Merge pull-request #1145 #68
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Version Packages Create Release Branch and Publish | |
| on: | |
| workflow_dispatch: # allows manual invocation | |
| push: | |
| tags: | |
| - "v*.*.*" # triggers on tags like v1.0.0 | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # https://github.com/actions/checkout | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 # required for git tags and history | |
| ref: ${{ github.event.repository.default_branch }} | |
| # Install and cache JS toolchain and dependencies (node_modules) | |
| - name: Setup JS | |
| uses: ./.github/actions/js-setup | |
| # Check if there are pending changesets | |
| - name: Check for pending releases | |
| run: | | |
| echo "Checking for pending changesets..." | |
| git fetch origin main | |
| CHANGES_STATUS=$(pnpm changeset status --verbose) | |
| echo "$CHANGES_STATUS" | |
| if echo "$CHANGES_STATUS" | grep -qi "packages to be bumped"; then | |
| echo "Changesets found, continuing" | |
| else | |
| echo "No unreleased changesets found, exiting" | |
| exit 1 | |
| fi | |
| - name: Debug Foundry | |
| run: anvil --version || echo "anvil not found" | |
| - name: Build | |
| run: pnpm run build-all | |
| - name: Typecheck | |
| run: pnpm run typecheck-all | |
| - name: Prettier | |
| run: pnpm run prettier-all:check | |
| version-and-rebuild: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 # required for git tags and history | |
| ref: ${{ github.event.repository.default_branch }} | |
| - name: Setup JS | |
| uses: ./.github/actions/js-setup | |
| - name: Configure Git User | |
| run: | | |
| git config user.name "tkhq-deploy" | |
| git config user.email "github@turnkey.engineering" | |
| - name: Create and switch to release branch | |
| run: | | |
| git fetch origin | |
| git checkout -B release/${{ github.ref_name }} origin/release/${{ github.ref_name }} || \ | |
| git checkout -B release/${{ github.ref_name }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Process changesets, update versions, and rebuild packages to include latest versions | |
| - name: Version and rebuild packages | |
| run: | | |
| pnpm changeset version | |
| pnpm run version | |
| pnpm install -r | |
| pnpm run build-all | |
| pnpm run typecheck-all | |
| pnpm run prettier-all:check | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Debug Git Status | |
| run: | | |
| echo "Git status before commit:" | |
| git status --short | |
| echo "Listing .changeset directory:" | |
| ls -la .changeset || echo ".changeset directory not found" | |
| - name: Commit versioned changes | |
| run: | | |
| git add -A | |
| git commit -m "chore: release packages" || echo "No changes to commit" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push changes to release branch | |
| run: | | |
| git push -u origin release/${{ github.ref_name }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload updated release artifacts | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: release-artifacts-${{ github.ref_name }} | |
| path: | | |
| examples/** | |
| !examples/*/node_modules | |
| packages/** | |
| !packages/*/node_modules | |
| pnpm-lock.yaml | |
| pnpm-workspace.yaml | |
| .changeset/** | |
| retention-days: 7 | |
| test-pre-prod: | |
| runs-on: ubuntu-latest | |
| needs: version-and-rebuild | |
| steps: | |
| # https://github.com/actions/checkout | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 # required for git tags and history | |
| ref: release/${{ github.ref_name }} | |
| # Install and cache JS toolchain and dependencies (node_modules) | |
| - name: Setup JS | |
| uses: ./.github/actions/js-setup | |
| - name: Download release artifacts | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| name: release-artifacts-${{ github.ref_name }} | |
| path: . | |
| - name: Install latest dependencies | |
| run: pnpm install -r --frozen-lockfile | |
| - name: Test (preprod) | |
| run: anvil & pnpm run test-all && lsof -t -i tcp:8545 | xargs kill | |
| env: | |
| API_PUBLIC_KEY: ${{ secrets.PREPROD_API_PUBLIC_KEY }} | |
| API_PRIVATE_KEY: ${{ secrets.PREPROD_API_PRIVATE_KEY }} | |
| BASE_URL: ${{ secrets.PREPROD_BASE_URL }} | |
| ORGANIZATION_ID: ${{ secrets.PREPROD_ORGANIZATION_ID }} | |
| PRIVATE_KEY_ID: ${{ secrets.PREPROD_PRIVATE_KEY_ID }} | |
| EXPECTED_PRIVATE_KEY_ETH_ADDRESS: ${{ secrets.PREPROD_EXPECTED_PRIVATE_KEY_ETH_ADDRESS }} | |
| EXPECTED_PRIVATE_KEY_ETH_ADDRESS_2: ${{ secrets.PREPROD_EXPECTED_PRIVATE_KEY_ETH_ADDRESS_2 }} | |
| EXPECTED_WALLET_ACCOUNT_ETH_ADDRESS: ${{ secrets.PREPROD_EXPECTED_WALLET_ACCOUNT_ETH_ADDRESS }} | |
| EXPECTED_WALLET_ACCOUNT_ETH_ADDRESS_2: ${{ secrets.PREPROD_EXPECTED_WALLET_ACCOUNT_ETH_ADDRESS_2 }} | |
| BANNED_TO_ADDRESS: ${{ secrets.PREPROD_BANNED_TO_ADDRESS }} | |
| SOLANA_TEST_ORG_API_PRIVATE_KEY: ${{ secrets.SOLANA_TEST_ORG_API_PRIVATE_KEY }} | |
| WALLET_ID: ${{ secrets.PREPROD_WALLET_ID }} | |
| test-prod: | |
| runs-on: ubuntu-latest | |
| needs: test-pre-prod | |
| steps: | |
| # https://github.com/actions/checkout | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 # required for git tags and history | |
| ref: release/${{ github.ref_name }} | |
| # Install and cache JS toolchain and dependencies (node_modules) | |
| - name: Setup JS | |
| uses: ./.github/actions/js-setup | |
| - name: Download release artifacts | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| name: release-artifacts-${{ github.ref_name }} | |
| path: . | |
| - name: Install latest dependencies | |
| run: pnpm install -r --frozen-lockfile | |
| - name: Test (prod) | |
| run: anvil & pnpm run test-all && lsof -t -i tcp:8545 | xargs kill | |
| env: | |
| API_PUBLIC_KEY: ${{ secrets.API_PUBLIC_KEY }} | |
| API_PRIVATE_KEY: ${{ secrets.API_PRIVATE_KEY }} | |
| BASE_URL: "https://api.turnkey.com" | |
| ORGANIZATION_ID: ${{ secrets.ORGANIZATION_ID }} | |
| PRIVATE_KEY_ID: ${{ secrets.PRIVATE_KEY_ID }} | |
| EXPECTED_PRIVATE_KEY_ETH_ADDRESS: ${{ secrets.EXPECTED_PRIVATE_KEY_ETH_ADDRESS }} | |
| EXPECTED_PRIVATE_KEY_ETH_ADDRESS_2: ${{ secrets.EXPECTED_PRIVATE_KEY_ETH_ADDRESS_2 }} | |
| EXPECTED_WALLET_ACCOUNT_ETH_ADDRESS: ${{ secrets.EXPECTED_WALLET_ACCOUNT_ETH_ADDRESS }} | |
| EXPECTED_WALLET_ACCOUNT_ETH_ADDRESS_2: ${{ secrets.EXPECTED_WALLET_ACCOUNT_ETH_ADDRESS_2 }} | |
| BANNED_TO_ADDRESS: "0x6F72eDB2429820c2A0606a9FC3cA364f5E9b2375" | |
| SOLANA_TEST_ORG_API_PRIVATE_KEY: ${{ secrets.SOLANA_TEST_ORG_API_PRIVATE_KEY }} | |
| WALLET_ID: ${{ secrets.WALLET_ID }} | |
| prepare-release: | |
| runs-on: ubuntu-latest | |
| needs: test-prod | |
| steps: | |
| # https://github.com/actions/checkout | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 # required for git tags and history | |
| ref: release/${{ github.ref_name }} | |
| - name: Setup JS | |
| uses: ./.github/actions/js-setup | |
| - name: Download release artifacts | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| name: release-artifacts-${{ github.ref_name }} | |
| path: . | |
| - name: Install latest dependencies | |
| run: pnpm install -r --frozen-lockfile | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 #v2.2.2 | |
| with: | |
| tag_name: ${{ github.ref_name }} | |
| name: Release ${{ github.ref_name }} | |
| generate_release_notes: true | |
| draft: true | |
| prerelease: false | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| publish: | |
| needs: prepare-release | |
| runs-on: | |
| group: package-deploy | |
| environment: production # require manual approval for production deployments | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 # required for git tags and history | |
| ref: release/${{ github.ref_name }} | |
| - name: Configure Git User | |
| run: | | |
| git config user.name "tkhq-deploy" | |
| git config user.email "github@turnkey.engineering" | |
| - name: Setup Node, pnpm, and deps | |
| uses: ./.github/actions/js-setup | |
| # download the release artifacts generated by the release workflow | |
| - name: Download release artifacts | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| name: release-artifacts-${{ github.ref_name }} | |
| path: . | |
| - name: Install latest dependencies | |
| run: pnpm install -r --frozen-lockfile | |
| - name: Confirm environment variables | |
| run: | | |
| if [ -n "${{ secrets.GITHUB_TOKEN }}" ]; then | |
| echo "GITHUB_TOKEN is set" | |
| else | |
| echo "GITHUB_TOKEN is not set" | |
| exit 1 | |
| fi | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish to NPM (dry run) | |
| run: | | |
| pnpm publish -r --dry-run --no-git-checks --report-summary | |
| echo "npm publish dry run summary:" | |
| cat publish-summary.json || echo "No NPM dry run summary generated" | |
| - name: Publish packages to NPM | |
| run: | | |
| echo "Publishing packages to NPM..." | |
| pnpm publish -r --no-git-checks --report-summary || { | |
| echo "❌ Publish failed. Check logs above."; | |
| exit 1; | |
| } | |
| echo "npm publish summary:" | |
| cat publish-summary.json || echo "No NPM publish summary generated" | |
| - name: Set up NPM config for GitHub Packages | |
| run: | | |
| echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > .npmrc | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish to GitHub Packages (dry run) | |
| run: | | |
| pnpm publish -r --dry-run --no-git-checks --report-summary | |
| echo "GitHub publish dry run summary:" | |
| cat publish-summary.json || echo "No GitHub publish dry run summary generated" | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish to GitHub Packages | |
| run: | | |
| echo "Publishing packages to GitHub Packages..." | |
| pnpm publish -r --no-git-checks --report-summary || echo "GitHub Packages publish failed" | |
| echo "GitHub publish summary:" | |
| cat publish-summary.json || echo "No GitHub publish summary generated" | |
| rm .npmrc | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| continue-on-error: true |