|
1 | 1 | name: Publish package to npmjs |
2 | 2 |
|
3 | | -# This workflow runs when code is pushed to `main` (i.e: when a pull request is merged) |
4 | 3 | on: |
5 | | - push: |
6 | | - branches: [main] |
| 4 | + push: |
| 5 | + branches: [main] |
7 | 6 |
|
8 | | -# Ensure that only once instance of this workflow executes at a time. |
| 7 | +# Ensure that only one instance of this workflow executes at a time. |
9 | 8 | # If multiple PRs are merged in quick succession, there will only ever be one publish workflow running and one pending. |
10 | 9 | concurrency: ${{ github.workflow }} |
11 | 10 |
|
12 | 11 | jobs: |
13 | | - version: |
14 | | - runs-on: ubuntu-latest |
15 | | - |
16 | | - # OSBotify will update the version on `main`, so this check is important to prevent an infinite loop |
17 | | - if: ${{ github.actor != 'OSBotify' }} |
18 | | - |
19 | | - steps: |
20 | | - - uses: actions/checkout@v3 |
21 | | - with: |
22 | | - ref: main |
23 | | - |
24 | | - - name: Decrypt & Import OSBotify GPG key |
25 | | - run: | |
26 | | - cd .github |
27 | | - gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" --output OSBotify-private-key.asc OSBotify-private-key.asc.gpg |
28 | | - gpg --import OSBotify-private-key.asc |
29 | | - env: |
30 | | - LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} |
31 | | - |
32 | | - - name: Set up git for OSBotify |
33 | | - run: | |
34 | | - git config --global user.signingkey AEE1036472A782AB |
35 | | - git config --global commit.gpgsign true |
36 | | - git config --global user.name OSBotify |
37 | | - git config --global user.email infra+osbotify@expensify.com |
38 | | -
|
39 | | - - uses: actions/setup-node@v3 |
40 | | - with: |
41 | | - node-version-file: '.nvmrc' |
42 | | - registry-url: 'https://registry.npmjs.org' |
43 | | - |
44 | | - - name: Generate branch name |
45 | | - run: echo "BRANCH_NAME=OSBotify-bump-version-$(uuidgen)" >> $GITHUB_ENV |
46 | | - |
47 | | - - name: Create branch for version-bump pull request |
48 | | - run: git checkout -b ${{ env.BRANCH_NAME }} |
49 | | - |
50 | | - - name: Install npm packages |
51 | | - run: npm ci |
52 | | - |
53 | | - - name: Update npm version |
54 | | - run: npm version patch |
55 | | - |
56 | | - - name: Set new version in GitHub ENV |
57 | | - run: echo "NEW_VERSION=$(jq '.version' package.json)" >> $GITHUB_ENV |
58 | | - |
59 | | - - name: Push branch and publish tags |
60 | | - run: git push --set-upstream origin ${{ env.BRANCH_NAME }} && git push --tags |
61 | | - |
62 | | - - name: Create pull request |
63 | | - run: | |
64 | | - gh pr create \ |
65 | | - --title "Update version to ${{ env.NEW_VERSION }}" \ |
66 | | - --body "Update version to ${{ env.NEW_VERSION }}" |
67 | | - sleep 5 |
68 | | - env: |
69 | | - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} |
70 | | - |
71 | | - - name: Auto-approve pull request |
72 | | - run: gh pr review --approve ${{ env.BRANCH_NAME }} |
73 | | - env: |
74 | | - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
75 | | - |
76 | | - - name: Auto-merge pull request |
77 | | - run: gh pr merge --merge --delete-branch ${{ env.BRANCH_NAME }} |
78 | | - env: |
79 | | - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
80 | | - |
81 | | - - name: Build package |
82 | | - run: npm run build |
83 | | - |
84 | | - - name: Publish to npm |
85 | | - run: npm publish |
86 | | - env: |
87 | | - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} |
| 12 | + publish: |
| 13 | + # os-botify[bot] will update the version on `main`, so this check is important to prevent an infinite loop |
| 14 | + if: ${{ github.actor != 'os-botify[bot]' }} |
| 15 | + uses: Expensify/GitHub-Actions/.github/workflows/npmPublish.yml@main |
| 16 | + secrets: inherit |
| 17 | + with: |
| 18 | + should_run_build: true |
0 commit comments