Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GDL-9 publish npm package to registry #206

Open
wants to merge 1 commit into
base: development/7.10
Choose a base branch
from
Open

GDL-9 publish npm package to registry #206

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
80 changes: 80 additions & 0 deletions .github/workflows/release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
---
name: Release

run-name: release ${{ inputs.tag }}

on:
workflow_dispatch:
inputs:
tag:
description: 'Tag to be released'
required: true

jobs:
publish:
permissions:
packages: write
id-token: write
contents: read
env:
VERSION: ${{ inputs.tag }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set env vars
run: |
echo PKG_VERSION="$(jq -r .version < package.json)" >> $GITHUB_ENV
echo PKG_NAME="$(jq -r .name < package.json)" >> $GITHUB_ENV
echo PKG_BASENAME="$(basename $(jq -r .name < package.json))" >> $GITHUB_ENV
- name: Ensure the branch is protected
run: |
if [[ "${{ github.ref_protected }}" = "false" ]]; then
echo "::error::The branch ${{ github.ref }} is not protected"
exit 1
fi
- name: Ensure tag has not been released
run: |
TAG_EXISTS=$(git tag -l "${{ inputs.tag }}")
if [[ -n "$TAG_EXISTS" ]]; then
echo "::error::The tag ${{ inputs.tag }} already exists"
exit 1
fi
- name: Ensure version is properly set
run: |
if ! [[ "$PKG_VERSION" = "$VERSION" ]]; then
echo "::error file=package.json,line=$(sed -n '/"version":/=' package.json)::The tag $VERSION must match the version $PKG_VERSION specified in package.json"
exit 1
fi
- name: Setup node with GitHub Packages
uses: actions/setup-node@v4
with:
cache: yarn
node-version: '16'
registry-url: https://npm.pkg.github.com
- name: install dependencies
run: yarn install --frozen-lockfile
- name: Publish to GitHub Packages
run: npm publish --provenance
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup node with npmjs.org
uses: actions/setup-node@v4
with:
registry-url: https://registry.npmjs.org
- name: Publish to npmjs.org
run: npm publish --provenance
Copy link
Contributor

@francoisferrand francoisferrand Feb 19, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what happens if the push to npmjs fails, i.e. how can be "finisih" the release?

  • there is a "tag" check, which prevents generating the tag if already done : OK since the tag (and release) is created last
  • when publish to Github packages fails, nothing was actually changed : OK
  • when publish to npmjs fails, github package has already been published:
    • re-running may fail (?) as we already pushed to github?
    • if we re-run the release, we may have a different commit on the "new" release.... and could end-up with an incorrect build on github?
    • in the mean-time, the release is not present, but the package is already in github and may be consummed/upgraded unexpectedly... should we remove it? or make the tag/release first (but this adds complexity to re-run)?
    • as the tag is not created, bert-e (when used) may also mark more jira tickets as "fixed" in this release... this is not a new issue, but agravated if the release takes longer...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You wanna change the order, this way if it fails on npm it didn't published on GitHub packages?

Also let's try not to overthink this too much, let's get some field experience first.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't want to change the order, I want to merge something where we have a path, in case of failure : because such failures do and will happen, and typically when it happens it is at the worst of times...

So it is really not overthinking, but actually just thinking it through, to try and have some way to finish the release anyway when we need it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, ran a couple of test and confirm that we will face some failure if for example we want to re-publish a package to GitHub (I guess the same will happen on npm):

npm error code E409
npm error 409 Conflict - PUT https://npm.pkg.github.com/@scality%2feslint-config - Cannot publish over existing version
npm error A complete log of this run can be found in: /home/codespace/.npm/_logs/2025-02-21T21_38_24_404Z-debug-0.log

Now, my main concern here, is not towards what you want to apply, it's mostly that we are adding too much code/logic into something that as far as we established will be copy pasted.

So if we are duplicating code, let's keep it "dumb" even if the feature are limited. But if we want to add more checks and all, I rather we develop an action and reuse that code, otherwise it will be a pain to maintain across 20 different repos.

Let me know which path you prefer, either are fine by me I don't mind developing an action for it.

env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Create Release
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ inputs.tag }}
name: Release ${{ inputs.tag }}
target_commitish: ${{ github.sha }}
append_body: |
Github Packages: https://github.com/${{ github.repository }}/pkgs/npm/${{ env.PKG_BASENAME }}
npmjs: https://www.npmjs.com/package/${{ env.PKG_NAME }}/v/${{ env.PKG_VERSION }}
43 changes: 31 additions & 12 deletions .github/workflows/tests.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,20 +4,39 @@ name: tests
on:
push:
branches-ignore:
- 'development/**'
- q/*/*

jobs:
test:
permissions:
packages: write
id-token: write
contents: read
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '16'
- name: install dependencies
run: yarn install --frozen-lockfile
- name: lint markdown
run: yarn lint_md
- name: lint javascript
run: yarn lint
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '16'
registry-url: https://npm.pkg.github.com
- name: install dependencies
run: yarn install --frozen-lockfile
- name: lint markdown
run: yarn lint_md
- name: lint javascript
run: yarn lint
- name: Set common env vars for npm publish
run: |
echo "SHORTSHA=$(git rev-parse --short $GITHUB_SHA)" >> $GITHUB_ENV
echo "PKG_VERSION=$(jq -r .version < package.json)" >> $GITHUB_ENV
- name: Set version for work in progress
run: yarn version --no-git-tag-version --new-version "0.0.0-sha.${SHORTSHA}"
if: github.ref_protected == false
- name: Set version for protected branch
run: yarn version --no-git-tag-version --new-version "${PKG_VERSION}-sha.${SHORTSHA}"
if: github.ref_protected
- name: Publish development version
run: npm publish --provenance --tag "${{ github.ref_name }}"
env:
NODE_AUTH_TOKEN: ${{ github.token }}
28 changes: 17 additions & 11 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,43 +1,49 @@
{
"name": "eslint-config-scality",
"name": "@scality/eslint-config",
"version": "7.10.2",
"description": "ESLint config for Scality's Node.js coding guidelines",
"bin": {
"mdlint": "./bin/mdlint.js"
"mdlint": "bin/mdlint.js"
},
"main": "index.js",
"scripts": {
"test": "npm run --silent lint && npm run --silent lint_md",
"lint": "node_modules/.bin/eslint -c index.js $(git ls-files '*.js')",
"lint": "eslint -c index.js $(git ls-files '*.js')",
"lint_md": "node bin/mdlint.js $(git ls-files '*.md')"
},
"repository": {
"type": "git",
"url": "https://github.com/scality/Guidelines"
"url": "git+https://github.com/scality/Guidelines.git"
},
"dependencies": {
"commander": "1.3.2",
"markdownlint": "^0.25.1"
},
"bugs": {
"url": "https://github.com/scality/Guidelines/issues"
},
"devDependencies": {
"babel-eslint": "6.1.2",
"eslint": "^8.7.0",
"eslint-config-airbnb": "6.2.0"
},
"keywords": [
"eslint",
"eslintconfig",
"config",
"airbnb",
"scality",
"javascript",
"markdown",
"scality",
"styleguide"
],
"author": "Giorgio Regni",
"author": "Scality Object Squad <object-squad@scality.com>",
"license": "Apache-2.0",
"homepage": "https://github.com/scality/Guidelines",
"engines": {
"node": ">=16"
}
},
"publishConfig": {
"access": "public"
},
"files": [
"bin",
"*.[c]js"
]
}