Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 0 additions & 30 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,6 @@ orbs:
e2e: netlify/e2e@1

workflows:
release-please:
jobs:
- release-please:
context: [shared-secrets]
filters:
branches:
only: [main]

# Workflow responsible for correctly updating the root lockfile for the release-please PR
# See: https://github.com/googleapis/release-please/issues/1101
release-pull-request:
Expand Down Expand Up @@ -76,28 +68,6 @@ commands:
- node_modules

jobs:
release-please:
description: The release action that runs on the main branch
executor: node
steps:
- checkout
- npm-install-deps
- run: npm run build
- run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AFAIK this was never actually needed. possibly copypasta.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it might have been needed at least at some point - lerna/lerna#2404 (comment)

But doesn't matter anymore with trusted publishing

- run: npx lerna publish from-package --yes --no-private
- run:
name: Create Github Release
command: |
npx release-please github-release \
--token "${GITHUB_RELEASES_TOKEN}" \
--repo-url "${CIRCLE_REPOSITORY_URL}" \
- run:
name: Run release-please
command: |
npx release-please release-pr \
--token "${GITHUB_RELEASES_TOKEN}" \
--repo-url "${CIRCLE_REPOSITORY_URL}" \

update-lockfile:
description: Update lockfile in a release please PR
executor: node
Expand Down
53 changes: 6 additions & 47 deletions .github/workflows/pre-release.yml
Original file line number Diff line number Diff line change
@@ -1,63 +1,22 @@
name: prerelease
on:
push:
branches:
# releases/<package>/<tag>/<version>
- releases/*/*/*
branches: [main]
pull_request:
types: [opened, synchronize, reopened]
jobs:
prerelease:
runs-on: ubuntu-24.04
runs-on: ubuntu-slim
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
fetch-depth: 0
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: '24'
check-latest: true
registry-url: 'https://registry.npmjs.org'
- name: Extract tag, version and package
id: extract
run: |-
ref=${{ github.ref }}
branch=${ref:11}
info=${branch:9}
package_tag=${info%/*}
package=${package_tag%/*}
tag=${package_tag#*/}
version=${info##*/}
echo "package=${package}" >> $GITHUB_OUTPUT
echo "tag=${tag}" >> $GITHUB_OUTPUT
echo "version=${version}" >> $GITHUB_OUTPUT
- name: Log extracted information
run: |-
echo package=${{ steps.extract.outputs.package }}
echo tag=${{ steps.extract.outputs.tag }}
echo version=${{ steps.extract.outputs.version }}
- name: Setup git user
run: git config --global user.name github-actions
- name: Setup git email
run: git config --global user.email github-actions@github.com
- name: Create fake .git in package subdirectory
# See https://github.com/npm/cli/issues/2010,https://github.com/npm/npm/issues/9111
run: mkdir packages/${{ steps.extract.outputs.package }}/.git
- name: Run npm version
run:
'npm version --workspace packages/${{ steps.extract.outputs.package }} ${{ steps.extract.outputs.version
}}-${{ steps.extract.outputs.tag }} -m "chore: release @netlify/${{ steps.extract.outputs.package }} ${{
steps.extract.outputs.version }}-${{ steps.extract.outputs.tag }}"'
- name: Prefix package to git tag
run: |-
old_git_tag=v${{ steps.extract.outputs.version}}-${{ steps.extract.outputs.tag }}
new_git_tag=${{ steps.extract.outputs.package }}-${old_git_tag}
git tag ${new_git_tag} ${old_git_tag}
git tag -d ${old_git_tag}
- name: Push changes
run: git push --follow-tags
- name: Install dependencies
run: npm install
run: npm ci
- name: Build workspaces
run: npx lerna run build
- run: npm publish packages/${{ steps.extract.outputs.package }}/ --tag=${{ steps.extract.outputs.tag }}
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
- run: npx pkg-pr-new publish './packages/*'

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}
41 changes: 41 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: release
on:
push:
branches:
- main

permissions:
contents: write
pull-requests: write
id-token: write

jobs:
release-please:
runs-on: ubuntu-24.04
outputs:
releases_created: ${{ steps.release.outputs.releases_created }}
steps:
- uses: googleapis/release-please-action@5c625bfb5d1ff62eadeeb3772007f7f66fdcf071 # v4.4.1
id: release
with:
token: ${{ secrets.GITHUB_TOKEN }}

publish:
needs: release-please
if: ${{ needs.release-please.outputs.releases_created == 'true' }}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

on npm publishing flakes when release-please run determine that release was created, but actual publish fails (i.e. some network or npm registry issues) this would mean there is no way to "retry" to actually publish to npm, so this is a change from the way CircleCi workflow works

runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: '24'
check-latest: true
registry-url: 'https://registry.npmjs.org'
- name: Install dependencies
run: npm ci
- name: Build workspaces
run: npm run build
- name: Publish packages
run: npx lerna publish from-package --yes --no-private
env:
NPM_CONFIG_PROVENANCE: true
Comment thread
serhalp marked this conversation as resolved.
11 changes: 6 additions & 5 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -127,12 +127,13 @@ To test a prerelease of `@netlify/<package>` in a site you have 2 options. Creat

This is especially useful to test how an ongoing PR in `@netlify/<package>` would behave in production.

### Create a Beta release
### Use a pkg.pr.new preview release

- Create a branch named `releases/<package>/<tag>/<version>` with the package and version you'd like to release. For
example, a branch named `releases/cache-utils/rc/2.0.0` will create the version `v2.0.0-rc` and publish it under the
`rc` tag.
- Push the branch to the repo
Every PR (and every push to `main`) automatically publishes preview releases of all packages via
[pkg.pr.new](https://github.com/stackblitz-labs/pkg.pr.new). The `prerelease` GitHub action posts a comment on the PR
with install URLs for each package.

- Install a package preview directly, e.g. `npm i https://pkg.pr.new/@netlify/cache-utils@<commit-sha>`
- Make a PR in the buildbot to use this version
- Update the `build_image` of a site to use this PR

Expand Down
11 changes: 11 additions & 0 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@
"execa": "^8.0.1",
"lerna": "^9.0.7",
"oxfmt": "^0.46.0",
"pkg-pr-new": "^0.0.75",
"typescript-eslint": "~8.49.0",
"vite": "^7.1.0"
},
Expand Down
Loading