From 669ca71f5fbb58174e67b2ce6b11289fa8dfa317 Mon Sep 17 00:00:00 2001 From: Vigneshwer Vaidyanathan Date: Mon, 17 Mar 2025 20:30:28 -0400 Subject: [PATCH 1/2] Add automation for publishing to NPM --- .github/workflows/publish.yml | 39 ++++++++++++++++++++++++++++ .github/workflows/release.yml | 49 +++++++++++++++++++++++++++++++++++ 2 files changed, 88 insertions(+) create mode 100644 .github/workflows/publish.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..b21b27d --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,39 @@ +name: Publish Package to npmjs +on: + release: + types: [published] + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + steps: + - uses: tibdex/github-app-token@v1 + id: generate-token + with: + app_id: ${{ secrets.PR_APP_ID }} + private_key: ${{ secrets.PR_APP_PRIVATE_KEY }} + + - uses: actions/checkout@v4 + name: Checkout repository + + - uses: actions/setup-node@v4 + name: Use Node.js 20.x + with: + node-version: '20.x' + registry-url: 'https://registry.npmjs.org' + scope: '@fragment-dev' + + - name: Install dependencies + uses: nick-fields/retry@v2 + with: + retry_on: error + timeout_minutes: 5 + max_attempts: 2 + command: yarn + + - run: npm publish --access public + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..879200f --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,49 @@ +name: Create Release +inputs: + type: + type: choice + description: Release Type + options: + - patch + - minor + - major + +jobs: + createRelease: + runs-on: ubuntu-latest + + steps: + - uses: tibdex/github-app-token@v1 + id: generate-token + with: + app_id: ${{ secrets.PR_APP_ID }} + private_key: ${{ secrets.PR_APP_PRIVATE_KEY }} + + - uses: actions/checkout@v4 + name: Checkout repository + + - uses: actions/setup-node@v4 + name: Use Node.js 20.x + with: + node-version: '20.x' + registry-url: 'https://registry.npmjs.org' + + - name: Install dependencies + uses: nick-fields/retry@v2 + with: + retry_on: error + timeout_minutes: 5 + max_attempts: 2 + command: yarn + + - name: Bump version + run: npm version ${{ inputs.type }} + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v4 + with: + token: ${{ steps.generate-token.outputs.token }} + title: Bump SDK version (${{ inputs.type }}) + base: 'dev' + body: > + This PR is auto-generated by github action. From 274a5a3b12f3e5c0b6b258be0c531de8172e7584 Mon Sep 17 00:00:00 2001 From: Vigneshwer Vaidyanathan Date: Mon, 17 Mar 2025 20:47:10 -0400 Subject: [PATCH 2/2] pin all actions --- .github/workflows/publish.yml | 10 +++++----- .github/workflows/release.yml | 14 +++++++++----- .github/workflows/updateSDKQueries.yml | 12 ++++++------ 3 files changed, 20 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index b21b27d..16d9cfa 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -8,18 +8,18 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - id-token: write + steps: - - uses: tibdex/github-app-token@v1 + - uses: tibdex/github-app-token@32691ba7c9e7063bd457bd8f2a5703138591fa58 # v1 id: generate-token with: app_id: ${{ secrets.PR_APP_ID }} private_key: ${{ secrets.PR_APP_PRIVATE_KEY }} - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 name: Checkout repository - - uses: actions/setup-node@v4 + - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4 name: Use Node.js 20.x with: node-version: '20.x' @@ -27,7 +27,7 @@ jobs: scope: '@fragment-dev' - name: Install dependencies - uses: nick-fields/retry@v2 + uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 with: retry_on: error timeout_minutes: 5 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 879200f..fcbb0d9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,24 +12,28 @@ jobs: createRelease: runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: - - uses: tibdex/github-app-token@v1 + - uses: tibdex/github-app-token@32691ba7c9e7063bd457bd8f2a5703138591fa58 # v1 id: generate-token with: app_id: ${{ secrets.PR_APP_ID }} private_key: ${{ secrets.PR_APP_PRIVATE_KEY }} - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 name: Checkout repository - - uses: actions/setup-node@v4 + - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4 name: Use Node.js 20.x with: node-version: '20.x' registry-url: 'https://registry.npmjs.org' - name: Install dependencies - uses: nick-fields/retry@v2 + uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 with: retry_on: error timeout_minutes: 5 @@ -40,7 +44,7 @@ jobs: run: npm version ${{ inputs.type }} - name: Create Pull Request - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v4 with: token: ${{ steps.generate-token.outputs.token }} title: Bump SDK version (${{ inputs.type }}) diff --git a/.github/workflows/updateSDKQueries.yml b/.github/workflows/updateSDKQueries.yml index 0231ca5..8cccc8a 100644 --- a/.github/workflows/updateSDKQueries.yml +++ b/.github/workflows/updateSDKQueries.yml @@ -6,19 +6,19 @@ jobs: updateQueries: runs-on: ubuntu-latest steps: - - uses: tibdex/github-app-token@v1 + - uses: tibdex/github-app-token@32691ba7c9e7063bd457bd8f2a5703138591fa58 # v1 id: generate-token with: app_id: ${{ secrets.PR_APP_ID }} private_key: ${{ secrets.PR_APP_PRIVATE_KEY }} - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 with: path: graphql-queries repository: fragment-dev/graphql-queries token: ${{ steps.generate-token.outputs.token }} - - uses: actions/checkout@v4 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 name: Checkout node-client with: path: node-client @@ -27,7 +27,7 @@ jobs: id: yarn-cache-dir-path run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT - - uses: actions/cache@v4 + - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 id: yarn-cache with: path: ${{ steps.yarn-cache-dir-path.outputs.dir }} @@ -35,7 +35,7 @@ jobs: restore-keys: ${{ runner.os }}-yarn-check-release - name: Use Node.js 20.x - uses: actions/setup-node@v4 + uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4 with: node-version: 20.x @@ -53,7 +53,7 @@ jobs: run: yarn build - name: Create Pull Request - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # vr with: path: ./node-client token: ${{ steps.generate-token.outputs.token }}