-
-
Notifications
You must be signed in to change notification settings - Fork 20
115 lines (99 loc) · 3.56 KB
/
cli-publish.yml
File metadata and controls
115 lines (99 loc) · 3.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
name: CLI - Publish to npm
on:
workflow_dispatch:
inputs:
version_bump:
description: 'Version bump type'
required: true
default: 'patch'
type: choice
options:
- patch
- minor
- major
dry_run:
description: 'Dry run (do not actually publish)'
required: false
default: false
type: boolean
push:
#branches:
# - main
paths:
- '.github/workflows/cli-publish.yml'
- 'cli/package.json'
- 'cli/package-lock.json'
permissions:
contents: write
pull-requests: write
id-token: write # Required for OIDC to npm registry
jobs:
publish:
name: Publish CLI to npm
runs-on: ubuntu-latest
defaults:
run:
working-directory: cli
steps:
- name: Harden Runner
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Node.js
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
with:
node-version: 24
registry-url: 'https://registry.npmjs.org'
- name: Install extension dependencies
run: npm ci
working-directory: .
- name: Install CLI dependencies
run: npm ci
- name: Build production bundle
run: npm run build:production
- name: Validate CLI works
run: node dist/cli.js --help
- name: Bump version
run: npm version ${{ inputs.version_bump }} --no-git-tag-version
- name: Get new version
id: version
run: echo "version=$(node -p 'require("./package.json").version')" >> "$GITHUB_OUTPUT"
- name: Publish to npm
if: ${{ !inputs.dry_run }}
run: NODE_AUTH_TOKEN="" npm publish
- name: Dry run publish
if: ${{ inputs.dry_run }}
run: NODE_AUTH_TOKEN="" npm publish public --dry-run
- name: Commit version bump and create PR
if: ${{ !inputs.dry_run }}
run: |
cd ..
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git checkout -b cli/bump-version-v${{ steps.version.outputs.version }}
git add cli/package.json cli/package-lock.json
git commit -m "chore(cli): bump version to v${{ steps.version.outputs.version }}"
git push origin cli/bump-version-v${{ steps.version.outputs.version }}
gh pr create \
--title "chore(cli): bump version to v${{ steps.version.outputs.version }}" \
--body "Automated version bump after publishing \`@rajbos/ai-engineering-fluency@${{ steps.version.outputs.version }}\` to npm." \
--base main \
--head cli/bump-version-v${{ steps.version.outputs.version }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Summary
run: |
{
echo "## CLI Package Published 📦"
echo ""
echo "- **Version:** v${{ steps.version.outputs.version }}"
echo "- **Bump:** ${{ inputs.version_bump }}"
echo "- **Dry run:** ${{ inputs.dry_run }}"
echo ""
if [ "${{ inputs.dry_run }}" = "false" ]; then
echo "Install with: \`npx @rajbos/ai-engineering-fluency\`"
echo ""
echo "A PR has been opened to merge the version bump back to main."
fi
} >> "$GITHUB_STEP_SUMMARY"