build: Add workflow scripts

Author: TimothyJones

.github/FUNDING.yml

@@ -0,0 +1,13 @@
+# These are supported funding model platforms
+
+github: [TimothyJones] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+# patreon: # Replace with a single Patreon username
+# open_collective: # Replace with a single Open Collective username
+# ko_fi: # Replace with a single Ko-fi username
+# tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+# community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+# liberapay: # Replace with a single Liberapay username
+# issuehunt: # Replace with a single IssueHunt username
+# otechie: # Replace with a single Otechie username
+# lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+# custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

.github/dependabot.yml

@@ -0,0 +1,19 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+ # Node / npm
+ - package-ecosystem: "npm" # See documentation for possible values
+ directory: "/" # Location of package manifests
+ versioning-strategy: increase
+ schedule:
+ interval: "weekly"
+ 
+ # Maintain dependencies for GitHub Actions
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "weekly"

.github/workflows/build-and-test.yml

@@ -0,0 +1,32 @@
+name: Build + test
+
+on:
+ push:
+ branches:
+ - main
+ pull_request:
+ branches:
+ - main
+ workflow_dispatch:
+
+jobs:
+ build-and-test:
+ runs-on: ${{ matrix.os }}
+ strategy:
+ matrix:
+ node-version: [18.x, 20.x]
+ os: [macos-latest, ubuntu-latest, windows-latest]
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: Use Node.js ${{ matrix.node-version }}
+ uses: actions/setup-node@v4
+ with:
+ node-version: ${{ matrix.node-version }}
+ - run: npm install -g npm@latest
+ - run: bash ci/build-and-test.sh
+ shell: bash
+ env:
+ NODE_VERSION: ${{ matrix.node-version }}
+ FORCE_COLOR: true

.github/workflows/dependency-review.yml

@@ -0,0 +1,20 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+ contents: read
+
+jobs:
+ dependency-review:
+ runs-on: ubuntu-latest
+ steps:
+ - name: 'Checkout Repository'
+ uses: actions/checkout@v4
+ - name: 'Dependency Review'
+ uses: actions/dependency-review-action@v4

.github/workflows/release-please.yml

@@ -0,0 +1,52 @@
+on:
+ push:
+ branches:
+ - main
+
+permissions:
+ contents: write
+ pull-requests: write
+
+name: Run Release Please
+jobs:
+ release-please:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: google-github-actions/release-please-action@v4
+ id: release
+ with:
+ token: ${{ secrets.RATE_TOKEN_GH }}
+
+ outputs:
+ release_created: ${{ steps.release.outputs.release_created }}
+ tag_name: ${{ steps.release.outputs.tag_name }}
+
+ publish:
+ needs: [release-please]
+ runs-on: ubuntu-latest
+ steps:
+ # The logic below handles the npm publication:
+ - name: Checkout Repository
+ if: ${{ needs.release-please.outputs.release_created }}
+ uses: actions/checkout@v4
+ - name: Setup Node
+ uses: actions/setup-node@v4
+ if: ${{ needs.release-please.outputs.release_created }}
+ with:
+ node-version: 18
+ registry-url: 'https://registry.npmjs.org'
+ - name: Build Packages
+ if: ${{ needs.release-please.outputs.release_created }}
+ run: ci/build-and-test.sh
+ env:
+ NODE_VERSION: 18
+ FORCE_COLOR: true
+
+ # Release Please has already incremented versions and published tags, so we just
+ # need to publish all unpublished versions to NPM here
+ # See: https://github.com/lerna/lerna/tree/main/commands/publish#bump-from-package
+ # - name: Publish to NPM
+ # if: ${{ needs.release-please.outputs.release_created }}
+ # env:
+ # NODE_AUTH_TOKEN: ${{secrets.CONTRACT_CASE_NPM}}
+ # run: npx lerna publish from-package --no-push --no-private --yes

ci/build-and-test.sh

@@ -0,0 +1,12 @@
+#!/bin/bash -eu
+set -eu # We do this twice so that winadows github runners will properly read them
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")"; pwd)" # Figure out where the script is running
+# shellcheck source=lib/robust-bash.sh
+. "$SCRIPT_DIR"/lib/robust-bash.sh 
+
+npm install # We can't do npm ci because lerna has optional dependencies :(
+
+npm run format:check
+npm run build
+npm run lint
+

ci/lib/robust-bash.sh

@@ -0,0 +1,52 @@
+#!/bin/bash -eu
+if [ -z "${LIB_ROBUST_BASH_SH:-}" ]; then
+ LIB_ROBUST_BASH_SH=included
+ 
+ function error {
+ echo "❌ ${1:-}"
+ }
+
+ function log {
+ echo "🔵 ${1:-}"
+ }
+
+ function debug_log {
+ if [ ! -z "${LIB_ROBUST_BASH_DEBUG:-}" ]; then
+ echo "🔎 ${1:-}"
+ fi
+ }
+
+ function warn {
+ echo "🟡 ${1:-}"
+ }
+
+ # Check to see that we have a required binary on the path
+ # and fail the script if it is not present
+ function require_binary {
+ if [ -z "${1:-}" ]; then
+ error "${FUNCNAME[0]} requires an argument"
+ exit 1
+ fi
+
+ if ! [ -x "$(command -v "$1")" ]; then
+ error "The required executable '$1' is not on the path."
+ exit 1
+ fi
+ }
+
+ # Check to see that we have a required environment variable set,
+ # and fail the script if it is not set.
+ #
+ # Optionally, a second argument can be provided to display 
+ # a helpful message before failing
+ function require_env_var {
+ var_name="${1:-}"
+ if [ -z "${!var_name:-}" ]; then
+ error "The required environment variable ${var_name} is empty"
+ if [ ! -z "${2:-}" ]; then
+ echo " - $2"
+ fi
+ exit 1
+ fi
+ }
+fi

ci/release.sh

@@ -0,0 +1,9 @@
+#!/bin/bash -eu
+set -eu # We do this twice so that winadows github runners will properly read them
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")"; pwd)" # Figure out where the script is running
+# shellcheck source=lib/robust-bash.sh
+. "$SCRIPT_DIR"/lib/robust-bash.sh 
+
+
+echo "release.sh is NOT IMPLEMENTED"
+exit 1

release-please-config.json

@@ -0,0 +1,18 @@
+{
+ "plugins": [{ "type": "node-workspace", "merge": false }],
+
+ "group-pull-request-title-pattern": "chore: release ${component} ${scope} ${version}",
+ "pull-request-title-pattern": "chore: release ${component} ${scope} ${version}",
+ "bump-minor-pre-major": true,
+ "bump-patch-for-minor-pre-major": true,
+ "separate-pull-requests": true,
+ "packages": {
+ ".": {
+ "release-type": "node",
+ "component": "example-extractor",
+ "bump-minor-pre-major": true,
+ "bump-patch-for-minor-pre-major": true,
+ "changelog-path": "CHANGELOG.md"
+ }
+ }
+}