Skip to content

Commit 09ff9b3

Browse files
chore: centralize NPM behaviors to a single shared workflow (#1604)
1 parent 3e8c644 commit 09ff9b3

File tree

7 files changed

+199
-115
lines changed

7 files changed

+199
-115
lines changed

.github/workflows/nightly.yml

Lines changed: 5 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -87,50 +87,10 @@ jobs:
8787
8888
deprecate-old-versions:
8989
name: Deprecate Unsupported Versions
90-
runs-on: ubuntu-latest
91-
steps:
92-
- name: Set up Node.js
93-
uses: actions/setup-node@v4
94-
with:
95-
node-version: 22.11.0 # See package.json for the stable node version that works with our testing. Do not change this unless you know what you are doing as some node versions do not play nicely with our testing server.
96-
- name: Authenticate with npm
97-
run: npm config set "//registry.npmjs.org/:_authToken" "${{ secrets.BROWSER_NPM_TOKEN }}"
98-
- name: Deprecate old versions
99-
shell: bash
100-
run: |
101-
# Get agent EoL table from NRQL
102-
response=$(curl -X POST https://api.newrelic.com/graphql \
103-
-H 'Content-Type: application/json' \
104-
-H 'API-Key: ${{ secrets.NR_API_KEY_PRODUCTION }}' \
105-
-d '{ "query": "{\n docs {\n agentReleases(agentName: BROWSER) {\n eolDate\n version\n }\n }\n}" }')
106-
eol_table=$(echo "$response" | jq -r '.data.docs.agentReleases | map({(.version): .eolDate}) | add') # this is a map of version string to EoL date in yyyy-mm-dd format
107-
echo "Fetched EoL table from NRDB."
108-
109-
# Fetch package metadata from npm registry
110-
package_name="@newrelic/browser-agent"
111-
metadata=$(curl -s "https://registry.npmjs.org/$package_name")
112-
echo "Fetched agent releases metadata from NPM."
113-
114-
# Parse versions and their publication dates
115-
today=$(date +%Y-%m-%d)
116-
versions=$(echo "$metadata" | jq -r '.versions | keys[]') # this list is pre-sorted from oldest to newest
117-
for version in $versions; do
118-
eol_date=$(echo "$eol_table" | jq -r --arg version "$version" '.[$version]')
119-
if [ "$eol_date" = "null" ]; then
120-
echo "No EoL date found for version $version. Skipping..."
121-
continue
122-
fi
123-
deprecation_message=$(echo "$metadata" | jq -r ".versions[\"$version\"].deprecated")
124-
if [[ "$eol_date" < "$today" || "$eol_date" == "$today" ]]; then
125-
if [ "$deprecation_message" = "null" ]; then
126-
echo "Deprecating version $version no longer supported as of $eol_date..."
127-
npm deprecate "$package_name@$version" "This version is no longer supported."
128-
else
129-
echo "Version $version is already deprecated."
130-
fi
131-
else
132-
break # rest of the ascending versions should be within their support window
133-
fi
134-
done
90+
uses: ./.github/workflows/npm-operations.yml
91+
with:
92+
operation: deprecate-old-versions
93+
secrets:
94+
NR_API_KEY_PRODUCTION: ${{ secrets.NR_API_KEY_PRODUCTION }}
13595

13696
# TODO: Need to add a job for cleaning up experiments to run nightly
Lines changed: 171 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,171 @@
1+
name: NPM Operations
2+
3+
permissions:
4+
# In order to create the git tag, we must have write permissions.
5+
contents: write
6+
# This is important. Trusted Publishing requires this for the OIDC exchange.
7+
id-token: write
8+
9+
on:
10+
# Triggered by other workflows for specific NPM operations
11+
workflow_call:
12+
inputs:
13+
operation:
14+
description: 'NPM operation to perform'
15+
required: true
16+
type: string
17+
# Valid values: publish-release, publish-prerelease, deprecate-old-versions
18+
preid:
19+
description: 'Prerelease identifier (e.g., rc, alpha, beta)'
20+
required: false
21+
type: string
22+
default: 'rc'
23+
version-override:
24+
description: 'Override version for prerelease operations'
25+
required: false
26+
type: string
27+
dry_run:
28+
description: 'Dry run mode for testing'
29+
required: false
30+
type: boolean
31+
default: false
32+
secrets:
33+
GITHUB_LOGIN:
34+
required: false
35+
GITHUB_EMAIL:
36+
required: false
37+
NR_API_KEY_PRODUCTION:
38+
required: false
39+
outputs:
40+
operation:
41+
description: 'The operation that was performed'
42+
value: ${{ jobs.npm-operations.outputs.operation }}
43+
success:
44+
description: 'Whether the operation was successful'
45+
value: ${{ jobs.npm-operations.outputs.success }}
46+
47+
# Manual trigger for testing/emergency operations
48+
workflow_dispatch:
49+
inputs:
50+
operation:
51+
description: 'NPM operation to perform'
52+
required: true
53+
type: choice
54+
options:
55+
- publish-release
56+
- publish-prerelease
57+
- deprecate-old-versions
58+
preid:
59+
description: 'Prerelease identifier (e.g., rc, alpha, beta)'
60+
required: false
61+
type: string
62+
default: 'rc'
63+
version-override:
64+
description: 'Override version for prerelease operations'
65+
required: false
66+
type: string
67+
dry_run:
68+
description: 'Dry run mode for testing'
69+
required: false
70+
type: boolean
71+
default: false
72+
73+
jobs:
74+
npm-operations:
75+
runs-on: ubuntu-latest
76+
timeout-minutes: 30
77+
defaults:
78+
run:
79+
shell: bash
80+
env:
81+
GITHUB_LOGIN: ${{ secrets.GITHUB_LOGIN || secrets.BROWSER_GITHUB_BOT_NAME }}
82+
GITHUB_EMAIL: ${{ secrets.GITHUB_EMAIL || secrets.BROWSER_GITHUB_BOT_EMAIL }}
83+
84+
steps:
85+
- uses: actions/checkout@v5
86+
87+
- uses: actions/setup-node@v5
88+
with:
89+
# Trusted Publishing requires `npm@11.5.1` or later. Compatible
90+
# versions of `npm` started shipping with Node.js v24.5.0.
91+
# If, for some odd reason, you need to use an earlier Node.js release,
92+
# you _must_ add another step subsequent to this one that performs:
93+
# `npm install -g npm@latest`.
94+
node-version: 24.x
95+
# This is important. The OIDC exchange requires that the registry
96+
# URL matches on both ends.
97+
registry-url: https://registry.npmjs.org
98+
99+
# Setup Git for prerelease operations
100+
- name: Set up git
101+
if: inputs.operation == 'publish-prerelease'
102+
run: |
103+
git config --global user.name "${GITHUB_LOGIN}"
104+
git config --global user.email "${GITHUB_EMAIL}"
105+
106+
# Install dependencies for publish operations
107+
- name: Install project dependencies
108+
if: inputs.operation == 'publish-release' || inputs.operation == 'publish-prerelease'
109+
run: npm ci
110+
111+
# Build NPM package for release
112+
- name: Build npm package
113+
if: inputs.operation == 'publish-release'
114+
run: npm run build:npm
115+
116+
# Publish release version
117+
- name: Publish npm package (release)
118+
if: inputs.operation == 'publish-release'
119+
run: npm publish
120+
121+
# Publish prerelease version
122+
- name: Publish prerelease version
123+
if: inputs.operation == 'publish-prerelease'
124+
uses: ./.github/actions/prerelease-npm-version
125+
with:
126+
version-override: ${{ inputs.version-override }}
127+
preid: ${{ inputs.preid }}
128+
dry_run: ${{ inputs.dry_run }}
129+
130+
# Deprecate old versions
131+
- name: Deprecate old versions
132+
if: inputs.operation == 'deprecate-old-versions'
133+
run: |
134+
# Get agent EoL table from NRQL
135+
response=$(curl -X POST https://api.newrelic.com/graphql \
136+
-H 'Content-Type: application/json' \
137+
-H 'API-Key: ${{ secrets.NR_API_KEY_PRODUCTION }}' \
138+
-d '{ "query": "{\n docs {\n agentReleases(agentName: BROWSER) {\n eolDate\n version\n }\n }\n}" }')
139+
eol_table=$(echo "$response" | jq -r '.data.docs.agentReleases | map({(.version): .eolDate}) | add')
140+
echo "Fetched EoL table from NRDB."
141+
142+
# Fetch package metadata from npm registry
143+
package_name="@newrelic/browser-agent"
144+
metadata=$(curl -s "https://registry.npmjs.org/$package_name")
145+
echo "Fetched agent releases metadata from NPM."
146+
147+
# Parse versions and their publication dates
148+
today=$(date +%Y-%m-%d)
149+
versions=$(echo "$metadata" | jq -r '.versions | keys[]')
150+
for version in $versions; do
151+
eol_date=$(echo "$eol_table" | jq -r --arg version "$version" '.[$version]')
152+
if [ "$eol_date" = "null" ]; then
153+
echo "No EoL date found for version $version. Skipping..."
154+
continue
155+
fi
156+
deprecation_message=$(echo "$metadata" | jq -r ".versions[\"$version\"].deprecated")
157+
if [[ "$eol_date" < "$today" || "$eol_date" == "$today" ]]; then
158+
if [ "$deprecation_message" = "null" ]; then
159+
echo "Deprecating version $version no longer supported as of $eol_date..."
160+
npm deprecate "$package_name@$version" "This version is no longer supported."
161+
else
162+
echo "Version $version is already deprecated."
163+
fi
164+
else
165+
break
166+
fi
167+
done
168+
169+
outputs:
170+
operation: ${{ inputs.operation }}
171+
success: ${{ job.status == 'success' }}

.github/workflows/prerelease-npm-version.yml

Lines changed: 7 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -23,30 +23,12 @@ on:
2323

2424
jobs:
2525
prerelease-npm-version:
26-
runs-on: ubuntu-latest
27-
outputs:
28-
version: ${{ steps.prerelease-npm-version.outputs.results }}
29-
env:
30-
NPM_TOKEN: ${{ secrets.BROWSER_NPM_TOKEN }}
26+
uses: ./.github/workflows/npm-operations.yml
27+
with:
28+
operation: publish-prerelease
29+
preid: ${{ github.event.inputs.preid }}
30+
version-override: ${{ github.event.inputs.version-override }}
31+
dry_run: ${{ github.event.inputs.dry_run == 'true' }}
32+
secrets:
3133
GITHUB_LOGIN: ${{ secrets.BROWSER_GITHUB_BOT_NAME }}
3234
GITHUB_EMAIL: ${{ secrets.BROWSER_GITHUB_BOT_EMAIL }}
33-
steps:
34-
- uses: actions/checkout@v4
35-
- uses: actions/setup-node@v4
36-
with:
37-
node-version: 22.11.0 # See package.json for the stable node version that works with our testing. Do not change this unless you know what you are doing as some node versions do not play nicely with our testing server.
38-
- name: Authenticate npm
39-
shell: bash
40-
run: |
41-
npm config set '//registry.npmjs.org/:_authToken' "${NPM_TOKEN}"
42-
- name: Set up git
43-
id: git-setup
44-
run: |
45-
git config --global user.name "${GITHUB_LOGIN}"
46-
git config --global user.email "${GITHUB_EMAIL}"
47-
- uses: ./.github/actions/prerelease-npm-version
48-
id: prerelease-npm-version
49-
with:
50-
version-override: ${{ github.event.inputs.version-override }}
51-
preid: ${{ github.event.inputs.preid }}
52-
dry_run: ${{ github.event.inputs.dry_run }}

.github/workflows/publish-release.yml

Lines changed: 9 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -222,29 +222,15 @@ jobs:
222222
# environment: stage
223223

224224
# Publish the agent to npmjs.org
225-
publish-npm:
226-
needs: [publish-prod-to-s3]
227-
runs-on: ubuntu-latest
228-
timeout-minutes: 30
229-
defaults:
230-
run:
231-
shell: bash
232-
env:
233-
NPM_TOKEN: ${{ secrets.BROWSER_NPM_TOKEN }}
234-
steps:
235-
- uses: actions/checkout@v4
236-
- uses: actions/setup-node@v4
237-
with:
238-
node-version: 22.11.0 # See package.json for the stable node version that works with our testing. Do not change this unless you know what you are doing as some node versions do not play nicely with our testing server.
239-
- name: Authenticate npm
240-
run: |
241-
npm config set '//registry.npmjs.org/:_authToken' "${NPM_TOKEN}"
242-
- name: Install project dependencies
243-
run: npm ci
244-
- name: Build npm package
245-
run: npm run build:npm
246-
- name: Publish npm package
247-
run: npm publish
225+
call-npm-operations:
226+
name: Call NPM Operations
227+
uses: ./.github/workflows/npm-operations.yml
228+
with:
229+
action: publish-release
230+
secrets:
231+
GITHUB_LOGIN: ${{ secrets.BROWSER_GITHUB_BOT_NAME }}
232+
GITHUB_EMAIL: ${{ secrets.BROWSER_GITHUB_BOT_EMAIL }}
233+
NR_API_KEY_PRODUCTION: ${{ secrets.NR_API_KEY_PRODUCTION }}
248234

249235
# Raise the release notes pr on the docs website repo
250236
raise-release-notes-pr:

.github/workflows/release-please.yml

Lines changed: 5 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -34,26 +34,10 @@ jobs:
3434
# Bump a new prerelease version and publish to NPM.
3535
prerelease-npm-version:
3636
needs: release-please
37-
runs-on: ubuntu-latest
38-
env:
39-
NPM_TOKEN: ${{ secrets.BROWSER_NPM_TOKEN }}
37+
uses: ./.github/workflows/npm-operations.yml
38+
with:
39+
operation: publish-prerelease
40+
preid: rc
41+
secrets:
4042
GITHUB_LOGIN: ${{ secrets.BROWSER_GITHUB_BOT_NAME }}
4143
GITHUB_EMAIL: ${{ secrets.BROWSER_GITHUB_BOT_EMAIL }}
42-
steps:
43-
- uses: actions/checkout@v4
44-
- uses: actions/setup-node@v4
45-
with:
46-
node-version: 22.11.0 # See package.json for the stable node version that works with our testing. Do not change this unless you know what you are doing as some node versions do not play nicely with our testing server.
47-
- name: Authenticate npm
48-
shell: bash
49-
run: |
50-
npm config set '//registry.npmjs.org/:_authToken' "${NPM_TOKEN}"
51-
- name: Set up git
52-
id: git-setup
53-
run: |
54-
git config --global user.name "${GITHUB_LOGIN}"
55-
git config --global user.email "${GITHUB_EMAIL}"
56-
- uses: ./.github/actions/prerelease-npm-version
57-
id: prerelease-npm-version
58-
with:
59-
dry_run: false

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -170,7 +170,7 @@
170170
"runtime": {
171171
"name": "node",
172172
"onFail": "error",
173-
"version": "22.11.0"
173+
"version": ">=22.11.0"
174174
},
175175
"packageManager": {
176176
"name": "npm",
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
22.11.0

0 commit comments

Comments
 (0)