feat(publish-npm): enhance workflow (#62)

TartanLeGrand · web-flow · commit 27e1a51cf2c2 · 2025-06-16T10:10:44.000+02:00
diff --git a/.github/workflows/publish-npm.yml b/.github/workflows/publish-npm.yml
@@ -1,54 +1,87 @@
 name: Publish Package NPM
+
 on:
   workflow_call:
     inputs:
       scope:
         description: 'NPM package scope (e.g., @iexec)'
-        required: false
         default: '@iexec'
         type: string
       node-version:
         description: 'Node.js version to use'
-        required: false
         default: '20'
         type: string
       registry:
         description: 'NPM registry URL'
-        required: false
         default: 'https://registry.npmjs.org'
         type: string
       access:
-        description: 'Package access level (public/restricted)'
-        required: false
+        description: 'Package access (public/restricted)'
         default: 'public'
         type: string
       provenance:
         description: 'Enable npm provenance'
-        required: false
         default: true
         type: boolean
       install-command:
-        description: 'Command to install dependencies'
-        required: false
+        description: 'Install dependencies command'
         default: 'npm ci'
         type: string
+      build-command:
+        description: 'Build package command'
+        default: 'npm run build'
+        type: string
+      run-tests:
+        description: 'Execute unit tests step'
+        default: false
+        type: boolean
+      test-command:
+        description: 'Run unit tests command'
+        default: 'npm test --if-present'
+        type: string
+      lint-command:
+        description: 'Run linting command'
+        default: 'npm run lint --if-present'
+        type: string
+      type-check-command:
+        description: 'Run type-checking command'
+        default: 'npm run check-types --if-present'
+        type: string
+      format-check-command:
+        description: 'Run format-checking command'
+        default: 'npm run check-format --if-present'
+        type: string
       environment:
-        description: 'GitHub environment to use for deployment'
-        required: false
+        description: 'GitHub environment'
         default: 'production'
         type: string
       tag:
-        description: 'NPM publish tag (e.g., latest, nightly)'
-        required: false
+        description: 'npm publish tag (e.g., latest, nightly)'
         default: ''
         type: string
+      tag-prefix:
+        description: 'Prefix for Git tag'
+        default: 'v'
+        type: string
       working-directory:
-        description: "Change the workspace"
+        description: 'Directory containing package.json'
+        default: ''
+        type: string
+      artifact-name:
+        description: 'Name of an artifact to download before the build (leave empty to skip)'
+        default: ''
+        type: string
+      artifact-path:
+        description: 'Destination path for the downloaded artifact'
+        default: ''
+        type: string
+      version:
+        description: 'Version to publish (leave empty to use package.json version)'
         default: ''
         type: string
     secrets:
       npm-token:
-        description: 'NPM token for authentication'
+        description: 'NPM auth token'
         required: true
 
 jobs:
@@ -60,6 +93,13 @@ jobs:
       packages: write
       id-token: write
     steps:
+      - name: Download extra artifact
+        if: ${{ inputs.artifact-name != '' }}
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ inputs.artifact-name }}
+          path: ${{ inputs.artifact-path }}
+
       - uses: actions/checkout@v4
 
       - uses: actions/setup-node@v4
@@ -71,19 +111,46 @@ jobs:
       - name: Install dependencies
         working-directory: ${{ inputs.working-directory }}
         run: ${{ inputs.install-command }}
+        
+      - name: Override version
+        if: ${{ inputs.version != '' }}
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          npm pkg set version="${{ inputs.version }}"
+
+      - name: Run build
+        working-directory: ${{ inputs.working-directory }}
+        run: ${{ inputs.build-command }}
+
+      - name: Run type checks
+        working-directory: ${{ inputs.working-directory }}
+        run: ${{ inputs.type-check-command }}
+
+      - name: check format
+        working-directory: ${{ inputs.working-directory }}
+        run: ${{ inputs.format-check-command }}
+
+      - name: Run linting
+        working-directory: ${{ inputs.working-directory }}
+        run: ${{ inputs.lint-command }}
+
+      - name: Run unit tests
+        if: ${{ inputs.run-tests }}
+        working-directory: ${{ inputs.working-directory }}
+        run: ${{ inputs.test-command }}
 
       - name: Publish package
         working-directory: ${{ inputs.working-directory }}
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.npm-token }}
         run: |
-          TAG_OPTION=""
+          TAG_OPT=""
           if [ -n "${{ inputs.tag }}" ]; then
-            TAG_OPTION="--tag ${{ inputs.tag }}"
+            TAG_OPT="--tag ${{ inputs.tag }}"
           fi
 
           if [ "${{ inputs.provenance }}" = "true" ]; then
-            npm publish --access ${{ inputs.access }} $TAG_OPTION --provenance
+            npm publish --access ${{ inputs.access }} $TAG_OPT --provenance
           else
-            npm publish --access ${{ inputs.access }} $TAG_OPTION
+            npm publish --access ${{ inputs.access }} $TAG_OPT
           fi
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.npm-token }}
diff --git a/publish-npm/README.md b/publish-npm/README.md
@@ -2,30 +2,50 @@
 
 ## Overview 🌟
 
-This reusable GitHub Actions workflow automates the process of publishing an NPM package. It is configurable via inputs for the package scope, Node.js version, registry URL, and other options. The workflow performs the following actions:
+This reusable GitHub Actions workflow automates the process of publishing an NPM package. It is configurable via inputs
+for the package scope, Node.js version, registry URL, and other options. The workflow performs the following actions:
 
+- **Downloads Artifacts**: Downloads specified artifacts if needed. 📦
 - **Checks Out Your Repository**: Retrieves your code. 📥
 - **Sets Up Node.js**: Installs the specified Node.js version and configures the `.npmrc` file. ⚙️
-- **Installs Dependencies**: Uses `npm ci` to install the dependencies. 📦
-- **Publishes the Package**: Publishes the package with provenance (if enabled) and the specified access level using `npm publish`. 🎉
+- **Installs Dependencies**: Uses the specified install command (default: `npm ci`) to install the dependencies. 📦
+- **Builds the Package**: Builds the package using the specified build command (default: `npm run build`). 🔨
+- **Performs Type Checking**: Runs type checking if configured. 🔍
+- **Checks Code Formatting**: Verifies code formatting if configured. 🧹
+- **Runs Linting**: Performs code linting if configured. 🧹
+- **Runs Tests**: Executes unit tests if enabled. ✅
+- **Publishes the Package**: Publishes the package with provenance (if enabled) and the specified access level using
+  `npm publish`. 🎉
 
 ## Workflow Inputs 🛠️
 
-| **Input**         | **Description**                                                                               | **Required** | **Default**                          |
-|-------------------|-----------------------------------------------------------------------------------------------|--------------|--------------------------------------|
-| **scope**         | Defines the NPM package scope (e.g., `@iexec`).                             | No          | `@iexec`                                    |
-| **node-version**  | Specifies the Node.js version to use.                                                         | No           | `20`                                 |
-| **registry**      | URL of the NPM registry.                                                                       | No           | `https://registry.npmjs.org`         |
-| **access**        | Package access level (public or restricted).                                                 | No           | `public`                             |
-| **provenance**    | Enable or disable npm provenance during publishing.                                          | No           | `true`                               |
-| **install-command** | Command to install dependencies.                                                           | No           | `npm ci`                             |
-| **environment**   | GitHub environment to use for deployment.                                                     | No           | `production`                         |
+| **Input**                | **Description**                                               | **Required** | **Default**                         |
+|--------------------------|---------------------------------------------------------------|--------------|-------------------------------------|
+| **scope**                | NPM package scope (e.g., `@iexec`).                           | No           | `@iexec`                            |
+| **node-version**         | Node.js version to use.                                       | No           | `20`                                |
+| **registry**             | NPM registry URL.                                             | No           | `https://registry.npmjs.org`        |
+| **access**               | Package access (public or restricted).                        | No           | `public`                            |
+| **provenance**           | Enable npm provenance.                                        | No           | `true`                              |
+| **install-command**      | Install dependencies command.                                 | No           | `npm ci`                            |
+| **build-command**        | Build package command.                                        | No           | `npm run build`                     |
+| **run-tests**            | Execute unit tests step.                                      | No           | `false`                             |
+| **test-command**         | Run unit tests command.                                       | No           | `npm test --if-present`             |
+| **lint-command**         | Run linting command.                                          | No           | `npm run lint --if-present`         |
+| **type-check-command**   | Run type-checking command.                                    | No           | `npm run check-types --if-present`  |
+| **format-check-command** | Run format-checking command.                                  | No           | `npm run check-format --if-present` |
+| **environment**          | GitHub environment.                                           | No           | `production`                        |
+| **tag**                  | npm publish tag (e.g., latest, nightly).                      | No           | `''` (empty string)                 |
+| **tag-prefix**           | Prefix for Git tag.                                           | No           | `v`                                 |
+| **working-directory**    | Directory containing package.json.                            | No           | `''` (empty string)                 |
+| **artifact-name**        | Name of an artifact to download before the build.             | No           | `''` (empty string)                 |
+| **artifact-path**        | Destination path for the downloaded artifact.                 | No           | `''` (empty string)                 |
+| **version**              | Version to publish (leave empty to use package.json version). | No           | `''` (empty string)                 |
 
 ### Secrets 🔐
 
-| **Secret**    | **Description**                     | **Required** |
-|---------------|-------------------------------------|--------------|
-| **npm-token** | NPM token for authentication.       | Yes          |
+| **Secret**    | **Description** | **Required** |
+|---------------|-----------------|--------------|
+| **npm-token** | NPM auth token. | Yes          |
 
 ## Job and Steps ⚙️
 
@@ -34,9 +54,9 @@ This reusable GitHub Actions workflow automates the process of publishing an NPM
 - **Runs On**: `ubuntu-latest`.
 - **Environment**: Uses the environment specified in `inputs.environment`.
 - **Permissions**:
-  - `contents: read` – to access repository contents. 🔍
-  - `packages: write` – to allow package publication. ✨
-  - `id-token: write` – for authentication purposes. 🔑
+    - `contents: read` – to access repository contents. 🔍
+    - `packages: write` – to allow package publication. ✨
+    - `id-token: write` – for authentication purposes. 🔑
 
 ## How to Use This Reusable Workflow 🔄
 
@@ -57,9 +77,33 @@ This reusable GitHub Actions workflow automates the process of publishing an NPM
        uses: your-org/your-repo/.github/workflows/publish-npm.yml@main
        with:
          node-version: '22'
+         build-command: 'npm run build:prod'
+         run-tests: true
+         test-command: 'npm run test:ci'
+         lint-command: 'npm run lint'
+         type-check-command: 'npm run check-types'
+         format-check-command: 'npm run check-format'
+         tag-prefix: 'v'
+         # Optional: Download an artifact before building
+         # artifact-name: 'my-build-artifact'
+         # artifact-path: './dist'
        secrets:
          npm-token: ${{ secrets.NPM_TOKEN }}
    ```
 
 3. **Configure Secrets**  
-   Ensure that the `NPM_TOKEN` secret is added to your repository’s settings. This token is required to authenticate with the NPM registry during publishing. 🔑
+   Ensure that the `NPM_TOKEN` secret is added to your repository’s settings. This token is required to authenticate
+   with the NPM registry during publishing. 🔑
+
+## Workflow Steps in Detail 🔍
+
+1. **Download Artifacts**: If `artifact-name` is provided, downloads the specified artifact using `actions/download-artifact@v4` to the path specified by `artifact-path`.
+2. **Checkout Repository**: Uses `actions/checkout@v4` to fetch your code.
+3. **Setup Node.js**: Configures Node.js with `actions/setup-node@v4`, including registry URL and scope configuration.
+4. **Install Dependencies**: Runs the specified install command (default: `npm ci`).
+5. **Build Package**: Builds the package using the specified build command (default: `npm run build`).
+6. **Run Type Checks**: Performs type checking using the specified command (default: `npm run check-types --if-present`).
+7. **Check Code Format**: Verifies code formatting using the specified command (default: `npm run check-format --if-present`).
+8. **Run Linting**: Performs code linting using the specified command (default: `npm run lint --if-present`).
+9. **Run Unit Tests**: If `run-tests` is set to `true`, executes tests using the specified test command (default: `npm test --if-present`).
+10. **Publish Package**: Publishes the package to the NPM registry with the specified configuration, including optional tag and provenance settings.
