docs: up readme #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - master | |
| workflow_dispatch: | |
| concurrency: ${{ github.workflow }}-${{ github.ref }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| release: | |
| name: Version or publish packages | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| registry-url: https://registry.npmjs.org | |
| - name: Setup pnpm | |
| run: | | |
| corepack enable | |
| corepack prepare pnpm@8.15.9 --activate | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Detect pending changesets | |
| id: pending-changesets | |
| run: | | |
| if find .changeset -maxdepth 1 -type f -name '*.md' ! -name 'README.md' | grep -q .; then | |
| echo "found=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "found=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Audit release plan | |
| if: steps.pending-changesets.outputs.found == 'true' | |
| run: pnpm -w run release:audit | |
| - name: Run release verification before version PR | |
| if: steps.pending-changesets.outputs.found == 'true' | |
| run: pnpm -w run test:release | |
| - name: Configure npm token | |
| run: | | |
| set -euo pipefail | |
| if [ -z "${NPM_TOKEN:-}" ]; then | |
| echo "NPM_TOKEN is not available to this workflow. Check repository/org secret name and repository access." >&2 | |
| exit 1 | |
| fi | |
| echo "NPM_TOKEN length: ${#NPM_TOKEN}" | |
| printf '%s' "$NPM_TOKEN" | sha256sum | cut -c1-12 | sed 's/^/NPM_TOKEN sha256: /' | |
| echo "npm userconfig: $(npm config get userconfig)" | |
| npm whoami --registry https://registry.npmjs.org/ | |
| env: | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: Create version PR or publish packages | |
| id: changesets | |
| uses: changesets/action@v1 | |
| with: | |
| version: pnpm -w run changeset:version | |
| publish: pnpm -w run changeset:publish | |
| commit: 'release: version packages' | |
| title: 'release: version packages' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: Create repository release baseline tag | |
| if: steps.changesets.outputs.published == 'true' | |
| env: | |
| PUBLISHED_PACKAGES: ${{ steps.changesets.outputs.publishedPackages }} | |
| run: | | |
| set -euo pipefail | |
| tag="$(node ./scripts/resolve-release-baseline-tag.mjs)" | |
| if [ -z "$tag" ]; then | |
| echo "No published package versions were reported; skipping repository baseline tag." | |
| exit 0 | |
| fi | |
| git fetch --tags --force | |
| if git rev-parse "$tag" >/dev/null 2>&1; then | |
| echo "Tag $tag already exists; skipping." | |
| exit 0 | |
| fi | |
| git tag "$tag" | |
| git push origin "$tag" |