-
Notifications
You must be signed in to change notification settings - Fork 136
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #814 from Expensify/andrew-shared-publish
Use the shared npm publish workflow to deploy
- Loading branch information
Showing
3 changed files
with
8 additions
and
70 deletions.
There are no files selected for viewing
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,77 +1,18 @@ | ||
name: Publish package to npmjs | ||
|
||
# This workflow runs when code is pushed to `main` (i.e: when a pull request is merged) | ||
on: | ||
push: | ||
branches: [main] | ||
|
||
# Ensure that only once instance of this workflow executes at a time. | ||
# Ensure that only one instance of this workflow executes at a time. | ||
# If multiple PRs are merged in quick succession, there will only ever be one publish workflow running and one pending. | ||
concurrency: ${{ github.workflow }} | ||
|
||
jobs: | ||
version: | ||
runs-on: ubuntu-latest | ||
|
||
# OSBotify will update the version on `main`, so this check is important to prevent an infinite loop | ||
if: ${{ github.actor != 'OSBotify' }} | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
ref: main | ||
# The OS_BOTIFY_COMMIT_TOKEN is a personal access token tied to osbotify, which allows him to push to protected branches | ||
token: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }} | ||
|
||
- name: Decrypt & Import OSBotify GPG key | ||
run: | | ||
cd .github | ||
gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" --output OSBotify-private-key.asc OSBotify-private-key.asc.gpg | ||
gpg --import OSBotify-private-key.asc | ||
env: | ||
LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} | ||
|
||
- name: Set up git for OSBotify | ||
run: | | ||
git config --global user.signingkey AEE1036472A782AB | ||
git config --global commit.gpgsign true | ||
git config --global user.name OSBotify | ||
git config --global user.email [email protected] | ||
- uses: actions/setup-node@v4 | ||
with: | ||
node-version-file: '.nvmrc' | ||
registry-url: 'https://registry.npmjs.org' | ||
|
||
- name: Install npm packages | ||
run: npm ci | ||
|
||
- name: Update npm version | ||
run: npm version patch | ||
|
||
- name: Set new version in GitHub ENV | ||
run: echo "NEW_VERSION=$(jq '.version' package.json)" >> $GITHUB_ENV | ||
|
||
- name: Push branch and publish tags | ||
run: git push origin main && git push --tags | ||
|
||
- name: Build package | ||
run: npm run build | ||
|
||
- name: Publish to npm | ||
run: npm publish | ||
env: | ||
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
|
||
- name: Get merged pull request | ||
id: getMergedPullRequest | ||
run: | | ||
read -r number < <(gh pr list --search ${{ github.sha }} --state merged --json 'number' | jq -r '.[0] | [.number] | join(" ")') | ||
echo "number=$number" >> "$GITHUB_OUTPUT" | ||
env: | ||
GITHUB_TOKEN: ${{ github.token }} | ||
|
||
- name: Comment on merged pull request | ||
run: gh pr comment ${{ steps.getMergedPullRequest.outputs.number }} --body "🚀Published to npm in v${{ env.NEW_VERSION }}" | ||
env: | ||
GITHUB_TOKEN: ${{ github.token }} | ||
publish: | ||
# os-botify[bot] will update the version on `main`, so this check is important to prevent an infinite loop | ||
if: ${{ github.actor != 'os-botify[bot]' }} | ||
uses: Expensify/GitHub-Actions/.github/workflows/npmPublish.yml@main | ||
secrets: inherit | ||
with: | ||
should_run_build: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters