Add release workflow #19
Conversation
Co-authored-by: Andrew Fleming <[email protected]> Signed-off-by: 0xisk <[email protected]>
.github/workflows/release.yml
Outdated
| - major | ||
|
|
||
| permissions: | ||
| contents: write # Required to push commits and tags |
There was a problem hiding this comment.
would be better to move this to the jobs that need the permissions, perhaps not a high priority right now but it will bubble up again later as I will be trying to fix this across all of our repos.
| cd packages/${{ steps.pkg.outputs.dir }} | ||
| yarn npm publish --access public | ||
| env: | ||
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} |
There was a problem hiding this comment.
I hope we can switch this off and use Trusted Publishing with OIDC auth later. Yarn should support it (yarnpkg/berry#6898, yarnpkg/berry#6911)
There was a problem hiding this comment.
Just to be clear, You need to first publish the package and then enable OIDC for the subsequent versions.
|
|
||
| 1. Go to "Release Package" in Actions. | ||
| 2. Click on the "Run workflow" dropdown menu. | ||
| 3. Choose the package to release and the version bump type. |
There was a problem hiding this comment.
it looks like this will run on main?
| - Create a git tag. | ||
| - Publish the package to npm. | ||
|
|
||
| 6. Once published, go to "Releases" and create a GitHub release using the generated tag. No newline at end of file |
There was a problem hiding this comment.
we could automate this too, perhaps a future improvement?
There was a problem hiding this comment.
Just FYI, If you guys haven't seen it, you can check how we are managing this using changesets here https://github.com/OpenZeppelin/relayer-plugin-channels/tree/main/.github/workflows. We pretty much standardized using changesets across all ts/js repos publishing to npm. Something to improve.
|
@andrew-fleming don't we need to change |
.github/workflows/release.yml
Outdated
| run: | | ||
| yarn config set npmAuthToken "$NPM_TOKEN" | ||
| cd packages/${{ steps.pkg.outputs.dir }} | ||
| yarn npm publish --access public |
There was a problem hiding this comment.
Is it possible to use the --provenance flag here?
| - Create a git tag. | ||
| - Publish the package to npm. | ||
|
|
||
| 6. Once published, go to "Releases" and create a GitHub release using the generated tag. No newline at end of file |
There was a problem hiding this comment.
Just FYI, If you guys haven't seen it, you can check how we are managing this using changesets here https://github.com/OpenZeppelin/relayer-plugin-channels/tree/main/.github/workflows. We pretty much standardized using changesets across all ts/js repos publishing to npm. Something to improve.
| cd packages/${{ steps.pkg.outputs.dir }} | ||
| yarn npm publish --access public | ||
| env: | ||
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} |
There was a problem hiding this comment.
Just to be clear, You need to first publish the package and then enable OIDC for the subsequent versions.
|
Closing since the changes here were merged with #43 |
5 participants
Fixes #6
*Waiting on repo being OS to configure environment