chore(repo): version packages for stable (#890) #730
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main # Stable releases | |
| - canary # Canary (preview) releases | |
| - rc # Release candidate cycle | |
| concurrency: | |
| group: publish-${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout the repository with full history and tag data so that | |
| # Changesets can generate changelogs and tag new releases appropriately. | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-tags: true | |
| fetch-depth: 0 | |
| token: ${{ secrets.KNOCK_ENG_BOT_GITHUB_TOKEN }} | |
| # Determine the release type based on the current branch. | |
| # Sets the output `release-type` to 'stable', 'canary', or 'rc'. | |
| - name: Determine release type | |
| id: release-type | |
| run: | | |
| if [[ "$GITHUB_REF" == "refs/heads/main" ]]; then | |
| echo "release-type=stable" >> "$GITHUB_OUTPUT" | |
| elif [[ "$GITHUB_REF" == "refs/heads/canary" ]]; then | |
| echo "release-type=canary" >> "$GITHUB_OUTPUT" | |
| elif [[ "$GITHUB_REF" == "refs/heads/rc" ]]; then | |
| echo "release-type=rc" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "Unsupported branch $GITHUB_REF"; exit 1 | |
| fi | |
| # Set up Node.js using the version specified in package.json, | |
| # and cache Yarn dependencies for faster installs. | |
| - name: Setup Node.js 20.x | |
| uses: actions/setup-node@v4 | |
| with: | |
| registry-url: "https://registry.npmjs.org" | |
| node-version-file: "package.json" | |
| cache: "yarn" | |
| # Install dependencies using Yarn with zero tolerance for lockfile drift. | |
| - name: Install Dependencies | |
| run: yarn --immutable | |
| # Auto-exit prerelease mode when canary is merged into main | |
| - name: Exit prerelease and re-generate versions (auto) | |
| if: | | |
| steps.release-type.outputs.release-type == 'stable' && | |
| hashFiles('.changeset/pre.json') != '' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.KNOCK_ENG_BOT_GITHUB_TOKEN }} | |
| run: | | |
| echo "🔄 Repository is still in prerelease mode on main – exiting…" | |
| yarn changeset pre exit | |
| yarn changeset version | |
| yarn install --mode=update-lockfile | |
| git config --global user.name 'knock-eng-bot' | |
| git config --global user.email 'knock-eng-bot@users.noreply.github.com' | |
| git add -A | |
| git commit -m "chore(repo): exit canary prerelease mode on merge to main" | |
| git push | |
| echo "✅ prerelease exited and lockfile updated – new push will trigger publish" | |
| exit 0 | |
| # Verify that the current branch is in the correct Changeset prerelease mode. | |
| # Prevents accidentally publishing a prerelease with the wrong npm tag. | |
| - name: Verify pre.json for pre-release branches | |
| if: steps.release-type.outputs.release-type != 'stable' | |
| run: | | |
| jq -e '.mode=="pre" and .tag=="'${{ steps.release-type.outputs.release-type }}'"' .changeset/pre.json \ | |
| || { echo "::error::Incorrect prerelease mode for this branch"; exit 1; } | |
| # Prevent a stable release from being published if the repository | |
| # is still in Changesets prerelease mode (canary or rc). | |
| - name: Guard against accidental prerelease on main | |
| if: steps.release-type.outputs.release-type == 'stable' | |
| run: | | |
| if [ -f .changeset/pre.json ]; then | |
| echo "::error::Cannot release from main while in prerelease mode" | |
| exit 1 | |
| fi | |
| # Export the npm dist-tag based on the release type. | |
| - name: Export npm dist-tag | |
| run: | | |
| TAG=${{ steps.release-type.outputs.release-type }} | |
| [ "$TAG" = "stable" ] && TAG=latest | |
| echo "NPM_CONFIG_TAG=$TAG" >> "$GITHUB_ENV" | |
| # Configure Yarn to authenticate with the npm registry using a token. | |
| - name: Set NPM Auth | |
| run: | | |
| yarn config set npmRegistryServer "https://registry.npmjs.org" | |
| yarn config set npmAlwaysAuth true | |
| yarn config set npmAuthToken $NPM_TOKEN | |
| env: | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| # Create a versioning PR if changeset files exist, or publish packages | |
| # to npm if version bump commits have already been merged into the branch. | |
| - name: Create release PR or publish | |
| uses: changesets/action@v1 | |
| with: | |
| commit: "chore(repo): version packages for ${{ steps.release-type.outputs.release-type }}" | |
| title: "chore(repo): version packages for ${{ steps.release-type.outputs.release-type }}" | |
| version: yarn release:version | |
| publish: yarn release:publish | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.KNOCK_ENG_BOT_GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} |