dashcommerce/.github/workflows/release.yml at main · emdashCommerce/dashcommerce · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
name: Release

on:
  push:
    branches:
      - main

# Only one release flow runs at a time — prevents racing Version Packages PRs.
concurrency: ${{ github.workflow }}-${{ github.ref }}

permissions:
  contents: write         # create tags + Releases, push Version Packages PR
  pull-requests: write    # open/update the Version Packages PR
  id-token: write         # npm provenance (signed publish)

jobs:
  release:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      # Astro 6's CLI forks a Node process; runner's default Node is 20 and
      # Astro requires >=22.12.0. Set this up BEFORE Bun so `node` in PATH
      # points at 22 when `astro build` runs.
      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: "22"
          registry-url: "https://registry.npmjs.org"

      - name: Setup Bun
        uses: oven-sh/setup-bun@v2
        with:
          bun-version: latest

      - name: Install deps
        run: bun install --frozen-lockfile

      # changesets/action detects:
      #   - pending `.changeset/*.md` in the repo → opens/updates a Version Packages PR
      #   - no pending changesets + package versions differ from npm → runs `publish`
      - name: Create Release PR or publish
        uses: changesets/action@v1
        with:
          publish: bun run release
          createGithubReleases: true
          title: "chore: version packages"
          commit: "chore: version packages"
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
          NPM_CONFIG_PROVENANCE: "true"