jfrog what are you doing #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release snapshot to jfrog | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - snapshot-releases | |
| workflow_dispatch: | |
| # Allow only one concurrent deployment, but do NOT cancel in-progress runs as | |
| # we want to allow these release deployments to complete. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: false | |
| permissions: | |
| contents: read | |
| id-token: write # necessary for NPM provenance | |
| jobs: | |
| publish-npm: | |
| name: Snapshot Publish | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| strategy: | |
| matrix: | |
| package: | |
| [ | |
| "agent", | |
| "api", | |
| "common", | |
| "credentials", | |
| "crypto", | |
| "crypto-aws-kms", | |
| "dids", | |
| "identity-agent", | |
| "proxy-agent", | |
| "user-agent", | |
| ] | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 | |
| with: | |
| fetch-depth: 0 | |
| # https://cashapp.github.io/hermit/usage/ci/ | |
| - name: Init Hermit | |
| uses: cashapp/activate-hermit@v1 | |
| with: | |
| cache: "true" | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Build all workspace packages | |
| run: pnpm build | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| with: | |
| version: latest | |
| oidc-provider-name: github # must match the OpenID Connect name from https://blockxyz.jfrog.io/ui/admin/configuration/integrations | |
| env: | |
| JF_URL: https://blockxyz.jfrog.io | |
| - name: Publish @web5/${{ matrix.package }}@${{ env.REPO_VERSION }} | |
| env: | |
| NODE_AUTH_TOKEN: ${{secrets.npm_token}} | |
| run: | | |
| set -exuo pipefail | |
| package_name="${{ matrix.package }}" | |
| cd "packages/${package_name}" | |
| base_version=$(jq -r .version package.json) | |
| # I'm not seeing a great way to determine the commit of the last release of a given package, so I'm using a not-so-great way | |
| version_line=$(grep -n "\"version\": \"${base_version}\"" package.json | cut -d: -f1) # determine which line in package.json specifies the version | |
| version_bump_commit=$(git blame --porcelain -L "${version_line},${version_line}" -- package.json | head -n1 | awk '{ print $1 }') # ask git when the last commit to that line was | |
| commits_since_version_bump=$(git rev-list ${version_bump_commit} --count -- .) # count the number of commits that changed this package since the version change commit | |
| snapshot_version="${base_version}-SNAPSHOT.${commits_since_version_bump}" | |
| # check if that snapshot version has already been published | |
| if curl -f --silent "https://blockxyz.jfrog.io/artifactory/api/storage/tbd-oss-snapshots-npm/@web5/${package_name}/-/@web5/${package_name}-${snapshot_version}.tgz" > /dev/null; then | |
| echo "release for @web5/${package_name}-${snapshot_version} already exists, not re-publishing" | |
| exit 0 | |
| fi | |
| # set the snapshot version | |
| jq --arg version "${snapshot_version}" '.version = $version' package.json > package-new.json | |
| mv package-new.json package.json | |
| # set publishing config in package.json | |
| jq '.publishConfig.registry = "https://blockxyz.jfrog.io/artifactory/api/npm/tbd-oss-snapshots-npm/"' package.json > package-new.json | |
| mv package-new.json package.json | |
| # login to jfrog and publish | |
| jf npm-config --global=true --repo-resolve=tbd-oss-snapshots-npm --repo-deploy=tbd-oss-snapshots-npm | |
| jf npm publish --registry https://blockxyz.jfrog.io/artifactory/api/npm/tbd-oss-snapshots-npm/ | |
| shell: bash |