Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use the shared npm publish workflow to deploy #36

Merged
merged 1 commit into from
Oct 17, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file removed .github/OSBotify-private-key.asc.gpg
Binary file not shown.
89 changes: 10 additions & 79 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
@@ -1,87 +1,18 @@
name: Publish package to npmjs

# This workflow runs when code is pushed to `main` (i.e: when a pull request is merged)
on:
push:
branches: [main]
push:
branches: [main]

# Ensure that only once instance of this workflow executes at a time.
# Ensure that only one instance of this workflow executes at a time.
# If multiple PRs are merged in quick succession, there will only ever be one publish workflow running and one pending.
concurrency: ${{ github.workflow }}

jobs:
version:
runs-on: ubuntu-latest

# OSBotify will update the version on `main`, so this check is important to prevent an infinite loop
if: ${{ github.actor != 'OSBotify' }}

steps:
- uses: actions/checkout@v3
with:
ref: main

- name: Decrypt & Import OSBotify GPG key
run: |
cd .github
gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" --output OSBotify-private-key.asc OSBotify-private-key.asc.gpg
gpg --import OSBotify-private-key.asc
env:
LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}

- name: Set up git for OSBotify
run: |
git config --global user.signingkey AEE1036472A782AB
git config --global commit.gpgsign true
git config --global user.name OSBotify
git config --global user.email infra+osbotify@expensify.com

- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
registry-url: 'https://registry.npmjs.org'

- name: Generate branch name
run: echo "BRANCH_NAME=OSBotify-bump-version-$(uuidgen)" >> $GITHUB_ENV

- name: Create branch for version-bump pull request
run: git checkout -b ${{ env.BRANCH_NAME }}

- name: Install npm packages
run: npm ci

- name: Update npm version
run: npm version patch

- name: Set new version in GitHub ENV
run: echo "NEW_VERSION=$(jq '.version' package.json)" >> $GITHUB_ENV

- name: Push branch and publish tags
run: git push --set-upstream origin ${{ env.BRANCH_NAME }} && git push --tags

- name: Create pull request
run: |
gh pr create \
--title "Update version to ${{ env.NEW_VERSION }}" \
--body "Update version to ${{ env.NEW_VERSION }}"
sleep 5
env:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}

- name: Auto-approve pull request
run: gh pr review --approve ${{ env.BRANCH_NAME }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Auto-merge pull request
run: gh pr merge --merge --delete-branch ${{ env.BRANCH_NAME }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Build package
run: npm run build

- name: Publish to npm
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
publish:
# os-botify[bot] will update the version on `main`, so this check is important to prevent an infinite loop
if: ${{ github.actor != 'os-botify[bot]' }}
uses: Expensify/GitHub-Actions/.github/workflows/npmPublish.yml@main
secrets: inherit
with:
should_run_build: true
3 changes: 0 additions & 3 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,3 @@ dist/

# NPM file created by GitHub actions
.npmrc

# Decrypted private key we do not want to commit
.github/OSBotify-private-key.asc
Loading