diff --git a/.github/workflows/canary.yaml b/.github/workflows/canary.yaml index f9c3372c0f..b34ae2164d 100644 --- a/.github/workflows/canary.yaml +++ b/.github/workflows/canary.yaml @@ -7,13 +7,93 @@ on: - completed env: NODE_VERSION_USED_FOR_DEVELOPMENT: 17 + CI_WORKFLOW_ID: ${{github.event.workflow_run.id}} jobs: publish-canary: runs-on: ubuntu-latest name: Publish Canary if: ${{ github.event.workflow_run.event == 'pull_request' }} steps: - - name: Dump GitHub context - run: echo "$GITHUB_CONTEXT" + - name: Setup Node.js + uses: actions/setup-node@v2 + with: + cache: npm + node-version: ${{ env.NODE_VERSION_USED_FOR_DEVELOPMENT }} + # 'registry-url' is required for 'npm publish' + registry-url: 'https://registry.npmjs.org' + + - name: Download event.json + run: gh run download "$CI_WORKFLOW_ID" -n event.json + + - name: Download NPM package artifact + run: gh run download "$CI_WORKFLOW_ID" -n npmDist -D npmDist + + - name: Modify NPM package to be canary release + uses: actions/github-script@v5 + with: + script: | + const fs = require('fs'); + const assert = require('assert'); + + const eventJSON = JSON.parse( + fs.readFileSync('./event.json', 'utf-8') + ); + + core.exportVariable('PR_URL', eventJSON.pull_request.url); + + const prSHA = event.sha; + const prNumber = event.pull_request.number; + const packageJSONPath = './npmDist/package.json'; + const packageJSON = JSON.parse( + fs.readFileSync(packageJSONPath, 'utf-8') + ); + + const tag = `canary-pr-${prNumber}`; + // Override entire 'publishConfig' since it can contain untrusted data. + packageJSON.publishConfig = { tag }; + core.exportVariable('NPM_TAG', `canary-pr-${prNumber}`); + + let { version } = packageJSON; + assert(!version.includes('+'), 'Can not append after metadata'); + version += packageJSON.version.includes('-') ? '.' : '-'; + version += `canary.pr.${prNumber}.${prSHA}`; + + packageJSON.version = version; + core.exportVariable('NPM_VERSION', version); + + assert(packageJSON.scripts == null, 'No scripts allowed for security reasons!'); + fs.writeFileSync( + packageJSONPath, + JSON.stringify(packageJSON, null, 2), + 'utf-8', + ); + + - name: Publish NPM package + run: npm publish ./npmDist env: - GITHUB_CONTEXT: ${{ toJson(github) }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + - name: Add deprecate message on NPM package + run: | + npm deprecate "graphql@$NPM_VERSION" \ + "You are using canary version build from $PR_URL, no gurantees provided so please use your own discretion." + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + - name: Add comment on PR + uses: actions/github-script@v5 + with: + github-token: ${{secrets.GITHUB_TOKEN}} + script: | + const npmTag = process.env.NPM_TAG; + const npmVersion = process.env.NPM_VERSION; + const npmURL = 'https://www.npmjs.com/package/graphql/v/' + npmVersion; + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: + `The latest changes of this PR are available as ['graphql@${npmVersion}'](${npmURL}) on NPM.\n` + + '**Note: no gurantees provided so please use your own discretion.**\n\n' + + `Also you can depend on latest version built from this PR: \`npm install --save graphql@${npmTag}\`.`, + }) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4225585784..ea94d75f57 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,6 +3,16 @@ on: [push, pull_request] env: NODE_VERSION_USED_FOR_DEVELOPMENT: 17 jobs: + save-github-event: + name: "Save `github.event` as an artifact to use in subsequent 'workflow_run' actions" + runs-on: ubuntu-latest + steps: + - name: Upload event.json + uses: actions/upload-artifact@v2 + with: + name: event.json + path: ${{ github.event_path }} + lint: name: Lint source files runs-on: ubuntu-latest