-
Notifications
You must be signed in to change notification settings - Fork 61
159 lines (140 loc) · 7.46 KB
/
Copy pathversion-bump.yml
File metadata and controls
159 lines (140 loc) · 7.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: Create Release PR
# Manually triggered from the Actions tab. Pick how to bump; the target version
# is computed from the CURRENT version at run time (nothing is hard-coded). This
# sets every package in lockstep (lerna fixed mode) and opens a "Release X.Y.Z"
# PR that only touches lerna.json + package.json files. Merging that PR and
# publishing a GitHub Release is what actually ships to npm.
on:
workflow_dispatch:
inputs:
bump:
description: 'How to bump (examples are illustrative; the actual resulting version is shown in the run summary):'
required: true
default: "prerelease (e.g. 1.2.3-beta.4 -> 1.2.3-beta.5)"
type: choice
options:
- "prerelease (e.g. 1.2.3-beta.4 -> 1.2.3-beta.5)"
- "patch (e.g. 1.2.3-beta.4 -> 1.2.3, or 1.2.3 -> 1.2.4)"
- "minor (e.g. 1.2.3 -> 1.3.0)"
- "major (e.g. 1.2.3 -> 2.0.0)"
- "preminor (e.g. 1.2.3 -> 1.3.0-beta.0)"
- "premajor (e.g. 1.2.3 -> 2.0.0-beta.0)"
permissions:
contents: write
pull-requests: write
checks: write
jobs:
release-pr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
fetch-depth: 0
- uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
with:
node-version: 24
- run: yarn install --frozen-lockfile
- name: Configure git
run: |
git config user.name "percy-release-bot"
git config user.email "percy-release-bot@users.noreply.github.com"
- name: Bump version
id: bump
env:
BUMP: ${{ inputs.bump }}
run: |
set -euo pipefail
# The dropdown value is "<keyword> (e.g. ...)"; take the first word.
KEYWORD="${BUMP%% *}"
CURRENT=$(node -p "require('./lerna.json').version")
# Compute the target version dynamically from the current version.
# 'beta' is the prerelease identifier for any pre* bump.
TARGET=$(KEYWORD="$KEYWORD" node -e "const s=require('semver'); const t=s.inc('$CURRENT', process.env.KEYWORD, 'beta'); if(!t){process.exit(1)} process.stdout.write(t)")
if [[ -z "$TARGET" ]]; then
echo "::error::Could not compute a target version for bump '$KEYWORD' from '$CURRENT'."
exit 1
fi
yarn lerna version "$TARGET" \
--exact --no-git-tag-version --no-push --force-publish --yes
VERSION=$(node -p "require('./lerna.json').version")
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
# A prerelease version (contains a hyphen) ships under the `beta`
# npm dist-tag; a clean semver ships under `latest`.
if [[ "$VERSION" == *-* ]]; then
DIST_TAG=beta
else
DIST_TAG=latest
fi
echo "dist_tag=$DIST_TAG" >> "$GITHUB_OUTPUT"
# Keep each package's publishConfig.tag (the npm dist-tag used by
# `lerna publish from-package`) in step with the version.
DIST_TAG="$DIST_TAG" node -e 'const fs=require("fs");const t=process.env.DIST_TAG;for(const d of fs.readdirSync("packages")){const f="packages/"+d+"/package.json";if(!fs.existsSync(f))continue;const p=JSON.parse(fs.readFileSync(f));if(p.publishConfig&&p.publishConfig.tag!==t){p.publishConfig.tag=t;fs.writeFileSync(f,JSON.stringify(p,null,2)+"\n")}}'
{
echo "### Version bump"
echo ""
echo "Bump: \`$BUMP\`"
echo ""
echo "\`$CURRENT\` → **\`$VERSION\`** (npm dist-tag: \`$DIST_TAG\`)"
} >> "$GITHUB_STEP_SUMMARY"
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
with:
token: ${{ secrets.GITHUB_TOKEN }}
# Fully attribute the commit to the GitHub Actions bot (not the human
# who clicked "Run workflow", which is create-pull-request's default
# author). A bot-authored, GITHUB_TOKEN-pushed commit lets GitHub's
# recursion guard suppress the on:pull_request CI runs entirely, so the
# release PR never sits in the "Approve and run workflows" gate — the
# synthetic check runs posted below satisfy branch protection on their own.
author: "github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>"
committer: "github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>"
base: master
branch: release/${{ steps.bump.outputs.version }}
# Only commit version files — never workflow files (GITHUB_TOKEN may
# not push to .github/workflows, and a release PR shouldn't anyway).
add-paths: |
lerna.json
packages/**/package.json
commit-message: "Release ${{ steps.bump.outputs.version }}"
title: "Release ${{ steps.bump.outputs.version }}"
labels: "🧹 maintenance"
body: |
Automated version bump to **`${{ steps.bump.outputs.version }}`**.
- Triggered by @${{ github.actor }} via `workflow_dispatch` (bump: `${{ inputs.bump }}`).
- On publishing a GitHub Release, this will go to npm under dist-tag **`${{ steps.bump.outputs.dist_tag }}`**.
**Next steps:** review & merge, then cut the GitHub Release.
# A GITHUB_TOKEN-created PR does not trigger the on:pull_request checks
# (GitHub's recursion guard), so the branch-protection required checks
# would hang as "Expected" forever and the release PR could never merge.
# A release PR only bumps version files, so post a passing check run for
# each required context. Created via GITHUB_TOKEN => the check runs are
# owned by the GitHub Actions app (id 15368), which matches the app-pinned
# required contexts on master. Keep this list in sync with branch
# protection -> required status checks (the token can't read protection).
- name: Satisfy required checks for the release PR (skips CI; version-only PR)
if: contains(fromJSON('["created", "updated"]'), steps.cpr.outputs.pull-request-operation)
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const head_sha = '${{ steps.cpr.outputs.pull-request-head-sha }}';
const contexts = [
"Lint", "Typecheck", "Build",
"Test @percy/cli", "Test @percy/cli-build", "Test @percy/cli-command",
"Test @percy/cli-config", "Test @percy/cli-exec", "Test @percy/cli-snapshot",
"Test @percy/cli-upload", "Test @percy/client", "Test @percy/config",
"Test @percy/core", "Test @percy/dom", "Test @percy/env",
"Test @percy/logger", "Test @percy/sdk-utils", "Test @percy/webdriver-utils",
"semgrep/ci", "Claude Code Review",
];
core.info(`Posting ${contexts.length} passing check runs to ${head_sha}`);
for (const name of contexts) {
await github.rest.checks.create({
owner: context.repo.owner, repo: context.repo.repo,
name, head_sha, status: 'completed', conclusion: 'success',
output: {
title: 'Skipped for release PR',
summary: 'Release PRs only bump version files; full CI gates master before publish.',
},
});
}