Update deps #895

Workflow file for this run

	## Why do we specify bundler-cache: false?
	##
	## Ideally we should turn this on.
	## But this flag runs bundle install and cache, which does not suit our use case here.
	## See https://github.com/ruby/setup-ruby?tab=readme-ov-file#caching-bundle-install-automatically

	name: CI

	on:
	push:
	branches:
	- '*'
	- '!gh-pages'
	tags:
	- '*'
	pull_request:
	branches:
	- '*'
	- '!gh-pages'

	# https://docs.npmjs.com/trusted-publishers#step-2-configure-your-cicd-workflow
	permissions:
	id-token: write
	contents: read

	jobs:
	test:
	runs-on: macos-15
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- uses: ruby/setup-ruby@v1
	with:
	bundler-cache: true
	- run: node --version
	- run: npm --version
	- run: make ruby-audit
	- run: sudo xcode-select -s /Applications/Xcode_16.4.app/Contents/Developer
	- run: npm ci
	- run: npm ci
	working-directory: ./website
	- run: npm audit
	if: ${{ !cancelled() }}
	- run: npm audit
	working-directory: ./website
	if: ${{ !cancelled() }}
	- run: npm run check-tidy
	if: ${{ !cancelled() }}
	- run: npm run format
	if: ${{ !cancelled() }}
	- run: npm run lint
	if: ${{ !cancelled() }}
	- run: npm run typecheck
	if: ${{ !cancelled() }}
	- run: npm run test
	if: ${{ !cancelled() }}
	- run: npm run verify
	if: ${{ !cancelled() }}
	- run: npm run build
	if: ${{ !cancelled() }}
	- run: make docs
	if: ${{ !cancelled() }}

	publish:
	if: ${{ github.ref_type == 'tag' }}
	runs-on: macos-15
	needs: test
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- run: node --version
	- run: npm --version
	- run: npm ci
	- run: npm run build
	- run: ../../scripts/npm-publish.sh
	working-directory: ./packages/authgear-web/
	env:
	GITHUB_REF_NAME: ${{ github.ref_name }}
	- run: ../../scripts/npm-publish.sh
	working-directory: ./packages/authgear-react-native/
	env:
	GITHUB_REF_NAME: ${{ github.ref_name }}
	- run: ../../scripts/npm-publish.sh
	working-directory: ./packages/authgear-capacitor/
	env:
	GITHUB_REF_NAME: ${{ github.ref_name }}

	webapp-image:
	runs-on: ubuntu-24.04
	needs: test
	steps:
	- uses: actions/checkout@v4
	- run: make build-image
	- uses: docker/login-action@v3
	if: ${{ github.repository == 'authgear/authgear-sdk-js' && github.event_name == 'push' }}
	with:
	registry: quay.io
	username: ${{ secrets.QUAY_USERNAME }}
	password: ${{ secrets.QUAY_ROBOT_TOKEN }}
	- run: make push-image
	if: ${{ github.repository == 'authgear/authgear-sdk-js' && github.event_name == 'push' }}

	# react_native_ios cannot be built on simulator due to WeChat SDK

	test_react_native_android:
	# When we change the runner image, the available Android build tools versions will also change.
	# We need to update build.gradle too.
	# See https://github.com/actions/runner-images/blob/main/images/macos/macos-15-arm64-Readme.md
	runs-on: macos-15
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- run: make sdk-build
	- run: make react-native-npm-ci
	- run: make react-native-build-unsigned-aab

	test_capacitor_ios:
	runs-on: macos-15
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- uses: ruby/setup-ruby@v1
	with:
	bundler-cache: true
	- run: sudo xcode-select -s /Applications/Xcode_16.4.app/Contents/Developer
	- run: make sdk-build
	- run: make capacitor-npm-ci
	- run: make capacitor-build-js
	- run: make capacitor-build-ios-simulator

	test_capacitor_android:
	runs-on: macos-15
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- run: make sdk-build
	- run: make capacitor-npm-ci
	- run: make capacitor-build-js
	- run: make capacitor-build-unsigned-aab

	react_native_ios:
	if: ${{ github.repository == 'authgear/authgear-sdk-js' && github.event_name == 'push' }}
	needs: test
	# When we change the runner image, the ruby version will change too.
	# We need to update .tool-versions to make them the same.
	# See https://github.com/actions/runner-images/blob/main/images/macos/macos-15-arm64-Readme.md
	runs-on: macos-15
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- uses: ruby/setup-ruby@v1
	with:
	bundler-cache: true
	- run: sudo xcode-select -s /Applications/Xcode_16.4.app/Contents/Developer
	- run: make sdk-build
	- run: make react-native-npm-ci
	- run: make react-native-pod-install
	- uses: authgear/gh-actions-install-apple-certificate-and-provisioning-profile@v1
	with:
	certificate_base64: ${{ secrets.REACT_NATIVE_IOS_CERTIFICATE_BASE64 }}
	certificate_password: ${{ secrets.REACT_NATIVE_IOS_CERTIFICATE_PASSWORD }}
	provisioning_profile_base64: ${{ secrets.REACT_NATIVE_IOS_PROVISIONING_PROFILE_BASE64 }}
	- uses: authgear/gh-actions-create-fastlane-api-key-json-file@v1
	with:
	api_key_id: ${{ secrets.IOS_API_KEY_ID }}
	api_key_issuer: ${{ secrets.IOS_API_KEY_ISSUER }}
	api_key_base64: ${{ secrets.IOS_API_KEY_BASE64 }}
	output_path: ./build/fastlane-api-key.json
	- run: make react-native-build-ios-app
	- name: Upload to TestFlight
	if: ${{ github.ref == 'refs/heads/master' }}
	run: make react-native-upload-ios-app

	react_native_android:
	if: ${{ github.repository == 'authgear/authgear-sdk-js' && github.event_name == 'push' }}
	needs: test
	# When we change the runner image, the available Android build tools versions will also change.
	# We need to update build.gradle too.
	# See https://github.com/actions/runner-images/blob/main/images/macos/macos-15-arm64-Readme.md
	runs-on: macos-15
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- uses: ruby/setup-ruby@v1
	with:
	bundler-cache: true
	- run: make sdk-build
	- run: make react-native-npm-ci
	- name: Build aab
	env:
	STORE_BASE64: ${{ secrets.REACT_NATIVE_ANDROID_KEYSTORE_BASE64 }}
	STORE_PASSWORD: ${{ secrets.REACT_NATIVE_ANDROID_KEYSTORE_PASSWORD }}
	KEY_ALIAS: ${{ secrets.REACT_NATIVE_ANDROID_KEY_ALIAS }}
	KEY_PASSWORD: ${{ secrets.REACT_NATIVE_ANDROID_KEY_PASSWORD }}
	run: \|
	export STORE_FILE="$RUNNER_TEMP/upload_key.jks"
	echo -n "$STORE_BASE64" \| base64 --decode -o "$STORE_FILE"
	make react-native-build-aab
	- name: Upload aab
	if: ${{ github.ref == 'refs/heads/master' }}
	env:
	GOOGLE_SERVICE_ACCOUNT_KEY_JSON_BASE64: ${{ secrets.GOOGLE_SERVICE_ACCOUNT_KEY_JSON_BASE64 }}
	run: \|
	export GOOGLE_SERVICE_ACCOUNT_KEY_JSON_FILE="$RUNNER_TEMP/google_service_account_key.json"
	echo -n "$GOOGLE_SERVICE_ACCOUNT_KEY_JSON_BASE64" \| base64 --decode -o "$GOOGLE_SERVICE_ACCOUNT_KEY_JSON_FILE"
	make react-native-upload-aab

	capacitor_ios:
	if: ${{ github.repository == 'authgear/authgear-sdk-js' && github.event_name == 'push' }}
	needs: test
	runs-on: macos-15
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- uses: ruby/setup-ruby@v1
	with:
	bundler-cache: true
	- run: sudo xcode-select -s /Applications/Xcode_16.4.app/Contents/Developer
	- run: make sdk-build
	- run: make capacitor-npm-ci
	- run: make capacitor-npm-audit
	- run: make capacitor-build-js
	- uses: authgear/gh-actions-install-apple-certificate-and-provisioning-profile@v1
	with:
	certificate_base64: ${{ secrets.CAPACITOR_IOS_CERTIFICATE_BASE64 }}
	certificate_password: ${{ secrets.CAPACITOR_IOS_CERTIFICATE_PASSWORD }}
	provisioning_profile_base64: ${{ secrets.CAPACITOR_IOS_PROVISIONING_PROFILE_BASE64 }}
	- uses: authgear/gh-actions-create-fastlane-api-key-json-file@v1
	with:
	api_key_id: ${{ secrets.IOS_API_KEY_ID }}
	api_key_issuer: ${{ secrets.IOS_API_KEY_ISSUER }}
	api_key_base64: ${{ secrets.IOS_API_KEY_BASE64 }}
	output_path: ./build/fastlane-api-key.json
	- run: make capacitor-build-ios-app
	- name: Upload to TestFlight
	if: ${{ github.ref == 'refs/heads/master' }}
	run: make capacitor-upload-ios-app

	capacitor_android:
	if: ${{ github.repository == 'authgear/authgear-sdk-js' && github.event_name == 'push' }}
	needs: test
	runs-on: macos-15
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v6
	with:
	node-version-file: "./.tool-versions"
	- uses: ruby/setup-ruby@v1
	with:
	bundler-cache: true
	- run: make sdk-build
	- run: make capacitor-npm-ci
	- run: make capacitor-npm-audit
	- run: make capacitor-build-js
	- name: Build aab
	env:
	STORE_BASE64: ${{ secrets.CAPACITOR_ANDROID_KEYSTORE_BASE64 }}
	STORE_PASSWORD: ${{ secrets.CAPACITOR_ANDROID_KEYSTORE_PASSWORD }}
	KEY_ALIAS: ${{ secrets.CAPACITOR_ANDROID_KEY_ALIAS }}
	KEY_PASSWORD: ${{ secrets.CAPACITOR_ANDROID_KEY_PASSWORD }}
	run: \|
	export STORE_FILE="$RUNNER_TEMP/upload_key.jks"
	echo -n "$STORE_BASE64" \| base64 --decode -o "$STORE_FILE"
	make capacitor-build-aab
	- name: Upload aab
	if: ${{ github.ref == 'refs/heads/master' }}
	env:
	GOOGLE_SERVICE_ACCOUNT_KEY_JSON_BASE64: ${{ secrets.GOOGLE_SERVICE_ACCOUNT_KEY_JSON_BASE64 }}
	run: \|
	export GOOGLE_SERVICE_ACCOUNT_KEY_JSON_FILE="$RUNNER_TEMP/google_service_account_key.json"
	echo -n "$GOOGLE_SERVICE_ACCOUNT_KEY_JSON_BASE64" \| base64 --decode -o "$GOOGLE_SERVICE_ACCOUNT_KEY_JSON_FILE"
	make capacitor-upload-aab

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update deps #895

Workflow file

Update deps #895

Uh oh!

Workflow file for this run