npm publish

.eslintrc.js

@@ -2,7 +2,7 @@
 /** @type {import("eslint").Linter.Config} */
 module.exports = {
   ignorePatterns: ["apps/**", "packages/**", "scripts/**"],
-  extends: ["@repo/eslint-config/library.js"],
+  extends: ["@xeol/eslint-config/library.js"],
   parser: "@typescript-eslint/parser",
   parserOptions: {
     project: true,

.github/contributing.md

@@ -0,0 +1,16 @@
+# Contributing
+
+### Publishing on Npm
+
+We manage _what_ gets merged _when_ using the pull request labels `release` and `prerelease`.
+
+When the `prerelease` label is added to a pull request:
+
+- the version in the package.json is verified, asserting that it is greater than the version in the main branch and includes a prerelease suffix (_e.g 1.2.3-rc.1_)
+- the package is published to NPM with the `--next` tag. The next tag is how alpha and beta package versions are published to NPM. When a developer runs `npm install @vesselapi/integrations` versions with the next tag are ignored -- unless they are specifically specified `npm install @vesselapi/[email protected]`.
+
+When the `release` label is added to a pull request:
+
+- the version in the package.json is verified, asserting that it is greater than the version in the main branch and does not include a prerelease suffix
+
+When no release label is provided github actions verifies that the version has not changed so versions of the package are not published erroneously.

.github/versioning.js

@@ -0,0 +1,72 @@
+const semver = require("semver");
+
+const { PR_VERSION: pr, MAIN_VERSION: main } = process.env;
+
+const assertIsValidPrerelease = ({ github, context, core }) => {
+  const pr_clean = pr.replace(/\-.+$/, "");
+  const pr_is_greater = semver.gt(pr_clean, main);
+
+  if (pr_is_greater) {
+    core.debug(
+      `The pr version (${pr} -> ${pr_clean}) is higher than the main version (${main}).`
+    );
+  } else {
+    core.setFailed(
+      `The pr version (${pr}) is not greater than the main version (${main}). A pull request labeled with 'prerelease' must have a valid version bump.`
+    );
+  }
+  const pr_is_prerelease = semver.prerelease(pr) !== null;
+  if (pr_is_prerelease) {
+    core.debug(`The pr version (${pr}) is a prerelease.`);
+  } else {
+    core.setFailed(
+      `The pr version (${pr}) is not a prerelease. A pull request labeled with 'prerelease' must have a valid prerelease version (1.2.3-rc.1).`
+    );
+  }
+};
+
+const assertIsValidRelease = ({ github, context, core }) => {
+  const pr_is_greater = semver.gt(pr, main);
+  if (pr_is_greater) {
+    core.debug(
+      `Success, the pr version (${pr}) is higher than the main version (${main}).`
+    );
+  } else {
+    core.setFailed(
+      `The pr version (${pr}) is not greater than the main version (${main}). A pull request labeled with 'release' must have a valid version bump.`
+    );
+  }
+  const pr_is_prerelease = semver.prerelease(pr) !== null;
+  if (!pr_is_prerelease) {
+    core.debug(`The pr version (${pr}) is not a prerelease.`);
+  } else {
+    core.setFailed(
+      `The pr version (${pr}) is a prerelease. A pull request labeled with 'release' cannot have a prerelease version (1.2.3-alpha.1 or 1.2.3-rc.1)`
+    );
+  }
+};
+
+const assertIsUnchanged = ({ github, context, core }) => {
+  if (pr.trim() === main.trim()) {
+    core.debug(
+      `Success, the pr version (${pr}) is the same as the main version (${main}).`
+    );
+  } else {
+    core.setFailed(
+      `The pr version (${pr}) is not the same as the main version (${main}). A pull request without a 'release' or 'prerelease' label cannot include a version bump.`
+    );
+  }
+};
+
+exports.verify = ({ github, context, core }) => {
+  const labels = (context.payload?.pull_request?.labels ?? []).map((l) =>
+    l.name.toLowerCase()
+  );
+  if (labels.includes("prerelease")) {
+    return assertIsValidPrerelease({ github, context, core });
+  }
+  if (labels.includes("release")) {
+    return assertIsValidRelease({ github, context, core });
+  }
+  assertIsUnchanged({ github, context, core });
+};

.github/workflows/publish-cli-to-npm.yml → .github/workflows/publish-cli-on-merge.yml

@@ -1,36 +1,39 @@
-name: Publish bumpgen cli to npmjs
+name: Release to Npm
 
 on:
   push:
     branches: [main]
     paths:
-      - 'apps/cli/**'
+      - "apps/cli/**"
 
 jobs:
   check:
-    name: 'Check if release is needed'
-    runs-on: 'ubuntu-latest'
+    name: "Check if release is needed"
+    runs-on: "ubuntu-latest"
     outputs:
       exists: ${{ steps.check-tag.outputs.exists }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      # retrieves the version from package.json
       - uses: martinbeentjes/npm-get-version-action@main
         id: get-version
+      # check if the tag exists on the repo
       - uses: mukunku/[email protected]
         id: check-tag
         with:
           tag: v${{ steps.get-version.outputs.current-version }}
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   release:
-    name: 'Release'
+    name: "Release"
     needs: check
     if: needs.check.outputs.exists == 'false'
-    runs-on: 'ubuntu-latest'
+    runs-on: "ubuntu-latest"
     permissions:
       contents: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: martinbeentjes/npm-get-version-action@main
         id: get-version
       - uses: actions/create-release@v1
@@ -48,24 +51,11 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - uses: ./tooling/github/setup
-        name: Install pnpm
-        with:
-          version: 8
-          run_install: false
-
-      - name: Install Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version-file: ".nvmrc"
-          cache: pnpm
-          registry-url: https://registry.npmjs.org
-
-      - name: 📦️ Install dependencies
-        run: pnpm install --frozen-lockfile
+      - name: Setup
+        uses: ./tooling/github/setup
 
-      - name: 🚀 Publish bumpgen cli to npm
-        shell: bash
-        run: pnpm publish apps/cli
+      - run: pnpm install --frozen-lockfile
+      - run: pnpm --filter=bumpgen run build
+      - run: pnpm --filter=bumpgen publish --tag latest --access public --no-git-checks
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: "${{ secrets.NPM_TOKEN }}"

.github/workflows/publish-cli-on-prerelease-pr.yml

@@ -0,0 +1,49 @@
+name: Publish Prerelease for CLI
+on:
+  pull_request:
+    branches: [main]
+    types: [labeled, unlabeled, opened, synchronize]
+    paths:
+      - "apps/cli/**"
+
+jobs:
+  publish-prerelease:
+    if: contains(github.event.pull_request.labels.*.name, 'prerelease')
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: main
+
+      - uses: martinbeentjes/npm-get-version-action@main
+        with:
+          path: apps/cli
+        id: main-version
+
+      - uses: actions/checkout@v4
+
+      - uses: martinbeentjes/npm-get-version-action@main
+        with:
+          path: apps/cli
+        id: pr-version
+
+      - name: Setup
+        uses: ./tooling/github/setup
+
+      - uses: actions/github-script@v6
+        env:
+          PR_VERSION: ${{steps.pr-version.outputs.current-version}}
+          MAIN_VERSION: ${{steps.main-version.outputs.current-version}}
+        with:
+          script: require('./.github/versioning.js').verify({ github, context, core })
+
+      - name: set publishing config
+        run: pnpm config set '//registry.npmjs.org/:_authToken' "${NODE_AUTH_TOKEN}"
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
+
+      - run: pnpm i
+      - run: pnpm --filter=bumpgen run build
+      - run: pnpm --filter=bumpgen publish --tag next --access public --no-git-checks
+        env:
+          NODE_AUTH_TOKEN: "${{ secrets.NPM_TOKEN }}"

.github/workflows/publish-core-to-npm.yml → .github/workflows/publish-core-on-merge.yml

@@ -4,16 +4,16 @@ on:
   push:
     branches: [main]
     paths:
-      - 'packages/bumpgen-core/**'
+      - "packages/bumpgen-core/**"
 
 jobs:
   check:
-    name: 'Check if release is needed'
-    runs-on: 'ubuntu-latest'
+    name: "Check if release is needed"
+    runs-on: "ubuntu-latest"
     outputs:
       exists: ${{ steps.check-tag.outputs.exists }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: martinbeentjes/npm-get-version-action@main
         id: get-version
       - uses: mukunku/[email protected]
@@ -22,15 +22,16 @@ jobs:
           tag: v${{ steps.get-version.outputs.current-version }}
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   release:
-    name: 'Release'
+    name: "Release"
     needs: check
     if: needs.check.outputs.exists == 'false'
-    runs-on: 'ubuntu-latest'
+    runs-on: "ubuntu-latest"
     permissions:
       contents: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: martinbeentjes/npm-get-version-action@main
         id: get-version
       - uses: actions/create-release@v1
@@ -42,29 +43,18 @@ jobs:
           tag_name: v${{ steps.get-version.outputs.current-version}}
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   publish:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - uses: ./tooling/github/setup
-        name: Install pnpm
-        with:
-          version: 8
-          run_install: false
-
-      - name: Install Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version-file: ".nvmrc"
-          cache: pnpm
-          registry-url: https://registry.npmjs.org
-
-      - name: 📦️ Install dependencies
-        run: pnpm install --frozen-lockfile
+      - name: Setup
+        uses: ./tooling/github/setup
 
-      - name: 🚀 Publish bumpgen-core to npm
-        run: pnpm publish packages/bumpgen-core
+      - run: pnpm install --frozen-lockfile
+      - run: pnpm --filter=@xeol/bumpgen-core run build
+      - run: pnpm --filter=@xeol/bumpgen-core publish --tag latest --access public --no-git-checks
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/publish-core-on-prerelease-pr.yml

@@ -0,0 +1,47 @@
+name: Publish Prerelease for @xeol/bumpgen-core
+on:
+  pull_request:
+    branches: [main]
+    types: [labeled, unlabeled, opened, synchronize]
+    paths:
+      - "packages/bumpgen-core/**"
+
+jobs:
+  publish-prerelease:
+    if: contains(github.event.pull_request.labels.*.name, 'prerelease')
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: main
+      - uses: martinbeentjes/npm-get-version-action@main
+        with:
+          path: packages/bumpgen-core
+        id: main-version
+
+      - uses: actions/checkout@v4
+      - uses: martinbeentjes/npm-get-version-action@main
+        with:
+          path: packages/bumpgen-core
+        id: pr-version
+
+      - name: Setup
+        uses: ./tooling/github/setup
+
+      - uses: actions/github-script@v6
+        env:
+          PR_VERSION: ${{steps.pr-version.outputs.current-version}}
+          MAIN_VERSION: ${{steps.main-version.outputs.current-version}}
+        with:
+          script: require('./.github/versioning.js').verify({ github, context, core })
+
+      - name: set publishing config
+        run: pnpm config set '//registry.npmjs.org/:_authToken' "${NODE_AUTH_TOKEN}"
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
+
+      - run: pnpm i
+      - run: pnpm --filter=@xeol/bumpgen-core run build
+      - run: pnpm --filter=@xeol/bumpgen-core publish --tag next --access public --no-git-checks
+        env:
+          NODE_AUTH_TOKEN: "${{ secrets.NPM_TOKEN }}"