Suggestion: auto-land and auto-release NCU Pull Requests #446
Comments
|
@mmarchini I definitely agree that there's a bit of a bystander effect going on with who has authority to merge things, but i'm not 100% sure that automatic merges are the right solution here for a few reasons:
What do you think of perhaps adding CODEOWNERS? I think that might make ownership areas a bit more straightforward 🤔 For the latter suggestion, I think weekly releases would be my personal preference but i'd also be ok with daily if that's the consensus from others!
|
|
CODEOWNERS doesn't solve the issue of who can land PRs (the access tab is a mix of individually granted permissions and teams, and it's not clear which team should be pinged to land things here), only who has context to review PRs. It's a great feature to add to the repository, but it wouldn't solve the lingering already-approved PRs issue. The scope and user base of this project is limited enough that I think daily releases wouldn't be harmful, and fixes would get out faster without needing for a person to start it (unless there's a critical issue which needs to be released right away). I think getting improvements out for collaborators faster would benefit the project. But I wouldn't mind weekly releases either if that's what folks prefer. The flaky CI is definitely an issue, although if it is a small subset of tests that fail infrequently maybe an automerge would at least offload some PRs? Thanks for sharing Continuous Auth! I'll definitely take a look. |
|
I've seen that Electron uses Semantic Release for a few of their modules and it seems pretty handy in terms of auto releasing as new features land. Potentially something to consider? https://github.com/semantic-release/semantic-release |
|
As a start we could add https://github.com/googleapis/release-please or https://github.com/semantic-release/semantic-release to just create the changelog and release commit automatically (not sure how semantic-release works, release-please will open a PR and will update it every time a commit lands until someone merges it, which is good if we'll publish to npm manually for now). Both follow https://www.conventionalcommits.org/en/v1.0.0/ afaik. |
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: nodejs#446
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: nodejs#446
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: nodejs#446
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: #446
|
Was looking at this again after #488 landed. wombat needs to run on GCP, so we would need donated credits to use it on the Node.js org. CFA doesn't work with Actions yet, which is a blocker for us (I don't think requiring Slack is a problem, we could probably use the Foundation Slack). I'm not aware of any other options. While CFA looks more promising, I'm not sure how it fares on multiple projects with multiple users (assuming we want to enable it to any Node.js project). Would it be possible for a subset of folks to be allowed to release |
|
@nodejs/node-core-utils would you be willing to try https://github.com/mmarchini-oss/npm-otp-publish to autopublish when we merge release-please PRs (since I didn't add a README yet, see https://twitter.com/mmarkini/status/1299202760911405060?s=20 for a summary of how it works)? I'm still working on it, but it should be usable as it is today. |
|
This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made. |
|
@mmarchini also worth noting there's now npm automation tokens. Not sure if they'll be a good solution for the specific use case (I wouldn't be surprised if they're not - there's still work going into them to make them more broadly usable), but worth a mention at the very least. |
|
I think @targos set up token in this repo? |
|
What token? I don't remember |
|
Ah, I did not setup the token yet. I don't have access to the bot's npm account. |
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: nodejs/node-core-utils#446
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: nodejs/node-core-utils#446
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: nodejs/node-core-utils#446
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: nodejs/node-core-utils#446
`release-please` will bump the package version and generate changelogs based on conventionalcommit. It does so by opening a PR every time a commit lands, and it updates that PR for each subsequent commit. Publishing to npm is still done manually. Ref: nodejs/node-core-utils#446
Looking at our Pull Requests list, seems like we have six pull requests ready to land (with approvals), but I don't think it's clear who is allowed to land PRs in this repository. Similarly, sometimes commits will sit on master for a while until someone has time to publish a new version on npm. My suggestions:
We would need to identify semverness of PRs somehow, either via labels or using https://www.conventionalcommits.org/en/v1.0.0/. Looking at our logs, we're already not strictly following Node.js core commit guidelines and we have mixed Node.js and conventional commit messages.
As for npm releases, it might be tricky because we require 2FA. If anyone worked with 2FA and automated npm releases before, I'd be happy to see solutions :)
The text was updated successfully, but these errors were encountered: