Registry Compiler #440
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Registry Compiler | |
| on: | |
| schedule: | |
| # Runs every 50 minutes to comfortably beat the 60-minute expiration | |
| - cron: '*/50 * * * *' | |
| # Allows manual triggers from the GitHub Actions tab | |
| workflow_dispatch: | |
| # Runs whenever issuer or revocation data changes on the default branch | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'registry/issuers/**.json' | |
| - 'registry/revocations.json' | |
| permissions: | |
| contents: write | |
| env: | |
| FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true | |
| jobs: | |
| compile: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22' | |
| - name: Build SDK Dependency | |
| working-directory: ./sdk/typescript | |
| run: | | |
| npm ci | |
| npm run build | |
| - name: Install CLI Dependencies | |
| working-directory: ./cli | |
| run: npm ci | |
| - name: Compile Master Manifest | |
| working-directory: ./cli | |
| env: | |
| SIGNING_KEY: ${{ secrets.ROOT_PRIVATE_KEY }} | |
| run: | | |
| if [ -z "$SIGNING_KEY" ]; then | |
| echo "Error: ROOT_PRIVATE_KEY secret is not set!" | |
| exit 1 | |
| fi | |
| echo "$SIGNING_KEY" > /tmp/root-private-key.txt | |
| npm run start -- compile --private-key /tmp/root-private-key.txt | |
| rm -f /tmp/root-private-key.txt | |
| - name: Commit and Push Updated Manifest | |
| uses: stefanzweifel/git-auto-commit-action@v5 | |
| with: | |
| commit_message: "chore: auto-compile latest manifest.json [skip ci]" | |
| file_pattern: "registry/manifest.json registry/revocations.json" |