Build

Build #87415

Workflow file for this run

	name: Build

	on:
	push:
	branches:
	- main
	- next
	- maint/**

	pull_request:
	types:
	- opened
	- synchronize
	- reopened
	- ready_for_review

	merge_group:

	workflow_dispatch:
	inputs:
	dryRun:
	description: 'Dry-Run'
	default: 'true'
	required: false

	permissions:
	contents: read

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.number \|\| github.ref }}
	cancel-in-progress: true

	env:
	# are we on a release branch?
	DO_REALEASE: ${{ github.ref_name == github.event.repository.default_branch \|\| github.ref_name == 'next' \|\| startsWith(github.ref_name, 'maint/')}}
	NODE_VERSION: 24
	PDM_VERSION: 2.26.2 # renovate: datasource=pypi depName=pdm
	DRY_RUN: true
	TEST_LEGACY_DECRYPTION: true
	SPARSE_CHECKOUT: \|-
	.github/actions/
	data/
	patches/
	tools/
	package.json
	pnpm-lock.yaml

	jobs:
	setup:
	runs-on: ubuntu-latest

	outputs:
	os-matrix: ${{ steps.os-matrix.outputs.os-matrix }}
	os-matrix-is-full: ${{ steps.os-matrix-is-full.outputs.os-matrix-is-full }}
	os-matrix-prefetch: ${{ steps.os-matrix-prefetch.outputs.matrix }}
	test-shard-matrix: ${{ steps.schedule-test-shards.outputs.test-shard-matrix }}
	test-matrix-empty: ${{ steps.schedule-test-shards.outputs.test-matrix-empty }}

	steps:
	- name: Calculate `os-matrix-is-full` output
	id: os-matrix-is-full
	env:
	IS_FULL: >-
	${{
	(
	github.event_name != 'pull_request' \|\|
	contains(github.event.pull_request.labels.*.name, 'ci:fulltest')
	) && 'true' \|\| ''
	}}
	run: \|
	echo 'OS_MATRIX_IS_FULL=${{ env.IS_FULL }}' >> "$GITHUB_ENV"
	echo 'os-matrix-is-full=${{ env.IS_FULL }}' >> "$GITHUB_OUTPUT"

	- name: Calculate `os-matrix` output
	id: os-matrix
	env:
	OS_ALL: '["ubuntu-latest", "macos-latest", "windows-latest"]'
	OS_LINUX_ONLY: '["ubuntu-latest"]'
	run: \|
	echo 'os-matrix=${{
	env.OS_MATRIX_IS_FULL && env.OS_ALL \|\| env.OS_LINUX_ONLY
	}}' >> "$GITHUB_OUTPUT"

	- name: Detect changed files
	if: ${{ github.event_name == 'pull_request' }}
	id: changed-files
	env:
	GH_TOKEN: ${{ github.token }}
	GH_REPO: ${{ github.event.repository.full_name }}
	PR_URL: >-
	https://api.github.com/repos/{owner}/{repo}/compare/${{
	github.event.pull_request.base.sha
	}}...${{
	github.event.pull_request.head.sha
	}}
	JQ_FILTER: >-
	"changed-files=" + ([.files[].filename] \| tostring)
	run: gh api ${{ env.PR_URL }} \| jq -rc '${{ env.JQ_FILTER }}' >> "$GITHUB_OUTPUT"

	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	filter: blob:none # we don't need all blobs
	sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
	show-progress: false

	- name: Calculate matrix for `node_modules` prefetch
	uses: ./.github/actions/calculate-prefetch-matrix
	id: os-matrix-prefetch
	with:
	repo: ${{ github.event.repository.full_name }}
	token: ${{ github.token }}
	node-version: ${{ env.NODE_VERSION }}

	- name: Prefetch test modules for `ubuntu-latest`
	id: setup-node
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ env.NODE_VERSION }}
	os: ${{ runner.os }}
	save-cache: true

	- name: Schedule test shards
	id: schedule-test-shards
	env:
	ALL_PLATFORMS: ${{ env.OS_MATRIX_IS_FULL }}
	FILTER_SHARDS: ${{ github.event.pull_request.draft && 'true' \|\| '' }}
	CHANGED_FILES: ${{ steps.changed-files.outputs.changed-files }}
	run: \|
	echo "$(pnpm -s schedule-test-shards)" >> "$GITHUB_OUTPUT"

	setup-build:
	runs-on: ubuntu-latest

	outputs:
	node-version: ${{ steps.setup-outputs.outputs.node-version }}

	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	filter: blob:none # we don't need all blobs
	sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
	show-progress: false

	- name: Setup outputs
	id: setup-outputs
	run: \|
	echo "node-version=${{ env.NODE_VERSION }}" >> "$GITHUB_OUTPUT"

	- name: Prefetch build modules for `ubuntu-latest`
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ env.NODE_VERSION }}
	os: ${{ runner.os }}
	save-cache: true

	prefetch:
	needs: [setup]

	# We can't check `needs.setup.outputs.os-matrix-is-full` here,
	# as it will lead to further complications that aren't solvable
	# with current GitHub Actions feature set.
	#
	# Although this job sometimes may act as short-lived `no-op`,
	# it's actually the best option available.
	#
	# However, in draft mode we can skip this step.
	if: \|
	!(github.event.pull_request.draft == true &&
	needs.setup.outputs.test-matrix-empty == 'true')

	strategy:
	matrix:
	os: ${{ fromJSON(needs.setup.outputs.os-matrix-prefetch) }}

	runs-on: ${{ matrix.os }}

	timeout-minutes: 10

	steps:
	- name: Checkout code
	if: needs.setup.outputs.os-matrix-is-full && runner.os != 'Linux'
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	filter: blob:none # we don't need all blobs
	sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
	show-progress: false

	- name: Setup Node.js
	if: needs.setup.outputs.os-matrix-is-full && runner.os != 'Linux'
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ env.NODE_VERSION }}
	os: ${{ runner.os }}
	save-cache: true

	lint-eslint:
	needs:
	- setup-build
	runs-on: ubuntu-latest
	timeout-minutes: 15

	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Restore eslint cache
	uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
	with:
	path: .cache/eslint
	# we need to add the hash because eslint cache doesn't detect plugin changes
	key: eslint-cache-${{ hashFiles('pnpm-lock.yaml', 'package.json') }}
	restore-keys: eslint-cache-${{ hashFiles('pnpm-lock.yaml', 'package.json') }}-

	- name: Lint
	run: pnpm eslint-ci
	env:
	NODE_OPTIONS: --max-old-space-size=8192

	- name: Save eslint cache
	if: github.event_name == 'push'
	uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
	with:
	path: .cache/eslint
	key: eslint-cache-${{ hashFiles('pnpm-lock.yaml', 'package.json') }}-${{ github.run_id }}-${{ github.run_attempt }}

	lint-prettier:
	needs:
	- setup-build
	runs-on: ubuntu-latest
	timeout-minutes: 7

	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Restore prettier cache
	uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
	with:
	path: .cache/prettier
	# we need to add the hash because prettier cache doesn't detect plugin changes
	key: prettier-cache-${{ hashFiles('pnpm-lock.yaml', 'package.json') }}
	restore-keys: prettier-cache-${{ hashFiles('pnpm-lock.yaml', 'package.json') }}-

	- name: Lint
	run: \|
	pnpm prettier --write --cache-location .cache/prettier
	git diff --quiet \|\| {
	echo "[ERROR] Please apply the changes prettier suggests:"
	git diff --color=always
	exit 1
	}

	- name: Save prettier cache
	if: github.event_name == 'push'
	uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
	with:
	path: .cache/prettier
	key: prettier-cache-${{ hashFiles('pnpm-lock.yaml', 'package.json') }}-${{ github.run_id }}-${{ github.run_attempt }}

	lint-docs:
	needs:
	- setup-build
	runs-on: ubuntu-latest
	timeout-minutes: 7

	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Lint markdown
	run: pnpm markdown-lint

	- name: Generate JSON schema
	run: pnpm create-json-schema

	- name: Lint fenced code blocks
	run: pnpm doc-fence-check

	- name: Lint documentation
	run: pnpm lint-documentation

	- name: Markdown lint
	run: pnpm markdown-lint

	lint-other:
	needs:
	- setup-build
	runs-on: ubuntu-latest
	timeout-minutes: 7

	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Type check
	run: pnpm type-check

	- name: Lint project file structure
	run: pnpm ls-lint

	- name: Check git version
	run: pnpm git-check

	- name: Test schema
	run: pnpm test-schema

	- name: Lint other
	run: pnpm lint-other

	test:
	needs: [setup, prefetch]

	if: \|
	!(github.event.pull_request.draft == true &&
	needs.setup.outputs.test-matrix-empty == 'true')

	name: ${{ matrix.name }}

	runs-on: ${{ matrix.os }}
	timeout-minutes: ${{ matrix.runner-timeout-minutes }}

	permissions:
	id-token: write # required for codecov OIDC

	strategy:
	fail-fast: false
	matrix:
	include: ${{ fromJSON(needs.setup.outputs.test-shard-matrix) }}

	steps:
	- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ env.NODE_VERSION }}
	os: ${{ runner.os }}

	- name: Cache vitest
	uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
	with:
	path: .cache/vitest
	key: \|
	vitest-cache-${{
	runner.os
	}}-${{
	env.NODE_VERSION
	}}-${{
	hashFiles('pnpm-lock.yaml')
	}}-${{
	matrix.cache-key
	}}

	- name: Unit tests
	shell: bash
	run: \|
	for shard in ${{ matrix.shards }};
	do
	TEST_SHARD="$shard" pnpm vitest \
	--test-timeout ${{ matrix.test-timeout-milliseconds }} \
	--coverage ${{ matrix.coverage }}
	done

	- name: Codecov Test
	if: github.event_name != 'merge_group' && !cancelled()
	uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
	with:
	use_oidc: true
	report_type: test_results
	directory: ./coverage/shard
	# TODO: compute proper flags per job
	# flags: ${{ matrix.name }}
	verbose: true

	- name: Move coverage files
	if: success() && github.event.pull_request.draft != true && matrix.coverage
	run: \|
	mkdir -p ./coverage/lcov
	mkdir -p ./coverage/json
	for shard in ${{ matrix.shards }};
	do
	mv ./coverage/shard/$shard/lcov.info ./coverage/lcov/$shard.lcov
	mv ./coverage/shard/$shard/coverage-final.json ./coverage/json/$shard.json
	done

	- name: Save coverage artifacts
	if: success() && github.event.pull_request.draft != true && matrix.coverage
	uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
	with:
	name: ${{ matrix.upload-artifact-name }}
	path: \|
	./coverage/lcov
	./coverage/json

	codecov:
	needs: [test]
	runs-on: ubuntu-latest
	timeout-minutes: 3
	if: success() && github.event_name != 'merge_group' && github.event.pull_request.draft != true
	permissions:
	id-token: write # required for codecov OIDC

	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	filter: blob:none # we don't need all blobs
	show-progress: false

	- name: Download coverage reports
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
	with:
	pattern: coverage-*
	path: coverage
	merge-multiple: true

	- name: Codecov Coverage
	if: github.event_name != 'merge_group'
	uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
	with:
	use_oidc: true
	directory: coverage/lcov
	fail_ci_if_error: github.event_name != 'pull_request'
	verbose: true

	coverage-threshold:
	needs:
	- test
	- setup-build
	runs-on: ubuntu-latest
	timeout-minutes: 3
	if: success() && github.event.pull_request.draft != true
	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	filter: blob:none # we don't need all blobs
	sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Download coverage reports
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
	with:
	pattern: coverage-*
	path: coverage
	merge-multiple: true

	- name: Merge coverage reports
	run: pnpm nyc merge ./coverage/json ./coverage/nyc/coverage.json

	- name: Report coverage
	run: pnpm nyc report -t ./coverage/nyc --skip-full -r text -r text-summary

	- name: Check coverage threshold
	run: \|
	pnpm nyc check-coverage -t ./coverage/nyc \
	--branches 99.0 \
	--functions 99.79 \
	--lines 99.02 \
	--statements 99.03

	# Catch-all required check for test matrix and coverage
	test-success:
	needs:
	- setup
	- test
	- codecov
	- coverage-threshold
	runs-on: ubuntu-latest
	timeout-minutes: 1
	if: always()
	steps:
	- name: Fail for failed or cancelled tests
	if: \|
	needs.test.result == 'failure' \|\|
	needs.test.result == 'cancelled'
	run: exit 1

	- name: Fail for skipped tests when PR is ready for review
	if: \|
	github.event_name == 'pull_request' &&
	github.event.pull_request.draft != true &&
	needs.test.result == 'skipped'
	run: exit 1

	- name: Fail for failed or cancelled codecov
	if: \|
	needs.codecov.result == 'failure' \|\|
	needs.codecov.result == 'cancelled'
	run: exit 1

	- name: Fail for skipped codecov when PR is ready for review
	if: \|
	github.event_name == 'pull_request' &&
	github.event.pull_request.draft != true &&
	needs.codecov.result == 'skipped'
	run: exit 1

	- name: Fail for failed or cancelled coverage-threshold
	if: \|
	needs.coverage-threshold.result == 'failure' \|\|
	needs.coverage-threshold.result == 'cancelled'
	run: exit 1

	- name: Fail for skipped coverage-threshold when PR is ready for review
	if: \|
	github.event_name == 'pull_request' &&
	github.event.pull_request.draft != true &&
	needs.coverage-threshold.result == 'skipped'
	run: exit 1

	build:
	needs:
	- setup-build
	runs-on: ubuntu-latest
	timeout-minutes: 15
	if: github.event.pull_request.draft != true
	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Build
	run: pnpm build

	- name: Upload dist
	uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
	with:
	name: renovate-dist
	path: dist/

	build-docker:
	needs:
	- setup-build # we need the outputs
	- build
	runs-on: ubuntu-latest
	timeout-minutes: 15
	if: github.event_name != 'pull_request' \|\| contains(github.event.pull_request.labels.*.name, 'ci:fulltest')
	steps:
	- run: df -h

	# Ensure docker is using /mnt/docker for data storage on x86_64 runners to avoid disk space issues
	- name: Prepare docker
	run: \|
	echo '{"data-root": "/mnt/docker"}' \| sudo tee /etc/docker/daemon.json
	sudo systemctl restart docker
	docker info

	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Download dist
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
	with:
	name: renovate-dist
	path: dist/

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Build docker
	run: pnpm build:docker build --tries=3 --args '--load'
	env:
	LOG_LEVEL: debug

	- name: Test docker
	run: docker run -e LOG_LEVEL=debug --rm renovate/renovate --version

	- name: dry-run
	if: github.event_name == 'merge_group' \|\| github.event_name == 'workflow_dispatch' \|\| (github.event_name == 'push' && env.DO_REALEASE != 'true')
	run: docker run -e LOG_LEVEL=debug -e RENOVATE_TOKEN --rm renovate/renovate --dry-run=lookup ${{ github.repository }}
	env:
	RENOVATE_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- run: df -h

	build-docs:
	needs:
	- lint-docs
	- setup-build
	runs-on: ubuntu-latest
	timeout-minutes: 5
	if: github.event.pull_request.draft != true
	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Setup PDM
	uses: pdm-project/setup-pdm@94a823180e06fcde4ad29308721954a521c96ed0 # v4.4
	with:
	python-version-file: .python-version
	version: ${{ env.PDM_VERSION }}
	cache: true

	- name: Install pdm dependencies
	run: pdm install

	- name: Build
	run: pnpm build:docs
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SKIP_GITHUB_ISSUES: ${{ (github.event_name == 'pull_request' \|\| github.event_name == 'merge_group') && 'true' \|\| '' }}

	- name: Test docs
	run: pnpm test:docs

	- name: Upload
	uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
	with:
	name: docs
	path: tmp/docs/

	- name: Build mkdocs
	run: pnpm mkdocs build --no-build

	test-e2e:
	needs:
	- setup-build
	- build
	runs-on: 'ubuntu-latest'
	timeout-minutes: 7

	if: github.event.pull_request.draft != true

	steps:
	- name: Checkout code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	show-progress: false

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Download dist
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
	with:
	name: renovate-dist
	path: dist/

	- name: Pack
	run: pnpm test-e2e:pack

	- name: Install dependencies
	run: pnpm test-e2e:install

	- name: E2E Test
	run: pnpm test-e2e:run

	release:
	needs:
	- setup-build
	- build-docker
	- lint-eslint
	- lint-prettier
	- lint-docs
	- lint-other
	- test-e2e
	- test-success
	- build-docs
	- codecov
	- coverage-threshold

	if: github.repository == 'renovatebot/renovate' && github.event_name != 'pull_request'
	runs-on: ubuntu-latest
	timeout-minutes: 60
	permissions:
	contents: write
	issues: write
	pull-requests: write
	id-token: write
	packages: write

	steps:
	- run: df -h

	# Ensure docker is using /mnt/docker for data storage on x86_64 runners to avoid disk space issues
	- name: Prepare docker
	run: \|
	echo '{"data-root": "/mnt/docker"}' \| sudo tee /etc/docker/daemon.json
	sudo systemctl restart docker
	docker info

	- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	fetch-depth: 0 # zero stands for full checkout, which is required for semantic-release
	filter: blob:none # we don't need all blobs, only the full tree
	show-progress: false

	# To avoid disk space issues when performing a release, we can clear up some disk space ahead of time
	- name: Free Disk Space
	uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
	with:
	# we're likely already using some of the globally installed tools
	tool-cache: false
	# there are no images by default
	docker-images: false
	# but we're definitely not using these
	android: true
	dotnet: true
	haskell: true
	# and shouldn't be using swap storage
	swap-storage: true

	- run: df -h

	- name: docker-config
	uses: containerbase/internal-tools@ed77a56ba412aa05f6ab51c25972d017439f8e3b # v3.14.27
	with:
	command: docker-config

	- name: Setup Node.js
	uses: ./.github/actions/setup-node
	with:
	node-version: ${{ needs.setup-build.outputs.node-version }}
	os: ${{ runner.os }}

	- name: Install newer npm
	run: npm install -g npm

	- uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0

	- name: Docker registry login
	run: \|
	echo "${{ secrets.DOCKER_PASSWORD }}" \| docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
	echo "${{ secrets.GITHUB_TOKEN }}" \| docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin

	- name: Check dry run
	run: \|
	if [[ "${{github.event_name}}" == "workflow_dispatch" && "${{ github.event.inputs.dryRun }}" != "true" ]]; then
	echo "DRY_RUN=false" >> "$GITHUB_ENV"
	elif [[ "${{env.DO_REALEASE}}" == "true" ]]; then
	echo "DRY_RUN=false" >> "$GITHUB_ENV"
	fi

	- name: semantic-release
	run: \|
	pnpm semantic-release --dry-run ${{env.DRY_RUN}}
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	LOG_LEVEL: debug

	- run: df -h

	notify-release-failure:
	runs-on: ubuntu-latest
	if: ${{ always() && (github.repository == 'renovatebot/renovate' && github.ref_name == 'main' && github.event_name == 'push') && (needs.release.result == 'failure' \|\| needs.release.result == 'timed_out') }}
	needs:
	- release
	steps:
	- name: Post to Slack
	id: slack
	uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1
	with:
	webhook: ${{ secrets.RENOVATEBOT_SLACK_WEBHOOK_MAIN_FAILURES }}
	webhook-type: incoming-webhook
	payload: \|
	text: "Release from `main` failed:\nAction Run: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}\nCommit: ${{ github.event.head_commit.url }}"
	blocks:
	- type: "section"
	text:
	type: "mrkdwn"
	text: "Release from `main` failed:\nAction Run: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}\nCommit: ${{ github.event.head_commit.url }}"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Build #87415

Workflow file

Build #87415

Uh oh!

Jobs

Run details

Workflow file for this run