|
| 1 | +# GitHub Workflows |
| 2 | + |
| 3 | +## NPM Package Publishing |
| 4 | + |
| 5 | +The `publish-npm.yml` workflow automatically publishes npm packages to the public npm registry when their `package.json` files are updated. |
| 6 | + |
| 7 | +### Packages |
| 8 | + |
| 9 | +This workflow handles publishing for: |
| 10 | +- **@snap/valdi** (`npm_modules/cli/`) - CLI tools for Valdi development (available as `valdi` command) |
| 11 | +- **@snap/eslint-plugin-valdi** (`npm_modules/eslint-plugin-valdi/`) - ESLint rules for Valdi |
| 12 | + |
| 13 | +### Trigger Conditions |
| 14 | + |
| 15 | +The workflow runs when: |
| 16 | +1. Changes are pushed to `main` or `master` branch |
| 17 | +2. The changes include modifications to `npm_modules/*/package.json` |
| 18 | +3. Manual trigger via workflow_dispatch |
| 19 | + |
| 20 | +### How It Works |
| 21 | + |
| 22 | +1. **Detect Changes**: Determines which package.json files were modified |
| 23 | +2. **Build & Publish**: For each changed package: |
| 24 | + - Checks out the code |
| 25 | + - Sets up Node.js 20 |
| 26 | + - Installs dependencies with `npm ci` |
| 27 | + - Builds the package with `npm run build` |
| 28 | + - Publishes to npm registry with `npm publish --access public` |
| 29 | + |
| 30 | +### Setup Requirements |
| 31 | + |
| 32 | +#### NPM Token |
| 33 | + |
| 34 | +You must configure an `NPM_TOKEN` secret in your GitHub repository: |
| 35 | + |
| 36 | +1. **Create an NPM Access Token**: |
| 37 | + - Log in to [npmjs.com](https://www.npmjs.com/) |
| 38 | + - Go to Account Settings → Access Tokens |
| 39 | + - Click "Generate New Token" → "Classic Token" |
| 40 | + - Select "Automation" type |
| 41 | + - Copy the generated token |
| 42 | + |
| 43 | +2. **Add Secret to GitHub**: |
| 44 | + - Go to your GitHub repository |
| 45 | + - Navigate to Settings → Secrets and variables → Actions |
| 46 | + - Click "New repository secret" |
| 47 | + - Name: `NPM_TOKEN` |
| 48 | + - Value: Paste your npm access token |
| 49 | + - Click "Add secret" |
| 50 | + |
| 51 | +#### Package Publishing Permissions |
| 52 | + |
| 53 | +Ensure the npm account associated with the token has: |
| 54 | +- Publishing rights for the `@snap` organization (for both `@snap/valdi` and `@snap/eslint-plugin-valdi`) |
| 55 | + |
| 56 | +### Usage |
| 57 | + |
| 58 | +To publish a new version of a package: |
| 59 | + |
| 60 | +1. Update the version in the package's `package.json`: |
| 61 | + ```bash |
| 62 | + cd npm_modules/cli # or eslint-plugin-valdi |
| 63 | + npm version patch # or minor, major |
| 64 | + ``` |
| 65 | + |
| 66 | +2. Commit and push the changes: |
| 67 | + ```bash |
| 68 | + git add package.json |
| 69 | + git commit -m "Bump @snap/valdi version to X.Y.Z" |
| 70 | + git push origin main |
| 71 | + ``` |
| 72 | + |
| 73 | +3. The workflow will automatically: |
| 74 | + - Detect the package.json change |
| 75 | + - Build the package |
| 76 | + - Publish it to npm |
| 77 | + |
| 78 | +### Manual Trigger |
| 79 | + |
| 80 | +You can also manually trigger the workflow: |
| 81 | +1. Go to Actions tab in GitHub |
| 82 | +2. Select "Publish NPM Packages" workflow |
| 83 | +3. Click "Run workflow" |
| 84 | +4. Select the branch and click "Run workflow" |
| 85 | + |
| 86 | +Note: Manual triggers will attempt to publish all packages, so ensure versions have been updated to avoid npm publish errors. |
| 87 | + |
| 88 | +### Troubleshooting |
| 89 | + |
| 90 | +- **401 Unauthorized**: Check that the `NPM_TOKEN` secret is correctly configured |
| 91 | +- **403 Forbidden**: Ensure the npm account has publishing permissions for the package |
| 92 | +- **Version already exists**: Update the version number in package.json before publishing |
| 93 | +- **Build failures**: Check that the package builds successfully locally before pushing |
| 94 | + |
0 commit comments