[ci] Add release automation scripts

[alloy]

Ported from https://github.com/facebook/relay/blob/main/.github/workflows/ci.yml

• For each main push, this will publish a prerelease package that follows the format 0.0.0-main-SHA
• For tag pushes it will publish a package that follows the name of the tag.

TODO:

• Set the NPM_TOKEN secret
• Test that both main and stable publishing works

[alloy]

First, if this is a push to the main branch, this will update the version in package.json to be a prerelease with the latest commit SHA.

[alloy]

And then finally the package gets published.

[alloy]

So the awkward bit is now the version in package.json in the repo; I think we should set that to 0.0.0.

• For the main prerelease versions this means only the published package contains the version stamped in, but it doesn't get saved to the repo.
• For the stable releases, we need to either push changes back to the repo, but seeing as the stable release publish task is triggered through a tag push it introduces a chicken and egg problem; i.e. you release should already include an updated version of the package.json for it to be accurately reflected in the tagged git tree.

Given this, I'm going to change things so that we don't update package.json for tags and instead assume the pusher to have already updated this.

[alloy]

But if this is a push to a tag, then check that the tag matches the value of the version in package.json.

[alloy]

@captbaritone Alright, done, left a few TODOs for you in the PR description.

[captbaritone]

Your reasoning looks sound! Let me try to setup the token before merging this.

[captbaritone]

I've configured the GitHub secret to work. I'll merge this now and we can see how it goes.

[captbaritone]

@alloy Looks like the publish failed. I'm not sure why. Output from the run:

Run npm publish ${TAG}
  npm publish ${TAG}
  shell: /usr/bin/bash -e {0}
  env:
    TAG: --tag=main
    NODE_AUTH_TOKEN: ***
npm notice 
npm notice 📦  eslint-plugin-relay@0.0.0-main-0fb398be0b8030770a8b6307d33f9fbbc8ae6ce9
npm notice === Tarball Contents === 
npm notice 1.1kB  LICENSE                                   
npm notice [2](https://github.com/relayjs/eslint-plugin-relay/actions/runs/6553289257/job/17798368302#step:6:2).2kB  README.md                                 
npm notice 2.8kB  eslint-plugin-relay.js                    
npm notice 889B   package.json                              
npm notice 4.7kB  src/rule-compat-uses-vars.js              
npm notice 817B   src/rule-function-required-argument.js    
npm notice 29.9kB src/rule-generated-flow-types.js          
npm notice [3](https://github.com/relayjs/eslint-plugin-relay/actions/runs/6553289257/job/17798368302#step:6:3)0.2kB src/rule-generated-typescript-types.js    
npm notice 5.2kB  src/rule-graphql-naming.js                
npm notice 1.9kB  src/rule-graphql-syntax.js                
npm notice 1.7kB  src/rule-hook-required-argument.js        
npm notice 6.[4](https://github.com/relayjs/eslint-plugin-relay/actions/runs/6553289257/job/17798368302#step:6:4)kB  src/rule-must-colocate-fragment-spreads.js
npm notice 781B   src/rule-no-future-added-value.js         
npm notice [5](https://github.com/relayjs/eslint-plugin-relay/actions/runs/6553289257/job/17798368302#step:6:5).7kB  src/rule-unused-fields.js                 
npm notice 3.5kB  src/utils.js                              
npm notice === Tarball Details === 
npm notice name:          eslint-plugin-relay                                                        
npm notice version:       0.0.0-main-0fb398be0b8030770a8b[6](https://github.com/relayjs/eslint-plugin-relay/actions/runs/6553289257/job/17798368302#step:6:6)30[7](https://github.com/relayjs/eslint-plugin-relay/actions/runs/6553289257/job/17798368302#step:6:8)d33f9fbbc8ae6ce9                        
npm notice filename:      eslint-plugin-relay-0.0.0-main-0fb398be0b8030770a8b6307d33f9fbbc8ae6ce9.tgz
npm notice package size:  15.7 kB                                                                    
npm notice unpacked size: 97.8 kB                                                                    
npm notice shasum:        3dd69e522d8f5ebea303f82aea3efbf2dd383e20                                   
npm notice integrity:     sha512-GmW3fTKc0s7zR[...]eS/xrwNw3GFtg==                                   
npm notice total files:   15                                                                         
npm notice 
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in to https://registry.npmjs.org/
npm ERR! need auth You need to authorize this machine using `npm adduser`

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/runner/.npm/_logs/2023-10-17T22_00_2[9](https://github.com/relayjs/eslint-plugin-relay/actions/runs/6553289257/job/17798368302#step:6:10)_[12](https://github.com/relayjs/eslint-plugin-relay/actions/runs/6553289257/job/17798368302#step:6:13)7Z-debug-0.log
Error: Process completed with exit code 1.

You can see that it did see a (redacted) NODE_AUTH_TOKEN value in the environment, which indicated that I have configured the secret NPM_TOKEN value.

Any ideas?

[gajus]

Any updates on this?

[gajus]

The reason you are getting this error is because you are using auth token that requires two factor auth. When creating tokens, there is an explicit option to create a token for automations that does not have that restriction.

[gajus]

Oh and you need to use the legacy version of the token.

[gajus]

https://docs.npmjs.com/about-access-tokens#about-legacy-tokens

[captbaritone]

Thanks for the suggestions @gajus I had tried both of those. Looks like this was the missing piece: #146