-
Notifications
You must be signed in to change notification settings - Fork 6
122 lines (106 loc) · 3.44 KB
/
Copy pathpublish-packages.yml
File metadata and controls
122 lines (106 loc) · 3.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
name: Publish Pi Packages
on:
push:
branches: [main]
paths:
- "packages/pi-packages/pi-*/package.json"
- "packages/pi-packages/pi-*/src/**"
- "packages/pi-packages/pi-*/index.ts"
workflow_dispatch:
inputs:
package:
description: "Specific package to publish (e.g. pi-dcp), or blank for all changed"
required: false
type: string
dry-run:
description: "Dry run (don't actually publish)"
required: false
type: boolean
default: false
# OIDC for npm Trusted Publishing (no stored NPM_TOKEN needed)
permissions:
id-token: write
contents: read
jobs:
detect:
name: Detect changed packages
runs-on: ubuntu-latest
outputs:
packages: ${{ steps.detect.outputs.packages }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- id: detect
run: |
if [ -n "${{ inputs.package }}" ]; then
echo "packages=[\"${{ inputs.package }}\"]" >> "$GITHUB_OUTPUT"
exit 0
fi
# Find packages whose version changed since last commit
changed=()
for pkg_dir in packages/pi-packages/pi-*/; do
pkg=$(basename "$pkg_dir")
pkg_json="$pkg_dir/package.json"
[ -f "$pkg_json" ] || continue
if git diff --name-only HEAD~1 HEAD -- "$pkg_dir" | grep -qE '(package\.json|src/|index\.ts)'; then
old_ver=$(git show HEAD~1:"$pkg_json" 2>/dev/null | jq -r '.version // "0.0.0"')
new_ver=$(jq -r '.version' "$pkg_json")
if [ "$old_ver" != "$new_ver" ]; then
changed+=("$pkg")
fi
fi
done
if [ ${#changed[@]} -eq 0 ]; then
echo "packages=[]" >> "$GITHUB_OUTPUT"
else
json=$(printf '%s\n' "${changed[@]}" | jq -R . | jq -sc .)
echo "packages=$json" >> "$GITHUB_OUTPUT"
fi
- run: echo "Packages to publish:${{ steps.detect.outputs.packages }}"
quality-gate:
name: QA ${{ matrix.package }}
needs: detect
if: needs.detect.outputs.packages != '[]'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
package: ${{ fromJson(needs.detect.outputs.packages) }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: "22"
- name: Run package quality checks
run: ./bin/qa-changed --package "${{ matrix.package }}"
publish:
name: Publish ${{ matrix.package }}
needs: [detect, quality-gate]
if: needs.detect.outputs.packages != '[]'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
package: ${{ fromJson(needs.detect.outputs.packages) }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "22"
registry-url: "https://registry.npmjs.org"
- name: Install workspace dependencies
working-directory: packages/pi-packages
run: npm install --ignore-scripts
- name: Publish
working-directory: packages/pi-packages/${{ matrix.package }}
run: |
FLAGS=(--access public)
if [ "${{ inputs.dry-run }}" = "true" ]; then
FLAGS+=(--dry-run)
fi
npm publish "${FLAGS[@]}"
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}