diff --git a/.github/workflows/e2e-naga.yml b/.github/workflows/e2e-naga.yml index 64efec72d..fda775c78 100644 --- a/.github/workflows/e2e-naga.yml +++ b/.github/workflows/e2e-naga.yml @@ -5,6 +5,10 @@ on: branches: [naga, canary-naga] pull_request: +permissions: + contents: write + pull-requests: write + jobs: build: name: Build once @@ -100,3 +104,64 @@ jobs: - name: Run health check (${{ matrix.network }}) run: NETWORK=${{ matrix.network }} pnpm run test:e2e:ci -- packages/e2e/src/e2e.spec.ts --testNamePattern "^all " timeout-minutes: 10 + + release: + name: Release + needs: e2e + runs-on: ubuntu-latest + if: github.event_name == 'push' && needs.e2e.result == 'success' + steps: + - name: Check NPM Token + run: | + if [ -z "${{ secrets.NODE_AUTH_TOKEN }}" ]; then + echo "❌ NODE_AUTH_TOKEN secret is not set. Please add it to repository secrets." + exit 1 + else + echo "✅ NODE_AUTH_TOKEN secret is available." + fi + + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + ref: ${{ github.ref }} + + - uses: actions/setup-node@v4 + with: + node-version: 22.18.0 + registry-url: https://registry.npmjs.org + cache: pnpm + cache-dependency-path: pnpm-lock.yaml + + - name: Enable corepack + pin pnpm + run: | + corepack enable + corepack prepare pnpm@9.15.0 --activate + + - uses: actions-rs/toolchain@v1 + with: + toolchain: stable + override: true + components: rust-std + + - uses: jetli/wasm-pack-action@v0.4.0 + with: + version: latest + + - name: Install Dependencies + run: pnpm install --frozen-lockfile + + - name: Build packages + run: pnpm run build + + - name: Create Release Pull Request or Publish to npm + id: changesets + uses: changesets/action@v1 + with: + branch: ${{ github.ref_name }} + version: pnpm changeset version + publish: pnpm changeset publish --access public + commit: "chore(release): version packages" + title: "chore(release): version packages" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index b4bfae112..000000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,120 +0,0 @@ -name: Release -on: - workflow_run: - workflows: - - E2E - Naga (matrix) - branches: - - naga - - canary-naga - types: - - completed - -permissions: - # allow pushing commits, creating tags, and modifying repo files - # needed for the workflow to update package.json versions and CHANGELOG files - contents: write - pull-requests: write - -concurrency: - group: release-${{ github.event.workflow_run.head_branch || github.event.workflow_run.head_sha }} - cancel-in-progress: false - -jobs: - release: - runs-on: ubuntu-latest - if: >- - ${{ github.event.workflow_run.conclusion == 'success' && - github.event.workflow_run.event == 'push' && - (github.event.workflow_run.head_branch == 'naga' || - github.event.workflow_run.head_branch == 'canary-naga') }} - # Enable this when we want to implement docker image release - # outputs: - # published: ${{ steps.changesets.outputs.published }} - # auth_server_published: ${{ steps.auth_server_release.outputs.published }} - steps: - - name: Check NPM Token - run: | - if [ -z "${{ secrets.NODE_AUTH_TOKEN }}" ]; then - echo "❌ NODE_AUTH_TOKEN secret is not set. Please add it to repository secrets." - exit 1 - else - echo "✅ NODE_AUTH_TOKEN secret is available." - fi - - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - ref: ${{ github.event.workflow_run.head_branch }} - - - name: Setup PNPM - uses: pnpm/action-setup@v4 - with: - version: 9.15.0 - - - name: Install rust - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - override: true - components: rust-std - - - name: Install wasm-pack - uses: jetli/wasm-pack-action@v0.4.0 - with: - version: 'latest' - - - name: Setup Node - uses: actions/setup-node@v4 - with: - node-version: '22.18.0' - registry-url: 'https://registry.npmjs.org' - cache: 'pnpm' - cache-dependency-path: pnpm-lock.yaml - - - name: Install project dependencies - run: pnpm install --frozen-lockfile - - - name: Check current pre-release mode - run: | - if [ -f ".changeset/pre.json" ]; then - echo "📋 Current pre-release mode status:" - cat .changeset/pre.json | jq '{ mode: .mode, tag: .tag }' - else - echo "📋 Not in pre-release mode" - fi - - - name: Build packages - run: pnpm run build - - - name: Create Release Pull Request or Publish to npm - id: changesets - uses: changesets/action@v1 - with: - branch: ${{ github.event.workflow_run.head_branch || 'naga' }} - version: pnpm changeset version - publish: pnpm changeset publish --access public - commit: 'chore(release): version packages' - title: 'chore(release): version packages' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }} - - # - Was lit-auth-server part of the most recent release? - # - Capture published packages - # - Fallback to empty array if nothing was published - # - Search for the specific package - # - Using jq, it inspects the JSON array of published packages, checking if any have a .name equal to either lit-auth-server or @lit-protocol/lit-auth-server. - # - If the package is found, it writes published=true into the GitHub Actions step output. - # - name: Check for lit-auth-server release - # id: auth_server_release - # run: | - # packages='${{ steps.changesets.outputs.publishedPackages }}' - # if [ -z "$packages" ]; then - # packages='[]' - # fi - # if echo "$packages" | jq -e '.[] | select(.name == "lit-auth-server" or .name == "@lit-protocol/lit-auth-server")' > /dev/null; then - # echo "published=true" >> "$GITHUB_OUTPUT" - # else - # echo "published=false" >> "$GITHUB_OUTPUT" - # fi