-npm: - uses: croct-tech/github-workflows/.github/workflows/publish-npm-package.yml@unify-workflows + uses: croct-tech/shared-public-configs/.github/workflows/publish-public-npm-package.yml@master with: publish-access: "public" prepare-script: >- From 2eddf79a8e3c442c946375f64902dff22abbd08b Mon Sep 17 00:00:00 2001 From: Denis Rossati Date: Mon, 13 Apr 2026 11:59:22 -0300 Subject: [PATCH 5/8] Correct workflow --- .github/workflows/deploy-published-releases.yaml | 1 - .github/workflows/library-validations.yaml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-published-releases.yaml index fd7c328c..e606222b 100644 --- a/.github/workflows/deploy-published-releases.yaml +++ b/.github/workflows/deploy-published-releases.yaml @@ -17,7 +17,6 @@ jobs: publish-npm: uses: croct-tech/shared-public-configs/.github/workflows/publish-public-npm-package.yml@master with: - publish-access: "public" prepare-script: >- cp LICENSE README.md build/ && cd build && diff --git a/.github/workflows/library-validations.yaml b/.github/workflows/library-validations.yaml index d1b1c412..76b12d0c 100644 --- a/.github/workflows/library-validations.yaml +++ b/.github/workflows/library-validations.yaml @@ -13,7 +13,7 @@ on: jobs: validations: - uses: croct-tech/renovate-public-presets/.github/workflows/javascript-validations.yml@unify-workflows + uses: croct-tech/shared-public-configs/.github/workflows/javascript-validations.yml@master with: run-security: true use-private-registry: false From 039cde90bd80af1c091c2d01c630d9d991bce49f Mon Sep 17 00:00:00 2001 From: Denis Rossati Date: Wed, 15 Apr 2026 11:50:44 -0300 Subject: [PATCH 6/8] Correct workflow --- .../{publish-pr-preview.yaml => deploy-preview.yaml} | 4 ++-- .../{deploy-published-releases.yaml => deploy-release.yaml} | 6 +++--- .../{library-validations.yaml => validate-branch.yaml} | 4 ++-- .../{check-required-labels.yaml => validate-labels.yaml} | 4 ++-- .../{preview-validations.yaml => validate-preview.yaml} | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) rename .github/workflows/{publish-pr-preview.yaml => deploy-preview.yaml} (97%) rename .github/workflows/{deploy-published-releases.yaml => deploy-release.yaml} (98%) rename .github/workflows/{library-validations.yaml => validate-branch.yaml} (88%) rename .github/workflows/{check-required-labels.yaml => validate-labels.yaml} (90%) rename .github/workflows/{preview-validations.yaml => validate-preview.yaml} (98%) diff --git a/.github/workflows/publish-pr-preview.yaml b/.github/workflows/deploy-preview.yaml similarity index 97% rename from .github/workflows/publish-pr-preview.yaml rename to .github/workflows/deploy-preview.yaml index e867cefa..3593cdd7 100644 --- a/.github/workflows/publish-pr-preview.yaml +++ b/.github/workflows/deploy-preview.yaml @@ -1,4 +1,4 @@ -name: PR preview +name: Deploy preview on: pull_request: @@ -11,7 +11,7 @@ env: MAX_QUERY_LENGTH: 500 jobs: - preview: + deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 diff --git a/.github/workflows/deploy-published-releases.yaml b/.github/workflows/deploy-release.yaml similarity index 98% rename from .github/workflows/deploy-published-releases.yaml rename to .github/workflows/deploy-release.yaml index e606222b..e574ad7b 100644 --- a/.github/workflows/deploy-published-releases.yaml +++ b/.github/workflows/deploy-release.yaml @@ -1,4 +1,4 @@ -name: Release +name: Deploy release on: release: @@ -14,7 +14,7 @@ env: PREVIEW_WIDGET_URL: https://cdn.croct.io/js/v1/lib/plug/widget-${{ github.ref_name }}.html jobs: - publish-npm: + deploy: uses: croct-tech/shared-public-configs/.github/workflows/publish-public-npm-package.yml@master with: prepare-script: >- @@ -30,7 +30,7 @@ jobs: secrets: NPM_TOKEN: ${{ secrets.NPM_TOKEN }} - deploy-library: + deploy-cdn: if: ${{ !github.event.release.prerelease }} needs: publish-npm permissions: diff --git a/.github/workflows/library-validations.yaml b/.github/workflows/validate-branch.yaml similarity index 88% rename from .github/workflows/library-validations.yaml rename to .github/workflows/validate-branch.yaml index 76b12d0c..624e247e 100644 --- a/.github/workflows/library-validations.yaml +++ b/.github/workflows/validate-branch.yaml @@ -1,4 +1,4 @@ -name: Library validations +name: Validate branch on: push: @@ -12,7 +12,7 @@ on: - opened jobs: - validations: + validate: uses: croct-tech/shared-public-configs/.github/workflows/javascript-validations.yml@master with: run-security: true diff --git a/.github/workflows/check-required-labels.yaml b/.github/workflows/validate-labels.yaml similarity index 90% rename from .github/workflows/check-required-labels.yaml rename to .github/workflows/validate-labels.yaml index 03984e95..af618af1 100644 --- a/.github/workflows/check-required-labels.yaml +++ b/.github/workflows/validate-labels.yaml @@ -1,4 +1,4 @@ -name: Label requirements +name: Validate labels on: pull_request: types: @@ -9,7 +9,7 @@ on: - unlabeled jobs: - check-labels: + validate: name: Check labels runs-on: ubuntu-latest steps: diff --git a/.github/workflows/preview-validations.yaml b/.github/workflows/validate-preview.yaml similarity index 98% rename from .github/workflows/preview-validations.yaml rename to .github/workflows/validate-preview.yaml index e6907f82..b6b8ff58 100644 --- a/.github/workflows/preview-validations.yaml +++ b/.github/workflows/validate-preview.yaml @@ -1,4 +1,4 @@ -name: Preview validations +name: Validate preview on: push: From 0a1946429a50d55649b01bea87eada41ae5df649 Mon Sep 17 00:00:00 2001 From: Denis Rossati Date: Wed, 15 Apr 2026 17:27:50 -0300 Subject: [PATCH 7/8] Correct workflow --- .github/workflows/deploy-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-release.yaml b/.github/workflows/deploy-release.yaml index e574ad7b..7bc27a17 100644 --- a/.github/workflows/deploy-release.yaml +++ b/.github/workflows/deploy-release.yaml @@ -32,7 +32,7 @@ jobs: deploy-cdn: if: ${{ !github.event.release.prerelease }} - needs: publish-npm + needs: deploy permissions: id-token: write # This is required for requesting the JWT contents: read # This is required for actions/checkout From 63ceb18bb820514ddbe934e389a792d938a7cecf Mon Sep 17 00:00:00 2001 From: Luiz Ferraz Date: Tue, 21 Apr 2026 16:22:53 +0000 Subject: [PATCH 8/8] Applied workflow standards --- .github/workflows/deploy-release.yaml | 4 ++-- .github/workflows/validate-preview.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/deploy-release.yaml b/.github/workflows/deploy-release.yaml index 7bc27a17..5e704c9c 100644 --- a/.github/workflows/deploy-release.yaml +++ b/.github/workflows/deploy-release.yaml @@ -30,7 +30,7 @@ jobs: secrets: NPM_TOKEN: ${{ secrets.NPM_TOKEN }} - deploy-cdn: + cdn: if: ${{ !github.event.release.prerelease }} needs: deploy permissions: @@ -83,7 +83,7 @@ jobs: gsutil -m cp build/plug.min.js "gs://${GCLOUD_BUCKET}/js/v1/lib/plug.js" gsutil -m setmeta -h "Cache-Control: public, max-age=3600" "gs://${GCLOUD_BUCKET}/js/v1/lib/plug.js" - deploy-preview-widget: + preview-widget: permissions: id-token: write # This is required for requesting the JWT contents: read # This is required for actions/checkout diff --git a/.github/workflows/validate-preview.yaml b/.github/workflows/validate-preview.yaml index b6b8ff58..077f2f33 100644 --- a/.github/workflows/validate-preview.yaml +++ b/.github/workflows/validate-preview.yaml @@ -12,7 +12,7 @@ on: - opened jobs: - validate: + type-check: runs-on: ubuntu-latest defaults: run: @@ -38,7 +38,7 @@ jobs: run: npm run validate lint: - needs: [ validate ] + needs: [ type-check ] runs-on: ubuntu-latest defaults: run: