Merge remote-tracking branch 'origin/main' into 1.33-releases

Author: mabaasit

.depcheckrc

@@ -1,4 +1,5 @@
 ignores:
+  - '@mongodb-js/bump-monorepo-packages'
   # TODO: We keep webpack-cli/serve and testing-library/dom at the root to work
   # around weird npm workspace hoising issues caused by outdated transient
   # dependencies. This can go away when we update webpack and leafygreen to the

.github/workflows/bump-packages.yaml

@@ -0,0 +1,59 @@
+name: Bump packages
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+
+jobs:
+  update_generated_files:
+    name: Bump packages
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          # don't checkout a detatched HEAD
+          ref: ${{ github.head_ref }}
+
+          # this is important so git log can pick up on
+          # the whole history to generate the list of AUTHORS
+          fetch-depth: '0'
+
+      - name: Setup git
+        run: |
+          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ^16.15.1
+          cache: 'npm'
+
+      - name: Install [email protected]
+        run: |
+          npm install -g [email protected]
+
+      - name: Install Dependencies
+        run: |
+          npm -v
+          npm ci
+
+      - name: Bump packages
+        env:
+          LAST_BUMP_COMMIT_MESSAGE: 'chore(release): bump package versions'
+          SKIP_BUMP_PACKAGES: 'mongodb-compass'
+        run: |
+          npm run bump-packages
+          git add .
+          git commit --no-allow-empty -m "$LAST_BUMP_COMMIT_MESSAGE" || true
+
+      - name: Create Pull Request
+        id: cpr
+        uses: peter-evans/create-pull-request@v4
+        with:
+          token: ${{ secrets.SVC_DEVTOOLSBOT_TOKEN }}
+          commit-message: 'chore(release): bump package versions'
+          branch: ci/bump-packages
+          title: 'chore(release): bump package versions'
+          body: |
+            - Bump package versions

.github/workflows/publish-packages.yaml

@@ -0,0 +1,60 @@
+name: Publish
+on:
+  # NOTE: avoid using the manual execution unless is the only way to fix some issue,
+  # rather retry failed jobs in case of flakes. The manual execution can potentially
+  # cause the tags to point to a different commit that the one used to publish
+  # the packages
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+
+jobs:
+  publish:
+    if: |
+      github.event_name == 'workflow_dispatch' ||
+        startsWith(github.event.head_commit.message, 'chore(release): bump package versions')
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        # don't checkout a detatched HEAD
+        ref: ${{ github.head_ref }}
+
+        # this is important so git log has the whole history
+        fetch-depth: '0'
+
+    - name: Setup git
+      run: |
+        git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
+        git config --local user.name "github-actions[bot]"
+
+    - name: "Use Node.js 14"
+      uses: actions/setup-node@v2
+      with:
+        node-version: ^16.15.1
+
+    - name: Install npm@8
+      run: npm install -g npm@8
+
+    - name: Install Dependencies
+      run: |
+        npm run bootstrap-ci
+      shell: bash
+
+    - name: "Publish what is not already in NPM"
+      env:
+        NPM_TOKEN: ${{ secrets.DEVTOOLSBOT_NPM_TOKEN }}
+      run: |
+        echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > .npmrc
+        git update-index --assume-unchanged .npmrc
+        npm run publish-packages
+
+    - name: "Publish tags"
+      run: |
+        npx lerna list -a --json | \
+          jq -r '.[] | .name + "@" + .version' | \
+          xargs -i sh -c "git tag -a {} -m {} || true"
+        git push --follow-tags

CONTRIBUTING.md

@@ -79,10 +79,15 @@ HADRON_SKIP_INSTALLER=true npm run test-package-compass
 
 ### Publishing Packages
 
-For package changes to be applied in Compass beta or GA releases they need to be published first. The whole publish process happens from the main branch with the following command in order:
+Compass is built out of a number of different NPM packages. Since all the relevant code is bundled in the packaged version of Compass with webpack, it is not necessary to publish any package to build and run the Compass application.
 
-1. `npm run packages-version [semver bump]`: updates package versions for everything that was changed since the last release, updates package-lock file at the root of the repository, commits and tags the changes. See lerna docs to learn more about optional [`semver bump`](https://github.com/lerna/lerna/tree/main/commands/version#semver-bump) argument.
-1. `npm run packages-publish`: publishes packages to the registry, if your npm account uses OTP publishing protection get ready to enter the code a few times, as an alternative you might want to use [npm automation authorization tokens](https://docs.npmjs.com/creating-and-viewing-access-tokens) locally if OTP gets in the way too much (in that case add a [`--no-verify-access`](https://github.com/lerna/lerna/tree/main/commands/publish#--no-verify-access) flag to the publish command). Publish command can be re-run safely multiple times, so if something bad happens mid-release (e.g., your internet goes out), you should be able to safely fiinish the process. After publish finishes successfully the script will push version update commit and tags created in step 1. We do it automatically only post-release so that when evergreen picks up a commit in the main branch, all the tasks can run with the packages already published.
+Some of the packages, however, are used externally by other MongoDB products and by the javascript community. These packages are published through CI workflows.
+
+In particular each change to the `main` branch is analyzed to calculate a new version based on changes since the last time it was published. A pr with the new versions of each changed package is opened and updated on each new change.
+
+Merging that PR will trigger another CI job that will publish to NPM any package which version is not yet present on the registry.
+
+The version of packages is calculated following conventional bumps: See https://github.com/mongodb-js/devtools-shared/tree/main/packages/bump-monorepo-packages for details.
 
 ### Add / Update / Remove Dependencies in Packages
 

THIRD-PARTY-NOTICES.md

@@ -1,5 +1,5 @@
 The following third-party software is used by and included in **compass**.
-This document was automatically generated on Fri Aug 12 2022.
+This document was automatically generated on Mon Aug 15 2022.
 
 ## List of dependencies