fix(ci): invoke changeset via bunx so release workflow finds the binary #6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| # Changesets-driven release flow: | |
| # 1. Contributors include `.changeset/*.md` files in their PRs describing | |
| # the version bump (patch | minor | major) and the change. | |
| # 2. When PRs land on main, this workflow runs and the changesets bot | |
| # either: | |
| # a. Opens (or updates) a single "Version Packages" PR that bumps | |
| # package.json versions, regenerates CHANGELOG.md, and deletes | |
| # the consumed changeset files. Reviewers approve + merge it | |
| # when ready to ship. | |
| # b. If no pending changesets exist (i.e. the Version PR was just | |
| # merged), runs `bun run release` which builds the package and | |
| # runs `changeset publish` — that calls `npm publish` for every | |
| # package version not yet on the registry, then tags + GitHub | |
| # releases each. | |
| # | |
| # No manual git tags, no manual package.json edits, no main-branch | |
| # bypasses. Releases go through the normal PR + status-check + approval | |
| # flow like any other change. | |
| # | |
| # `--provenance` is intentionally omitted from the publish: npm requires | |
| # a public source repository for provenance attestations and this repo | |
| # is `internal`-visibility. Re-add via .changeset/config.json once the | |
| # repo flips public. | |
| on: | |
| push: | |
| branches: [main] | |
| permissions: | |
| contents: write # opening/merging the version PR + tagging releases | |
| pull-requests: write # opening the version PR | |
| id-token: write # npm OIDC trusted publishing | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Bun | |
| uses: oven-sh/setup-bun@v2 | |
| with: | |
| bun-version: "1.2.21" | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| registry-url: 'https://registry.npmjs.org' | |
| # OIDC trusted publishing requires npm >= 11.5.1; the version | |
| # bundled with Node 20 is older. | |
| - name: Ensure latest npm | |
| run: npm install -g npm@latest | |
| - name: Install dependencies | |
| run: bun install --frozen-lockfile | |
| - name: Create release PR or publish | |
| uses: changesets/action@v1 | |
| with: | |
| # Runs when there are no pending .changeset/*.md files — | |
| # i.e. immediately after the Version Packages PR is merged. | |
| publish: bun run release | |
| # PR title for the bot's open Version Packages PR. | |
| title: "chore: version packages" | |
| commit: "chore: version packages" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |