diff --git a/.github/workflows/changeset-pr.yml b/.github/workflows/changeset-pr.yml new file mode 100644 index 0000000000..65983bf856 --- /dev/null +++ b/.github/workflows/changeset-pr.yml @@ -0,0 +1,102 @@ +name: ๐Ÿฆ‹ Changeset PR + +on: + push: + branches: + - main + paths: + - "packages/**" + - ".changeset/**" + - "package.json" + - "pnpm-lock.yaml" + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + release-pr: + name: Create Release PR + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + if: github.repository == 'triggerdotdev/trigger.dev' + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + + - name: Setup node + uses: buildjet/setup-node@v4 + with: + node-version: 20.19.0 + cache: "pnpm" + + - name: Install dependencies + run: pnpm install --frozen-lockfile + + - name: Create release PR + id: changesets + uses: changesets/action@v1 + with: + version: pnpm run changeset:version + commit: "chore: release" + title: "chore: release" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Update PR title with version + if: steps.changesets.outputs.published != 'true' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + PR_NUMBER=$(gh pr list --head changeset-release/main --json number --jq '.[0].number') + if [ -n "$PR_NUMBER" ]; then + git fetch origin changeset-release/main + # we arbitrarily reference the version of the cli package here; it is the same for all package releases + VERSION=$(git show origin/changeset-release/main:packages/cli-v3/package.json | jq -r '.version') + gh pr edit "$PR_NUMBER" --title "chore: release v$VERSION" + fi + + update-lockfile: + name: Update lockfile on release PR + runs-on: ubuntu-latest + needs: release-pr + permissions: + contents: write + steps: + - name: Checkout release branch + uses: actions/checkout@v4 + with: + ref: changeset-release/main + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + version: 10.23.0 + + - name: Setup node + uses: buildjet/setup-node@v4 + with: + node-version: 20.19.0 + + - name: Install and update lockfile + run: pnpm install --no-frozen-lockfile + + - name: Commit and push lockfile + run: | + set -e + if git diff --quiet pnpm-lock.yaml; then + echo "No lockfile changes" + else + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + git add pnpm-lock.yaml + git commit -m "chore: update lockfile for release" + git push origin changeset-release/main + fi diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 00c78509dc..31c984af57 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,14 +1,10 @@ -name: ๐Ÿฆ‹ Changesets Release +name: ๐Ÿš€ Release npm packages on: - push: + pull_request: + types: [closed] branches: - main - paths-ignore: - - "docs/**" - - "**.md" - - ".github/CODEOWNERS" - - ".github/ISSUE_TEMPLATE/**" workflow_dispatch: inputs: ref: @@ -19,22 +15,26 @@ on: description: "The npm dist-tag for the prerelease (e.g., 'v4-prerelease')" required: true type: string - default: "v4-prerelease" + default: "prerelease" concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true + group: ${{ github.workflow }} + cancel-in-progress: false jobs: release: name: ๐Ÿฆ‹ Changesets Release runs-on: ubuntu-latest + environment: npm-publish permissions: - contents: write + contents: read packages: write - pull-requests: write id-token: write - if: github.repository == 'triggerdotdev/trigger.dev' && github.event_name != 'workflow_dispatch' + if: | + github.repository == 'triggerdotdev/trigger.dev' && + github.event_name != 'workflow_dispatch' && + github.event.pull_request.merged == true && + startsWith(github.event.pull_request.head.ref, 'changeset-release/') outputs: published: ${{ steps.changesets.outputs.published }} published_packages: ${{ steps.changesets.outputs.publishedPackages }} @@ -56,10 +56,10 @@ jobs: node-version: 20.19.0 cache: "pnpm" - - name: Download deps + - name: Install dependencies run: pnpm install --frozen-lockfile - - name: Generate Prisma Client + - name: Generate Prisma client run: pnpm run generate - name: Build @@ -68,25 +68,16 @@ jobs: - name: Type check run: pnpm run typecheck --filter "@trigger.dev/*" --filter "trigger.dev" - # This action has two responsibilities. The first time the workflow runs - # (initial push to the `main` branch) it will create a new branch and - # then open a PR with the related changes for the new version. After the - # PR is merged, the workflow will run again and this action will build + - # publish to npm. - name: Publish - if: ${{ !env.ACT }} id: changesets uses: changesets/action@v1 with: - version: pnpm run changeset:version - commit: "chore: release packages" - title: "chore: release packages" publish: pnpm run changeset:release createGithubReleases: true env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Get package version + - name: Show package version if: steps.changesets.outputs.published == 'true' id: get_version run: | @@ -94,73 +85,18 @@ jobs: echo "package_version=${package_version}" >> "$GITHUB_OUTPUT" # this triggers the publish workflow for the docker images - - name: Create and push docker tag + - name: Create and push Docker tag if: steps.changesets.outputs.published == 'true' run: | set -e git tag "v.docker.${{ steps.get_version.outputs.package_version }}" git push origin "v.docker.${{ steps.get_version.outputs.package_version }}" - - name: Update PR title with version - if: steps.changesets.outputs.published != 'true' - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - PR_NUMBER=$(gh pr list --head changeset-release/main --json number --jq '.[0].number') - if [ -n "$PR_NUMBER" ]; then - git fetch origin changeset-release/main - # we arbitrarily reference the version of the cli package here; it is the same for all package releases - VERSION=$(git show origin/changeset-release/main:packages/cli-v3/package.json | jq -r '.version') - gh pr edit "$PR_NUMBER" --title "chore: release v$VERSION" - fi - - update-lockfile: - name: Update lockfile on release PR - runs-on: ubuntu-latest - needs: release - if: needs.release.outputs.published != 'true' - permissions: - contents: write - steps: - - name: Checkout release branch - uses: actions/checkout@v4 - with: - ref: changeset-release/main - - - name: Setup pnpm - uses: pnpm/action-setup@v4 - with: - version: 10.23.0 - - - name: Setup node - uses: buildjet/setup-node@v4 - with: - node-version: 20.19.0 - - # npm v11.5.1 or newer is required for OIDC support - # https://github.blog/changelog/2025-07-31-npm-trusted-publishing-with-oidc-is-generally-available/#whats-new - - name: Setup npm 11.x for OIDC - run: npm install -g npm@11.6.4 - - - name: Install and update lockfile - run: pnpm install --no-frozen-lockfile - - - name: Commit and push lockfile - run: | - set -e - if git diff --quiet pnpm-lock.yaml; then - echo "No lockfile changes" - else - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - git add pnpm-lock.yaml - git commit -m "chore: update lockfile for release" - git push origin changeset-release/main - fi - + # The prerelease job needs to be on the same workflow file due to a limitation related to how npm verifies OIDC claims. prerelease: - name: ๐Ÿš€ Prerelease + name: ๐Ÿงช Prerelease runs-on: ubuntu-latest + environment: npm-publish permissions: contents: read id-token: write