Skip to content

Commit

Permalink
Merge pull request #814 from Expensify/andrew-shared-publish
Browse files Browse the repository at this point in the history
Use the shared npm publish workflow to deploy
  • Loading branch information
luacmartins authored Oct 17, 2024
2 parents ccfe361 + 8ab5d38 commit e51953c
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 70 deletions.
Binary file removed .github/OSBotify-private-key.asc.gpg
Binary file not shown.
75 changes: 8 additions & 67 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
@@ -1,77 +1,18 @@
name: Publish package to npmjs

# This workflow runs when code is pushed to `main` (i.e: when a pull request is merged)
on:
push:
branches: [main]

# Ensure that only once instance of this workflow executes at a time.
# Ensure that only one instance of this workflow executes at a time.
# If multiple PRs are merged in quick succession, there will only ever be one publish workflow running and one pending.
concurrency: ${{ github.workflow }}

jobs:
version:
runs-on: ubuntu-latest

# OSBotify will update the version on `main`, so this check is important to prevent an infinite loop
if: ${{ github.actor != 'OSBotify' }}

steps:
- uses: actions/checkout@v4
with:
ref: main
# The OS_BOTIFY_COMMIT_TOKEN is a personal access token tied to osbotify, which allows him to push to protected branches
token: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }}

- name: Decrypt & Import OSBotify GPG key
run: |
cd .github
gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" --output OSBotify-private-key.asc OSBotify-private-key.asc.gpg
gpg --import OSBotify-private-key.asc
env:
LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}

- name: Set up git for OSBotify
run: |
git config --global user.signingkey AEE1036472A782AB
git config --global commit.gpgsign true
git config --global user.name OSBotify
git config --global user.email [email protected]
- uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
registry-url: 'https://registry.npmjs.org'

- name: Install npm packages
run: npm ci

- name: Update npm version
run: npm version patch

- name: Set new version in GitHub ENV
run: echo "NEW_VERSION=$(jq '.version' package.json)" >> $GITHUB_ENV

- name: Push branch and publish tags
run: git push origin main && git push --tags

- name: Build package
run: npm run build

- name: Publish to npm
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

- name: Get merged pull request
id: getMergedPullRequest
run: |
read -r number < <(gh pr list --search ${{ github.sha }} --state merged --json 'number' | jq -r '.[0] | [.number] | join(" ")')
echo "number=$number" >> "$GITHUB_OUTPUT"
env:
GITHUB_TOKEN: ${{ github.token }}

- name: Comment on merged pull request
run: gh pr comment ${{ steps.getMergedPullRequest.outputs.number }} --body "🚀Published to npm in v${{ env.NEW_VERSION }}"
env:
GITHUB_TOKEN: ${{ github.token }}
publish:
# os-botify[bot] will update the version on `main`, so this check is important to prevent an infinite loop
if: ${{ github.actor != 'os-botify[bot]' }}
uses: Expensify/GitHub-Actions/.github/workflows/npmPublish.yml@main
secrets: inherit
with:
should_run_build: true
3 changes: 0 additions & 3 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,5 @@ package.json-e
*.swp
dist

# Decrypted private key we do not want to commit
.github/OSBotify-private-key.asc

# Published package
*.tgz

0 comments on commit e51953c

Please sign in to comment.