mirror of
https://github.com/goauthentik/authentik.git
synced 2026-06-17 19:09:11 +03:00
Teffen Ellis
6fb4bb543a
Migrate package management from npm + Corepack to pnpm across the root,
web, and website workspaces:
- Swap npm/Corepack tooling for pnpm: drop package-lock.json files and the
bespoke Corepack bootstrap scripts (setup-corepack.mjs, utils/corepack.mjs,
lint-lockfile.mjs); add pnpm-lock.yaml + pnpm-workspace.yaml per workspace.
- CI uses the official pnpm/action-setup + actions/setup-node; pin the pnpm
store dir via PNPM_HOME so setup-node's `cache: pnpm` post-step succeeds.
- Docker sources pnpm from the official ghcr.io/pnpm/pnpm image via a
${BUILDPLATFORM}-pinned stage; the website docs build does a hoisted root
install so @goauthentik/docusaurus-config resolves its own deps.
- Gate the web install on the `node` dep so runtime-only jobs don't invoke
pnpm; scope the from-stable env setup so the new tooling doesn't run against
the stable checkout's npm packageManager field.
- Resolve @goauthentik/api (client-ts) from its TypeScript source instead of a
tsc-built dist, so it no longer depends on an install-time prepare having run
(the storybook build's environment never built it); sfe's rollup gains .ts
resolution to match.
- Netlify builds with pnpm; encode pnpm's supply-chain controls
(onlyBuiltDependencies/allowBuilds, minimumReleaseAge) in the workspace.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
88 lines
2.7 KiB
YAML
88 lines
2.7 KiB
YAML
---
|
|
name: CI - API Docs
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- next
|
|
- version-*
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
- version-*
|
|
|
|
jobs:
|
|
lint:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
command:
|
|
- prettier-check
|
|
steps:
|
|
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v5
|
|
- uses: ./.github/actions/setup-node
|
|
with:
|
|
working-directory: website
|
|
- name: Lint
|
|
run: pnpm --dir website run ${{ matrix.command }}
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v5
|
|
- uses: ./.github/actions/setup-node
|
|
with:
|
|
working-directory: website
|
|
- uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v4
|
|
with:
|
|
path: |
|
|
${{ github.workspace }}/website/api/.docusaurus
|
|
${{ github.workspace }}/website/api/**/.cache
|
|
key: |
|
|
${{ runner.os }}-docusaurus-${{ hashFiles('**/pnpm-lock.yaml') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-docusaurus-${{ hashFiles('**/pnpm-lock.yaml') }}
|
|
- name: Build API Docs via Docusaurus
|
|
working-directory: website
|
|
env:
|
|
NODE_ENV: production
|
|
run: pnpm run build:api
|
|
- uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v4
|
|
with:
|
|
name: api-docs
|
|
path: website/api/build
|
|
retention-days: 7
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
needs:
|
|
- lint
|
|
- build
|
|
steps:
|
|
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v5
|
|
- uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v5
|
|
with:
|
|
name: api-docs
|
|
path: website/api/build
|
|
- uses: ./.github/actions/setup-node
|
|
with:
|
|
working-directory: website
|
|
- name: Deploy Netlify (Production)
|
|
working-directory: website/api
|
|
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
|
env:
|
|
NETLIFY_SITE_ID: authentik-api-docs.netlify.app
|
|
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
|
|
run: npx netlify deploy --no-build --prod
|
|
- name: Deploy Netlify (Preview)
|
|
if: github.event_name == 'pull_request' || github.ref != 'refs/heads/main'
|
|
working-directory: website/api
|
|
env:
|
|
NETLIFY_SITE_ID: authentik-api-docs.netlify.app
|
|
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
|
|
run: |
|
|
if [ -n "${VAR}" ]; then
|
|
npx netlify deploy --no-build --alias=deploy-preview-${{ github.event.number }}
|
|
fi
|