meta: add release automations (#3304)

* meta: add release automations

* Add missing versions

* remove old scripts that are no longer useful

* add special casing for robodog

* skip fetching if HEAD is already available locally

* Publish to npm from GitHub actions

* fixes

* Update afterVersionBump script

* Fix getUpToDateRefsFromGitHub script

* Make sub-package specific changelogs

* fix git and PR opening process in GH Actions

* fix Release action

* don't fetch GH user names in changelog

* add support for commits that touch several packages

* add website as a valid commit message prefix

* Assign the PR to the releaser and fix other GH related bugs

* Remove release branch from CI

* Restore git history at the end of local release session

* skip CI if assignee has not approved the PR

* fix release commit message

* beautify commit message

* Special case for @uppy/robodog

* Failure is not an option

* Rename release CI

* Always rewind before crashing

* Improve logging

* fix changelog table

* fix linter

* Update CONTRIBUTING.md

* Remove unused package

* Disable Release workflow between two releases

* Fix git command and workaround deleted branch

.eslintrc.js

@@ -176,6 +176,7 @@ module.exports = {
         '.eslintrc.js',
         'website/*.js',
         'website/**/*.js',
+        'private/**/*.js',
       ],
       rules: {
         'no-console': 'off',

.github/CONTRIBUTING.md

@@ -143,26 +143,17 @@ yarn install
 yarn start
 ```
 
-Releases are managed by [Lerna](https://github.com/lerna/lerna). We do some cleanup and compile work around releases too. Use the npm release script:
-
-```bash
-yarn run release
-```
-
-If you have two-factor authentication enabled on your account, Lerna will ask for a one-time password. You may stumble upon a known issue with the CLI where the OTP prompt may be obscured by a publishing progress bar. If Lerna appears to freeze as it starts publishing, chances are it’s waiting for the password. Try typing in your OTP and hitting enter.
-
-Other things to keep in mind during release:
-
-* When adding a new package, add the following key to its package.json:
-  ```json
-  "publishConfig": { "access": "public" }
-  ```
-  Else, the release script will try and fail to publish a _private_ package, because the `@uppy` scope on npm does not support that.
-
-After a release, the demos on transloadit.com should also be updated. After updating, check that some things work locally:
-
-* the demos in the demo section work (try one that uses an import robot, and one that you need to upload to)
-* the demos on the homepage work and can import from Google Drive, Instagram, Dropbox, etc.
+Releases are managed by GitHub Actions, here’s an overview of the process to release a new Uppy version:
+
+* Run `yarn release` on your local machine.
+* Follow the instructions and select what packages to release.
+* Before committing, check if the generated files look good.
+* Push to the Transloadit repository using the command given by the tool. Do not open a PR yourself, the GitHub Actions will create one and assign you to it.
+* Wait for all the GitHub Actions checks to pass. If one fails, try to figure out why. Do not go ahead without consulting the rest of the team.
+* Review the PR thoroughly, and if everything looks good to you, approve the PR. Do not merge it manually!
+* After the PR is automatically merged, the demos on transloadit.com should also be updated. Check that some things work locally:
+  * the demos in the demo section work (try one that uses an import robot, and one that you need to upload to)
+  * the demos on the homepage work and can import from Google Drive, Instagram, Dropbox, etc.
 
 If you don’t have access to the transloadit.com source code ping @arturi or @goto-bus-stop and we’ll pick it up. :sparkles:
 

.github/workflows/release-candidate.yml

@@ -0,0 +1,73 @@
+name: Release candidate
+on:
+  push:
+    branches: release
+
+jobs:
+  prepare-release:
+    name: Prepare release candidate Pull Request
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v2
+        with:
+          branch: release
+      - name: Rebase
+        run: |
+          git fetch origin HEAD --depth=1
+          git config --global user.email "actions@github.com"
+          git config --global user.name "GitHub Actions"
+          git rebase FETCH_HEAD
+      - name: Cache npm dependencies
+        id: cache-npm-libraries
+        uses: actions/cache@v2
+        with:
+          path: .yarn/cache/*
+          key: ${{ runner.os }}
+      - name: Install Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16.x
+      - name: Install dependencies
+        run: corepack yarn install
+      - name: Bump candidate packages version
+        run: corepack yarn version apply --all --json | jq -s > releases.json
+      - name: Prepare changelog
+        run: corepack yarn workspace @uppy-build/release update-changelogs releases.json | xargs git add
+      - name: Update contributors table
+        run: corepack yarn contributors:save && git add README.md
+      - name: Update CDN URLs
+        run: corepack yarn workspace @uppy-build/release update-version-URLs | xargs git add
+      - name: Stage changes and remove temp files
+        run: |
+          git rm -rf .yarn/versions
+          git rm CHANGELOG.next.md
+          jq -r 'map(.cwd) | join("\n")' < releases.json | awk '{ print "git add " $0 "/package.json" }' | sh
+      - name: Commit
+        run: |
+          echo "Release: uppy@$(jq -r 'map(select(.ident == "uppy"))[0].newVersion' < releases.json)" > commitMessage
+          echo >> commitMessage
+          echo "This is a release candidate for the following packages:" >> commitMessage
+          echo >> commitMessage
+          jq -r 'map("- `"+.ident+"`: "+.oldVersion+" -> "+.newVersion) | join("\n") ' < releases.json >> commitMessage
+          git commit -n --amend --file commitMessage
+      - name: Open Pull Request
+        id: pr_opening
+        run: |
+          git push origin HEAD:release-candidate
+          gh api repos/${{ github.repository }}/pulls \
+            -F base="$(gh api /repos/${{ github.repository }} | jq -r .default_branch)" \
+            -F head="release-candidate" \
+            -F title="$(head -1 commitMessage)" \
+            -F body="$(git --no-pager diff HEAD^ -- CHANGELOG.md | awk '{ if( substr($0,0,1) == "+" && $1 != "+##" && $1 != "+Released:" && $1 != "+++" ) { print substr($0,2) } }')" \
+            --jq '.number | tostring | "##[set-output name=pr_number;]"+.'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Assign to the releaser
+        run: echo '{"assignees":[${{ toJSON(github.actor) }}]}' | gh api repos/${{ github.repository }}/issues/${{ steps.pr_opening.outputs.pr_number }}/assignees --input -
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Enable Release workflow
+        run: gh workflow enable Release --repo ${{ github.repository }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release.yml

@@ -0,0 +1,91 @@
+name: Release
+on:
+  pull_request_review:
+    types: [submitted]
+
+jobs:
+  release:
+    name: Publish releases
+    if: ${{ github.event.review.state == 'approved' && github.event.sender.login == github.event.pull_request.assignee.login && github.event.pull_request.head.ref == 'release-candidate' }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 2
+      - name: Cache npm dependencies
+        id: cache-npm-libraries
+        uses: actions/cache@v2
+        with:
+          path: .yarn/cache/*
+          key: ${{ runner.os }}
+      - name: Install Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16.x
+      - name: Install dependencies
+        run: corepack yarn install
+      - name: Get CHANGELOG diff
+        run: git --no-pager diff HEAD^ -- CHANGELOG.md | awk '{ if( substr($0,0,1) == "+" && $1 != "+##" && $1 != "+Released:" && $1 != "+++" ) { print substr($0,2) } }' > CHANGELOG.diff.md
+      - name: Build before publishing
+        run: corepack yarn run build
+      - name: Publish to NPM
+        run: corepack yarn workspaces foreach --no-private npm publish --access public --tolerate-republish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+      - name: Merge PR
+        id: merge
+        run: |
+          gh api -X PUT repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/merge \
+            -F merge_method="squash" \
+            -F commit_message="$(cat CHANGELOG.diff.md)" \
+            --jq 'if .merged then "##[set-output name=sha;]"+.sha else error("not merged") end'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Create tags
+        run: |
+          git --no-pager diff --name-only HEAD^ | awk '$0 ~ /^packages\/.+\/package\.json$/ { print "jq -r '"'"'\"gh api /repos/{owner}/{repo}/git/refs -f ref=\\\"refs/tags/\"+.name+\"@\"+.version+\"\\\" -f sha=${{ steps.merge.outputs.sha }}\"'"'"' < " $0 }' > createTags.sh
+          cat createTags.sh
+          sh createTags.sh | sh
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Get Uppy version number
+        id: uppyVersion
+        run: jq -r '"##[set-output name=version;]"+.version' < packages/uppy/package.json
+      - name: Create GitHub release
+        run: gh release create uppy@${{ steps.uppyVersion.outputs.version }} -t "Uppy ${{ steps.uppyVersion.outputs.version }}" -F CHANGELOG.diff.md
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Upload `uppy` to CDN
+        run: corepack yarn run uploadcdn uppy
+        env:
+          EDGLY_KEY: ${{secrets.EDGLY_KEY}}
+          EDGLY_SECRET: ${{secrets.EDGLY_SECRET}}
+      - name: Upload `@uppy/robodog` to CDN if it was released
+        run: git diff --exit-code --quiet HEAD^ -- packages/@uppy/robodog/package.json || corepack yarn run uploadcdn @uppy/robodog
+        env:
+          EDGLY_KEY: ${{secrets.EDGLY_KEY}}
+          EDGLY_SECRET: ${{secrets.EDGLY_SECRET}}
+      - name: Upload `@uppy/locales` to CDN if it was released
+        if: false
+        run: git diff --exit-code --quiet HEAD^ -- packages/@uppy/locales/package.json ||corepack yarn run uploadcdn @uppy/locales
+        env:
+          EDGLY_KEY: ${{secrets.EDGLY_KEY}}
+          EDGLY_SECRET: ${{secrets.EDGLY_SECRET}}
+      - name: Remove release-candidate branch
+        run: gh api -X DELETE repos/${{ github.repository }}/git/refs/heads/release-candidate
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Remove release branch
+        run: gh api -X DELETE repos/${{ github.repository }}/git/refs/heads/release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Disable Release workflow
+        run: gh workflow disable Release --repo ${{ github.repository }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: In case of failure
+        if: ${{ failure() }}
+        run: gh pr comment ${{ github.event.pull_request.number }} --body "Release job failed, please take action."
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}