Skip to content

Commit e767e3a

Browse files
committed
Separate out validate and publish steps to actions
1 parent 9106838 commit e767e3a

6 files changed

Lines changed: 288 additions & 87 deletions

File tree

.github/workflows/process-semver-v1.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ on:
22
workflow_call:
33
inputs:
44
version:
5-
description: "Optional version override (SemVer WITHOUT leading v), e.g. 1.2.3 or 1.2.3-rc.1"
5+
description: "Optional version override, with or without a leading v, e.g. 1.2.3 or v1.2.3-rc.1. If not provided, calculated from tag name."
66
type: string
77
required: false
88
default: ""
Lines changed: 36 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -1,29 +1,50 @@
11
on:
22
workflow_call:
33
inputs:
4-
version:
5-
description: 'Version number to release e.g., v1.2.3 or v1.2.3-rc.1'
6-
required: true
4+
expected_pkg_name:
5+
description: >
6+
Expected package.json name. If provided, must match.
77
type: string
8+
required: false
9+
10+
expected_pkg_version:
11+
description: >
12+
Expected package.json version. If provided, must match.
13+
May include optional leading 'v' (e.g. v1.2.3).
14+
type: string
15+
required: false
816

917
dist_tag:
1018
description: 'Dist tag to release e.g., latest, alpha, beta, rc, etc.'
11-
required: true
1219
type: string
20+
required: false
21+
22+
node_auth_token:
23+
description: >
24+
Token used to authenticate to GitHub Packages (usually GITHUB_TOKEN).
25+
type: string
26+
required: false
27+
default: ${{ secrets.GITHUB_TOKEN }}
1328

1429
dry_run:
1530
description: 'Run all checks but do not actually publish packages.'
31+
type: boolean
32+
required: false
1633
default: false
34+
35+
cwd:
36+
description: >
37+
Working directory containing package.json (relative to repo root).
38+
type: string
1739
required: false
18-
type: boolean
40+
default: "."
1941

2042
runner_label:
2143
description: 'Label for the runner to be used for the jobs.'
2244
default: 'ubuntu-latest'
2345
required: false
2446
type: string
2547

26-
2748
jobs:
2849
publish-javascript-github:
2950
runs-on: ${{ inputs.runner_label }}
@@ -39,48 +60,21 @@ jobs:
3960
uses: actions/setup-node@v6
4061
with:
4162
node-version: 'lts/*'
42-
registry-url: 'https://registry.npmjs.org'
43-
44-
- name: Get package name
45-
shell: bash
46-
run: |
47-
set -euo pipefail
48-
PACKAGE_NAME="$(npm pkg get name | tr -d '"')"
49-
echo "PACKAGE_NAME=${PACKAGE_NAME}" >> "$GITHUB_ENV"
50-
51-
- name: Validate package.json version
52-
shell: bash
53-
run: |
54-
EXPECTED_VERSION="${{ inputs.version }}"
55-
PKG_VERSION="$(npm pkg get version | tr -d '"')"
56-
57-
if [[ "$PKG_VERSION" != "$EXPECTED_VERSION" ]]; then
58-
echo "::error::package.json version ($PKG_VERSION) does not match release version ($EXPECTED_VERSION)"
59-
exit 1
60-
fi
6163

6264
- name: Install npm dependencies
6365
shell: bash
6466
run: npm ci
6567

6668
- name: Publish to GitHub Packages
6769
id: publish_github
68-
env:
69-
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
70-
continue-on-error: true
71-
run: |
72-
set -euo pipefail
73-
74-
npm config set "@fastly:registry" "https://npm.pkg.github.com/"
75-
npm config set "//npm.pkg.github.com/:_authToken" "$NODE_AUTH_TOKEN"
76-
77-
DIST_TAG="${{ inputs.dist_tag }}"
78-
echo "Publishing ${PACKAGE_NAME} to pkg.github.com using dist-tag: ${DIST_TAG}"
79-
if [[ '${{ inputs.dry_run }}' == 'true' ]]; then
80-
npm publish --dry-run --tag "$DIST_TAG"
81-
else
82-
npm publish --tag "$DIST_TAG"
83-
fi
70+
uses: fastly/devex-reusable-workflows/actions/publish-javascript-github-v1@kats/publish-javascript-packages
71+
with:
72+
expected_pkg_name: ${{ inputs.expected_pkg_name }}
73+
expected_pkg_version: ${{ inputs.expected_pkg_version }}
74+
dist_tag: ${{ inputs.dist_tag }}
75+
node_auth_token: ${{ secrets.GITHUB_TOKEN }}
76+
dry_run: ${{ inputs.dry_run }}
77+
cwd: ${{ inputs.cwd }}
8478

8579
- name: Publish status
8680
if: always()
@@ -96,6 +90,6 @@ jobs:
9690
echo "github outcome: ${{ steps.publish_github.outcome || 'skipped' }}"
9791
if [[ "${{ steps.publish_github.outcome }}" == 'failure' ]]; then
9892
echo "::error::Publish to GitHub Packages failed."
99-
echo "::notice::Hint: Ensure the caller workflow grants 'permissions: packages: write'."
93+
echo "::notice::Hint: Ensure the caller repo/workflow is able to write this package."
10094
exit 1
10195
fi
Lines changed: 32 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -1,28 +1,42 @@
11
on:
22
workflow_call:
33
inputs:
4-
version:
5-
description: 'Version number to release e.g., v1.2.3 or v1.2.3-rc.1'
6-
required: true
4+
expected_pkg_name:
5+
description: >
6+
Expected package.json name. If provided, must match.
77
type: string
8+
required: false
9+
10+
expected_pkg_version:
11+
description: >
12+
Expected package.json version. If provided, must match.
13+
May include optional leading 'v' (e.g. v1.2.3).
14+
type: string
15+
required: false
816

917
dist_tag:
1018
description: 'Dist tag to release e.g., latest, alpha, beta, rc, etc.'
11-
required: true
1219
type: string
20+
required: false
1321

1422
dry_run:
1523
description: 'Run all checks but do not actually publish packages.'
24+
type: boolean
25+
required: false
1626
default: false
27+
28+
cwd:
29+
description: >
30+
Working directory containing package.json (relative to repo root).
31+
type: string
1732
required: false
18-
type: boolean
33+
default: "."
1934

2035
runner_label:
2136
description: 'Label for the runner to be used for the jobs.'
2237
default: 'ubuntu-latest'
23-
required: false
2438
type: string
25-
39+
required: false
2640

2741
jobs:
2842
publish-javascript-npmjs:
@@ -41,46 +55,19 @@ jobs:
4155
node-version: 'lts/*'
4256
registry-url: 'https://registry.npmjs.org'
4357

44-
- name: Get package name
45-
shell: bash
46-
run: |
47-
set -euo pipefail
48-
PACKAGE_NAME="$(npm pkg get name | tr -d '"')"
49-
echo "PACKAGE_NAME=${PACKAGE_NAME}" >> "$GITHUB_ENV"
50-
51-
- name: Validate package.json version
52-
shell: bash
53-
run: |
54-
EXPECTED_VERSION="${{ inputs.version }}"
55-
PKG_VERSION="$(npm pkg get version | tr -d '"')"
56-
57-
if [[ "$PKG_VERSION" != "$EXPECTED_VERSION" ]]; then
58-
echo "::error::package.json version ($PKG_VERSION) does not match release version ($EXPECTED_VERSION)"
59-
exit 1
60-
fi
61-
6258
- name: Install npm dependencies
6359
shell: bash
6460
run: npm ci
6561

6662
- name: Publish to npmjs.org
6763
id: publish_npmjs
68-
run: |
69-
set -euo pipefail
70-
71-
if [[ -z "${ACTIONS_ID_TOKEN_REQUEST_URL:-}" || -z "${ACTIONS_ID_TOKEN_REQUEST_TOKEN:-}" ]]; then
72-
echo "::error::OIDC not available."
73-
echo "::notice::Hint: Caller must grant: permissions: id-token: write"
74-
exit 1
75-
fi
76-
77-
DIST_TAG="${{ inputs.dist_tag }}"
78-
echo "Publishing ${PACKAGE_NAME} to npmjs.org using dist-tag: ${DIST_TAG}"
79-
if [[ '${{ inputs.dry_run }}' == 'true' ]]; then
80-
npm publish --dry-run --access=public --tag "$DIST_TAG"
81-
else
82-
npm publish --access=public --tag "$DIST_TAG"
83-
fi
64+
uses: fastly/devex-reusable-workflows/actions/publish-javascript-npmjs-v1@kats/publish-javascript-packages
65+
with:
66+
expected_pkg_name: ${{ inputs.expected_pkg_name }}
67+
expected_pkg_version: ${{ inputs.expected_pkg_version }}
68+
dist_tag: ${{ inputs.dist_tag }}
69+
dry_run: ${{ inputs.dry_run }}
70+
cwd: ${{ inputs.cwd }}
8471

8572
- name: Publish status
8673
if: always()
@@ -92,10 +79,11 @@ jobs:
9279
echo "::notice::Dry run enabled — no package was actually published."
9380
exit 0
9481
fi
95-
96-
echo "npmjs outcome: ${{ steps.publish_npmjs.outcome || 'skipped' }}"
82+
83+
OUTCOME="${{ steps.publish_npmjs.outcome }}"
84+
echo "npmjs outcome: ${OUTCOME:-skipped}"
9785
if [[ "${{ steps.publish_npmjs.outcome }}" == 'failure' ]]; then
9886
echo "::error::Publish to npmjs.org failed."
99-
echo "::notice::Hint: Ensure that the caller repo/workflow is registered as a Trusted Publisher in npm for ${PACKAGE_NAME}."
87+
echo "::notice::Hint: Ensure that the caller repo/workflow is registered as a Trusted Publisher in npm."
10088
exit 1
10189
fi
Lines changed: 80 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,80 @@
1+
name: Publish JavaScript package to GitHub Packages
2+
description: >
3+
Optionally validates package.json name and/or version and publishes
4+
to GitHub Packages (supports dry-run). Assumes dependencies are already installed.
5+
6+
inputs:
7+
expected_pkg_name:
8+
description: >
9+
Expected package.json name. If provided, must match.
10+
required: false
11+
12+
expected_pkg_version:
13+
description: >
14+
Expected package.json version. If provided, must match.
15+
May include optional leading 'v' (e.g. v1.2.3).
16+
required: false
17+
18+
dist_tag:
19+
description: >
20+
npm dist-tag to publish under (e.g. latest, rc, beta).
21+
Defaults to 'latest'.
22+
required: false
23+
default: "latest"
24+
25+
node_auth_token:
26+
description: >
27+
Token used to authenticate to GitHub Packages (usually GITHUB_TOKEN).
28+
required: true
29+
30+
dry_run:
31+
description: >
32+
If true, runs npm publish --dry-run instead of publishing.
33+
required: false
34+
default: "false"
35+
36+
cwd:
37+
description: >
38+
Working directory containing package.json (relative to repo root).
39+
required: false
40+
default: "."
41+
42+
runs:
43+
using: composite
44+
steps:
45+
- name: Validate package name and/or version
46+
uses: fastly/devex-reusable-workflows/actions/validate-javascript-package-v1@kats/publish-javascript-packages
47+
with:
48+
expected_pkg_name: ${{ inputs.expected_pkg_name }}
49+
expected_pkg_version: ${{ inputs.expected_pkg_version }}
50+
cwd: ${{ inputs.cwd }}
51+
52+
- name: Publish to GitHub Packages
53+
shell: bash
54+
env:
55+
NODE_AUTH_TOKEN: ${{ inputs.node_auth_token }}
56+
working-directory: ${{ inputs.cwd }}
57+
run: |
58+
set -euo pipefail
59+
60+
DIST_TAG="${{ inputs.dist_tag }}"
61+
DRY_RUN="${{ inputs.dry_run }}"
62+
63+
PKG_NAME="$(npm pkg get name --json | jq -r)"
64+
PKG_VERSION="$(npm pkg get version --json | jq -r)"
65+
66+
echo "Publishing ${PKG_NAME} v${PKG_VERSION} to GitHub Packages"
67+
echo " cwd : ${{ inputs.cwd }}"
68+
echo " dist-tag: ${DIST_TAG}"
69+
echo " dry-run : ${DRY_RUN}"
70+
71+
npm config set "//npm.pkg.github.com/:_authToken" "$NODE_AUTH_TOKEN"
72+
73+
PUBLISH_ARGS=(
74+
--tag "$DIST_TAG"
75+
--registry=https://npm.pkg.github.com/
76+
)
77+
if [[ "$DRY_RUN" == "true" ]]; then
78+
PUBLISH_ARGS+=(--dry-run)
79+
fi
80+
npm publish "${PUBLISH_ARGS[@]}"

0 commit comments

Comments
 (0)