From 3e2dd0bd38a1bf4419b9e2f7660d98fe9b7d27a1 Mon Sep 17 00:00:00 2001 From: Peter Wagner Date: Wed, 11 Dec 2024 11:29:44 -0500 Subject: [PATCH 1/4] js-release-changeset.yml --- .github/workflows/js-release-changeset.yml | 87 ++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 .github/workflows/js-release-changeset.yml diff --git a/.github/workflows/js-release-changeset.yml b/.github/workflows/js-release-changeset.yml new file mode 100644 index 0000000..658e325 --- /dev/null +++ b/.github/workflows/js-release-changeset.yml @@ -0,0 +1,87 @@ +name: Release + +on: + workflow_call: + inputs: + node-version: + description: 'Node.js version to use' + type: string + default: '20' + package-manager: + description: 'Package manager to use (npm or yarn)' + type: choice + options: + - npm + - yarn + - pnpm + default: 'npm' + release-command: + description: 'Command to run for release' + type: string + default: 'npm run release' + secrets: + NPM_TOKEN: + description: 'NPM token for publishing' + required: true + +permissions: + # changesets + contents: write + pull-requests: write + + # for provenance (NPM or attest-build-provenance) + id-token: write + + # for attest-build-provenance + attestations: write + +jobs: + release: + name: Release + runs-on: ubuntu-latest + steps: + # Setup: get the code and dependencies: + - name: 📥 Checkout Repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: 🏗️ Setup Node.js Environment + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 + with: + node-version: ${{ inputs.node-version }} + cache: ${{ inputs.package-manager }} + - name: 🏗️ Install Project Dependencies + run: | + if [ "$PACKAGE_MANAGER" = "yarn" ]; then + yarn install + elif [ "$PACKAGE_MANAGER" = "pnpm" ]; then + pnpm install + else + npm install + fi + env: + PACKAGE_MANAGER: ${{ inputs.package-manager }} + + # Delegate publishing to the changesets action: + # This creates the tag, github release, and uploads the tarball with provenance to NPM. + - name: 🚀 Process Changesets and Publish + id: changesets + uses: changesets/action@c8bada60c408975afd1a20b3db81d6eee6789308 # v1.4.9 + with: + publish: ${{ inputs.release-command }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_CONFIG_PROVENANCE: true + + # Store the generated artifact on the GitHub release, with attested provenance + - name: 🔐 Generate Build Provenance + if: steps.changesets.outputs.published == 'true' + uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0 + with: + subject-path: "*.tgz" + - name: 📥 Upload to GitHub + if: steps.changesets.outputs.published == 'true' + run: | + VERSION=$(jq -r .version package.json) + gh release upload "v${VERSION}" "*.tgz" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 5efc8b56363749478d12faa0941f7860ded23d4d Mon Sep 17 00:00:00 2001 From: Peter Wagner Date: Wed, 11 Dec 2024 11:35:36 -0500 Subject: [PATCH 2/4] type: choice is only supported in action.yml --- .github/workflows/js-release-changeset.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/js-release-changeset.yml b/.github/workflows/js-release-changeset.yml index 658e325..32e204a 100644 --- a/.github/workflows/js-release-changeset.yml +++ b/.github/workflows/js-release-changeset.yml @@ -9,11 +9,7 @@ on: default: '20' package-manager: description: 'Package manager to use (npm or yarn)' - type: choice - options: - - npm - - yarn - - pnpm + type: string default: 'npm' release-command: description: 'Command to run for release' @@ -54,8 +50,11 @@ jobs: yarn install elif [ "$PACKAGE_MANAGER" = "pnpm" ]; then pnpm install - else + elif [ "$PACKAGE_MANAGER" = "npm" ]; then npm install + else + echo "Invalid package manager: $PACKAGE_MANAGER" + exit 1 fi env: PACKAGE_MANAGER: ${{ inputs.package-manager }} From 1e29bfc0ecabbb212a30f3d3a23f81792dda1908 Mon Sep 17 00:00:00 2001 From: Peter Wagner Date: Wed, 11 Dec 2024 11:41:55 -0500 Subject: [PATCH 3/4] do my own globbing, because `stat *.tgz: no such file or directory` --- .github/workflows/js-release-changeset.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/js-release-changeset.yml b/.github/workflows/js-release-changeset.yml index 32e204a..5b9f37f 100644 --- a/.github/workflows/js-release-changeset.yml +++ b/.github/workflows/js-release-changeset.yml @@ -81,6 +81,8 @@ jobs: if: steps.changesets.outputs.published == 'true' run: | VERSION=$(jq -r .version package.json) - gh release upload "v${VERSION}" "*.tgz" + for file in *.tgz; do + gh release upload "v${VERSION}" "$file" + done env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 2a4290c9a88743b68a610171cf4f5e21d1f98355 Mon Sep 17 00:00:00 2001 From: Peter Wagner Date: Wed, 11 Dec 2024 12:03:42 -0500 Subject: [PATCH 4/4] pnpm/action-setup before actions/setup-node --- .github/workflows/js-release-changeset.yml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/js-release-changeset.yml b/.github/workflows/js-release-changeset.yml index 5b9f37f..3b8ef3d 100644 --- a/.github/workflows/js-release-changeset.yml +++ b/.github/workflows/js-release-changeset.yml @@ -4,20 +4,20 @@ on: workflow_call: inputs: node-version: - description: 'Node.js version to use' + description: "Node.js version to use" type: string - default: '20' + default: "20" package-manager: - description: 'Package manager to use (npm or yarn)' + description: "Package manager to use (npm, pnpm, or yarn)" type: string - default: 'npm' + default: "npm" release-command: - description: 'Command to run for release' + description: "Command to run for release" type: string - default: 'npm run release' + default: "npm run release" secrets: NPM_TOKEN: - description: 'NPM token for publishing' + description: "NPM token for publishing" required: true permissions: @@ -39,6 +39,9 @@ jobs: # Setup: get the code and dependencies: - name: 📥 Checkout Repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: 🏗️ Setup PNPM + if: inputs.package-manager == 'pnpm' + uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 - name: 🏗️ Setup Node.js Environment uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: