From 085f8c3aaf62d17df70322d7abd75df8271d1313 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?coffee=20=E2=98=95=EF=B8=8F?= Date: Wed, 25 Mar 2026 21:22:22 -0400 Subject: [PATCH] fix(ci): publish from main pushes only when version is unpublished --- .github/workflows/publish.yml | 63 ++++++++++++++++++++++++++++------- RELEASING.md | 7 ++-- 2 files changed, 56 insertions(+), 14 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index be734d1..eb56c72 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,27 +1,65 @@ name: Publish on: - pull_request_target: - types: - - closed + push: + branches: + - main permissions: contents: read concurrency: - group: publish-${{ github.event.pull_request.number }} + group: publish-${{ github.ref }} cancel-in-progress: false jobs: + detect: + name: Detect Publishable Release + runs-on: ubuntu-latest + outputs: + should_publish: ${{ steps.compare.outputs.should_publish }} + local_version: ${{ steps.compare.outputs.local_version }} + published_version: ${{ steps.compare.outputs.published_version }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v6.1.0 + with: + node-version: 24 + + - name: Compare local and published versions + id: compare + shell: bash + run: | + local_version=$(node -p "require('./packages/mpp/package.json').version") + published_version=$(npm view @abstract-foundation/mpp version 2>/dev/null || true) + published_version=$(printf '%s\n' "$published_version" | tail -n 1 | tr -d '"') + + should_publish=false + if [ -z "$published_version" ] || [ "$published_version" != "$local_version" ]; then + should_publish=true + fi + + echo "local_version=$local_version" >> "$GITHUB_OUTPUT" + echo "published_version=$published_version" >> "$GITHUB_OUTPUT" + echo "should_publish=$should_publish" >> "$GITHUB_OUTPUT" + + - name: Report decision + run: | + echo "Local version: ${{ steps.compare.outputs.local_version }}" + echo "Published version: ${{ steps.compare.outputs.published_version }}" + echo "Should publish: ${{ steps.compare.outputs.should_publish }}" + verify: name: Verify Release Commit - if: github.event.pull_request.merged == true && github.event.pull_request.base.ref == 'main' && startsWith(github.event.pull_request.head.ref, 'changeset-release/') + needs: detect + if: needs.detect.outputs.should_publish == 'true' runs-on: ubuntu-latest steps: - - name: Checkout merged release commit + - name: Checkout uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.merge_commit_sha }} - name: Setup pnpm uses: pnpm/action-setup@v4.2.0 @@ -54,7 +92,10 @@ jobs: publish: name: Publish to npm - needs: verify + needs: + - detect + - verify + if: needs.detect.outputs.should_publish == 'true' runs-on: ubuntu-latest environment: name: npm @@ -63,10 +104,8 @@ jobs: contents: read id-token: write steps: - - name: Checkout merged release commit + - name: Checkout uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.merge_commit_sha }} - name: Setup pnpm uses: pnpm/action-setup@v4.2.0 diff --git a/RELEASING.md b/RELEASING.md index 320c55a..01c8f49 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -9,8 +9,11 @@ publishing. 2. Merge changesets into `main`. 3. The `Release PR` workflow opens or updates a `Version Packages` pull request. 4. Merge the `Version Packages` pull request. -5. The `Publish` workflow verifies the merged commit, waits for approval on the - protected `npm` environment, and then publishes to npm. +5. A push to `main` triggers the `Publish` workflow. +6. The workflow compares `packages/mpp/package.json` to the version currently on + npm and only continues when the local version is unpublished. +7. For unpublished versions, the workflow verifies the merged commit, waits for + approval on the protected `npm` environment, and then publishes to npm. ## GitHub setup