meta: bump stefanzweifel/git-auto-commit-action from 5.1.0 to 5.2.0 #131
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Security Notes | |
| # Only selected Actions are allowed within this repository. Please refer to (https://github.com/nodejs/nodejs.org/settings/actions) | |
| # for the full list of available actions. If you want to add a new one, please reach out a maintainer with Admin permissions. | |
| # REVIEWERS, please always double-check security practices before merging a PR that contains Workflow changes!! | |
| # AUTHORS, please only use actions with explicit SHA references, and avoid using `@master` or `@main` references or `@version` tags. | |
| name: Chromatic | |
| on: | |
| merge_group: | |
| push: | |
| branches: | |
| - main | |
| pull_request_target: | |
| branches: | |
| - main | |
| types: | |
| - labeled | |
| defaults: | |
| run: | |
| # This ensures that the working directory is the root of the repository | |
| working-directory: ./ | |
| permissions: | |
| contents: read | |
| actions: read | |
| env: | |
| # See https://turbo.build/repo/docs/reference/command-line-reference/run#--force | |
| TURBO_FORCE: true | |
| jobs: | |
| chromatic: | |
| # We only need to run Storybook Builds and Storybook Visual Regression Tests within Pull Requests that actually | |
| # introduce changes to the Storybook. Hence, we skip running these on Crowdin PRs and Dependabot PRs | |
| # sha reference has no stable git tag reference or URL. see https://github.com/chromaui/chromatic-cli/issues/797 | |
| if: | | |
| github.event_name == 'push' || github.event_name == 'merge_group' || | |
| ( | |
| github.event_name == 'pull_request_target' && | |
| github.event.label.name == 'github_actions:pull-request' && | |
| startsWith(github.event.pull_request.head.ref, 'dependabot/') == false && | |
| github.event.pull_request.head.ref != 'chore/crowdin' | |
| ) | |
| name: Chromatic | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: Storybook | |
| url: ${{ steps.chromatic-deploy.outputs.storybookUrl }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 | |
| with: | |
| egress-policy: audit | |
| - name: Git Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| # Provides the Pull Request commit SHA or the GitHub merge group ref | |
| ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }} | |
| # The Chromatic (@chromaui/action) Action requires a full history of the current branch in order to be able to compare | |
| # previous changes and previous commits and determine which Storybooks should be tested against and what should be built | |
| fetch-depth: 0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0 | |
| with: | |
| # We want to ensure that the Node.js version running here respects our supported versions | |
| node-version-file: '.nvmrc' | |
| cache: 'npm' | |
| - name: Install npm packages | |
| # We want to avoid npm from running the Audit Step and Funding messages on a CI environment | |
| # We also use `npm i` instead of `npm ci` so that the node_modules/.cache folder doesn't get deleted | |
| run: npm i --no-audit --no-fund --userconfig=/dev/null | |
| - name: Start Visual Regression Tests (Chromatic) | |
| # This assigns the Environment Deployment for Storybook | |
| id: chromatic-deploy | |
| uses: chromaui/action@c93e0bc3a63aa176e14a75b61a31847cbfdd341c | |
| with: | |
| workingDir: packages/ui-components | |
| buildScriptName: storybook:build | |
| projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} | |
| exitOnceUploaded: true | |
| onlyChanged: true |