Release workspace #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release workspace | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| workspace: | |
| description: "Name of the Workspace" | |
| required: true | |
| type: string | |
| force_release: | |
| description: "Force release even if no changesets are present" | |
| required: false | |
| type: boolean | |
| workflow_call: | |
| inputs: | |
| force_release: | |
| description: "Force release even if no changesets are present" | |
| required: false | |
| type: boolean | |
| workspace: | |
| description: "Name of the Workspace" | |
| required: true | |
| type: string | |
| permissions: | |
| id-token: write | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ inputs.workspace }} | |
| jobs: | |
| changesets-pr: | |
| name: Update Version Packages PR for ${{ inputs.workspace }} | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./workspaces/${{ inputs.workspace }} | |
| env: | |
| CI: true | |
| NODE_OPTIONS: --max-old-space-size=4096 | |
| outputs: | |
| needs_release: ${{ steps.release_check.outputs.needs_release }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/create-github-app-token@v2 | |
| id: app-token | |
| with: | |
| app-id: ${{ secrets.BACKSTAGE_BOT_APPLICATION_ID }} | |
| private-key: ${{ secrets.BACKSTAGE_BOT_PRIVATE_KEY }} | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ steps.app-token.outputs.token }} | |
| - name: Set up Node | |
| uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v4 | |
| with: | |
| node-version: 24 | |
| registry-url: https://registry.npmjs.org/ # Needed for auth | |
| - name: Get yarn cache directory path | |
| id: yarn-cache-dir-path | |
| run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT | |
| - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 | |
| id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`) | |
| with: | |
| path: ${{ steps.yarn-cache-dir-path.outputs.dir }} | |
| key: ${{ runner.os }}-yarn-${{ hashFiles(format('workspaces/${0}/**/yarn.lock', inputs.workspace)) }} | |
| restore-keys: | | |
| ${{ runner.os }}-yarn- | |
| - name: yarn install | |
| run: yarn install --immutable | |
| - name: Fetch previous commit for release check | |
| run: git fetch origin '${{ github.event.before }}' | |
| - name: Check if release | |
| id: release_check | |
| if: inputs.force_release != true | |
| run: node ../../scripts/ci/check-if-release.js | |
| env: | |
| WORKSPACE_NAME: ${{ inputs.workspace }} | |
| COMMIT_SHA_BEFORE: "${{ github.event.before }}" | |
| - name: Update Version Packages (${{ inputs.workspace }}) PR | |
| id: changesets-pr | |
| if: steps.release_check.outputs.needs_release != 'true' || inputs.force_release != true | |
| uses: backstage/changesets-action@a39baf18913e669734ffb00c2fd9900472cfa240 # v2.3.2 | |
| with: | |
| title: Version Packages (${{ inputs.workspace }}) | |
| cwd: workspaces/${{ inputs.workspace }} | |
| version: yarn changeset version | |
| versionBranch: changesets-release/${{ inputs.workspace }} | |
| skipRootChangelogUpdate: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| release: | |
| name: Release workspace ${{ inputs.workspace }} | |
| runs-on: ubuntu-latest | |
| needs: changesets-pr | |
| if: needs.changesets-pr.outputs.needs_release == 'true' || inputs.force_release == true | |
| defaults: | |
| run: | |
| working-directory: ./workspaces/${{ inputs.workspace }} | |
| env: | |
| CI: true | |
| NODE_OPTIONS: --max-old-space-size=4096 | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 | |
| - name: Set up Node | |
| uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v4 | |
| with: | |
| node-version: 24 | |
| registry-url: https://registry.npmjs.org/ # Needed for auth | |
| - name: Get yarn cache directory path | |
| id: yarn-cache-dir-path | |
| run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT | |
| - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 | |
| id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`) | |
| with: | |
| path: ${{ steps.yarn-cache-dir-path.outputs.dir }} | |
| key: ${{ runner.os }}-yarn-${{ hashFiles(format('workspaces/${0}/**/yarn.lock', inputs.workspace)) }} | |
| restore-keys: | | |
| ${{ runner.os }}-yarn- | |
| - name: yarn install | |
| run: yarn install --immutable | |
| - name: Compile TypeScript | |
| run: yarn tsc:full | |
| - name: Build all packages | |
| run: yarn build:all | |
| - name: publish | |
| run: | | |
| yarn workspaces foreach --all -v --no-private npm publish --access public --tolerate-republish |