Merge pull request #7662 from NomicFoundation/minimal-project-readme #1

Workflow file for this run

.github/workflows/release.yml at efcc0f6

	name: Create release PR / Publish packages

	on:
	workflow_dispatch:
	push:
	branches:
	- main

	defaults:
	run:
	shell: bash

	jobs:
	pr:
	name: Conditionally create a release PR
	runs-on: ubuntu-latest
	outputs:
	hasChangesets: ${{ steps.store-has-changesets.outputs.hasChangesets }}
	permissions:
	pull-requests: write # This allows us to create pull requests
	contents: write
	steps:
	- name: Checkout Repo
	uses: actions/checkout@v5
	with:
	# This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits
	fetch-depth: 0
	# NOTE: If we use default GITHUB_TOKEN to create the release PR, the checks on the release PR will not be triggered automatically
	token: ${{ secrets.RELEASE_GITHUB_TOKEN \|\| github.token }}

	- name: Set up the environment
	uses: ./.github/actions/setup-env

	- name: Install Dependencies
	run: pnpm install --frozen-lockfile

	- name: Create release Pull Request
	id: pr
	env:
	# NOTE: If we use the default GITHUB_TOKEN to create the release PR, the checks on the release PR will not be triggered automatically
	GITHUB_TOKEN: ${{ secrets.RELEASE_GITHUB_TOKEN \|\| github.token }}
	uses: changesets/action@v1
	with:
	title: Version Packages (v3)
	version: pnpm version-for-release

	- name: Store hasChangesets for subsequent jobs
	id: store-has-changesets
	run: \|
	echo "hasChangesets=${{steps.pr.outputs.hasChangesets}}"
	echo "hasChangesets=${{steps.pr.outputs.hasChangesets}}" >> $GITHUB_OUTPUT

	pack:
	name: Generate tarballs for publishing
	needs: pr
	if: needs.pr.outputs.hasChangesets == 'false'
	runs-on: ubuntu-latest
	permissions:
	contents: write
	outputs:
	hasPackages: ${{ steps.detect.outputs.hasPackages }}
	steps:
	- name: Checkout Repo
	uses: actions/checkout@v5

	- name: Set up the environment
	uses: ./.github/actions/setup-env

	- name: Install Dependencies
	run: pnpm install --frozen-lockfile

	- name: Build All Packages
	run: pnpm run --recursive --no-bail --filter './v-next/**' --if-present build

	- name: Publish All Packages (dry-run) and save list of packages that need publishing
	run: pnpm publish --filter "./v-next/**" -r --no-git-checks --access public --dry-run --report-summary

	- name: Store the package list to be published
	uses: actions/upload-artifact@v4
	with:
	name: pnpm-publish-summary.json
	path: pnpm-publish-summary.json
	overwrite: true
	if-no-files-found: error

	- name: Detect packages needing publish
	id: detect
	run: \|
	count=$(jq '.publishedPackages \| length' pnpm-publish-summary.json 2>/dev/null)
	if [ "$count" -gt 0 ]; then
	echo "hasPackages=true" >> "$GITHUB_OUTPUT"
	else
	echo "No packages to publish."
	echo "hasPackages=false" >> "$GITHUB_OUTPUT"
	fi

	# The --filter parameter filters by exact package name, so there's no risk of a package name being a substring of another package name
	- name: Generate tarballs for packages that need publishing
	id: pack
	if: steps.detect.outputs.hasPackages == 'true'
	run: \|
	jq -r '.publishedPackages[].name' pnpm-publish-summary.json \| while IFS= read -r name; do
	pnpm pack -r --filter "$name" --pack-destination tarballs
	done

	- name: Upload packed tarballs
	uses: actions/upload-artifact@v4
	if: steps.detect.outputs.hasPackages == 'true'
	with:
	name: tarballs
	path: tarballs
	overwrite: true
	if-no-files-found: error

	review:
	name: Review diffs
	needs: pack
	if: needs.pack.outputs.hasPackages == 'true'

	runs-on: ubuntu-latest
	permissions:
	actions: read # To download the tarballs to review
	steps:
	- name: Download pnpm list json
	uses: actions/download-artifact@v5
	with:
	name: pnpm-publish-summary.json
	path: .

	- name: Download tarballs
	uses: actions/download-artifact@v5
	with:
	name: tarballs
	path: tarballs

	- name: Show diff between published and proposed packages
	run: \|
	jq -r '.publishedPackages[] \| "\(.name)\|\(.version)"' pnpm-publish-summary.json \|
	while IFS='\|' read -r name version; do
	# download latest
	NORMALIZED_NAME="${name//\//-}"
	NORMALIZED_NAME="${NORMALIZED_NAME//@/}"
	TARBALL_URL=$(npm view "$name@latest" dist.tarball)

	curl -s -L "$TARBALL_URL" -o "tarballs/$NORMALIZED_NAME-latest.tgz"

	# unpack both latest and proposed version
	mkdir -p tarballs/$NORMALIZED_NAME/proposed
	mkdir -p tarballs/$NORMALIZED_NAME/latest
	tar -xzf tarballs/$NORMALIZED_NAME-latest.tgz -C tarballs/$NORMALIZED_NAME/latest
	tar -xzf tarballs/$NORMALIZED_NAME-$version.tgz -C tarballs/$NORMALIZED_NAME/proposed

	# show diffs for review
	echo "<< Showing files diff for $name >>"
	git diff --color=always --no-index --name-status tarballs/$NORMALIZED_NAME/latest tarballs/$NORMALIZED_NAME/proposed \|\| true
	echo "<< Showing package.json diff for $name >>"
	git diff --color=always --no-index tarballs/$NORMALIZED_NAME/latest/package/package.json tarballs/$NORMALIZED_NAME/proposed/package/package.json \|\| true
	done

	publish:
	name: Publish packages
	needs: review
	if: needs.pack.outputs.hasPackages == 'true'
	runs-on: ubuntu-latest
	environment: npm-publish
	permissions:
	actions: read # To download the tarball to publish
	id-token: write # Needed for npm Trusted Publishing (OIDC)
	steps:
	- name: Download pnpm list json
	uses: actions/download-artifact@v5
	with:
	name: pnpm-publish-summary.json
	path: .

	- name: Download tarballs
	uses: actions/download-artifact@v5
	with:
	name: tarballs
	path: tarballs

	- name: Setup node to be able to update npm
	uses: actions/setup-node@v5
	with:
	node-version: 24

	- name: Update npm to make sure it supports Trusted Publishing
	run: npm install -g npm@latest

	- name: Publish
	env:
	NPM_CONFIG_PROVENANCE: true # explicitly enable NPM provenance
	run: \|
	cd tarballs
	jq -r '.publishedPackages[] \| "\(.name)\|\(.version)"' ../pnpm-publish-summary.json \|
	while IFS='\|' read -r name version; do
	NORMALIZED_NAME="${name//\//-}"
	NORMALIZED_NAME="${NORMALIZED_NAME//@/}"
	filename=$NORMALIZED_NAME-$version.tgz

	echo "Publishing $filename"
	# We can switch to pnpm publish when pnpm supports Trusted publishing
	npm publish $filename --tag latest --access public
	done

	tag:
	name: Push tags
	needs: publish
	if: needs.pack.outputs.hasPackages == 'true'
	runs-on: ubuntu-latest
	permissions:
	contents: write
	steps:
	- name: Checkout Repo
	uses: actions/checkout@v5
	with:
	fetch-depth: 0

	- name: Set up the environment
	uses: ./.github/actions/setup-env

	- name: Install Dependencies
	run: pnpm install --frozen-lockfile

	# This step is needed otherwise tag creation fails
	- run: \|
	git config user.name "github-actions"
	git config user.email "[email protected]"

	- name: Create tags for packages
	run: pnpm changeset tag

	- name: Push tags
	run: git push --follow-tags

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Merge pull request #7662 from NomicFoundation/minimal-project-readme #1

Workflow file

Merge pull request #7662 from NomicFoundation/minimal-project-readme #1

Uh oh!

Workflow file for this run