forked from graphql/graphql-js
105 lines (91 loc) · 3.74 KB
/
canary.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
name: Canary Release
on:
workflow_run:
workflows:
- CI
types:
- completed
env:
NODE_VERSION_USED_FOR_DEVELOPMENT: 17
jobs:
publish-canary:
runs-on: ubuntu-latest
name: Publish Canary
if: github.event.workflow_run.event == 'pull_request'
steps:
- name: Checkout repo
uses: actions/checkout@v2
with:
persist-credentials: false
- name: Setup Node.js
uses: actions/setup-node@v2
with:
cache: npm
node-version: ${{ env.NODE_VERSION_USED_FOR_DEVELOPMENT }}
# 'registry-url' is required for 'npm publish'
registry-url: 'https://registry.npmjs.org'
- name: Download event.json
run: gh run download "$WORKFLOW_ID" -n event.json
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WORKFLOW_ID: ${{github.event.workflow_run.id}}
- name: Download NPM package artifact
run: gh run download "$WORKFLOW_ID" -n npmDist -D npmDist
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WORKFLOW_ID: ${{github.event.workflow_run.id}}
- name: Modify NPM package to be canary release
uses: actions/github-script@v5
with:
script: |
const fs = require('fs');
const assert = require('assert');
const packageJSONPath = './npmDist/package.json';
const packageJSON = JSON.parse(fs.readFileSync(packageJSONPath, 'utf-8'));
const { pull_request } = JSON.parse(fs.readFileSync('./event.json', 'utf-8'));
// Override entire 'publishConfig' since it can contain untrusted data.
packageJSON.publishConfig = { tag: `canary-pr-${pull_request.number}` };
assert(!packageJSON.version.includes('+'), 'Can not append after metadata');
packageJSON.version += packageJSON.version.includes('-') ? '.' : '-';
packageJSON.version += `canary.pr.${pull_request.number}.${pull_request.head.sha}`;
assert(
packageJSON.scripts == null,
'No scripts allowed for security reasons!',
);
fs.writeFileSync(
packageJSONPath,
JSON.stringify(packageJSON, null, 2),
'utf-8',
);
core.exportVariable('PR_URL', pull_request.url);
core.exportVariable('PR_NUMBER', pull_request.number);
core.exportVariable('NPM_TAG', packageJSON.publishConfig.tag);
core.exportVariable('NPM_VERSION', packageJSON.version);
- name: Publish NPM package
run: npm publish ./npmDist
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Add deprecate message on NPM package
run: |
npm deprecate "graphql@$NPM_VERSION" \
"You are using canary version build from $PR_URL, no gurantees provided so please use your own discretion."
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Add comment on PR
uses: actions/github-script@v5
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
github.rest.issues.createComment({
issue_number: process.env.PR_NUMBER,
owner: context.repo.owner,
repo: context.repo.repo,
body: process.env.COMMENT_BODY,
})
env:
COMMENT_BODY: |
The latest changes of this PR are available on NPM as
[graphql@${{env.NPM_VERSION}}](https://www.npmjs.com/package/graphql/v/${{env.NPM_VERSION}})
**Note: no gurantees provided so please use your own discretion.**
Also you can depend on latest version built from this PR:
`npm install --save graphql@${{env.NPM_TAG}}`