ci: speed up js sdk release job

[turip]

Use NIX for javascript beta package builds. This decreases the build time to 1-1.5mins from 3 minutes.

Remove javascript client PR based generation as CI enforces regeneration as part of the PR reivew.

The -8 executor is used for faster restores, otherwise this is not resource intensive.

Summary by CodeRabbit

• New Features

  • Introduced a beta release channel for the JavaScript SDK. Install via your package manager using the “beta” tag (e.g., npm install @beta). Beta versions follow 1.0.0-beta-.

• Chores

  • Added a streamlined Beta release pipeline and publish target for the JavaScript SDK.
  • Removed deprecated SDK generation and release workflows.
  • Added release input validation and publishing safeguards.
  • Minor developer note added (no functional impact).

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds a Nix-based GitHub Actions workflow for JavaScript SDK beta releases, removes two legacy workflows (Dagger-based release and SDK generation), adds a Makefile target to publish the JS SDK with env checks, and inserts a non-functional TODO comment in .dagger/release.go.

Changes

Cohort / File(s)	Summary of Changes
JS SDK CI workflows .github/workflows/sdk-javascript-dev-release.yaml, .../sdk-javascript-release.yaml, .../sdk-javascript.yaml	Added a new Nix-based "JavaScript SDK Beta Release" workflow (sdk-javascript-dev-release.yaml) and removed the older Dagger-based release (sdk-javascript-release.yaml) and SDK generation (sdk-javascript.yaml) workflows.
JS client Makefile api/client/javascript/Makefile	Added .PHONY target publish-javascript-sdk with validations for JS_SDK_RELEASE_VERSION and JS_SDK_RELEASE_TAG, runs pnpm --frozen-lockfile install, bumps version (pnpm version ... --no-git-tag-version), publishes with a CACHE_BUSTER timestamp and tag, and prints success message.
Dagger release note .dagger/release.go	Inserted a developer TODO comment noting to keep in sync with api/client/javascript/Makefile; no functional or API changes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~15 minutes

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b16abc3 and ea7f31d.

📒 Files selected for processing (1)

• api/client/javascript/Makefile (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• api/client/javascript/Makefile

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: Artifacts / Container image
• GitHub Check: Artifacts / Benthos Collector Container image
• GitHub Check: Test
• GitHub Check: Lint
• GitHub Check: Migration Checks
• GitHub Check: Code Generators
• GitHub Check: Build
• GitHub Check: Analyze (go)

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch ci/release-jobs

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (2)

.github/workflows/sdk-javascript-dev-release.yaml (2)

26-27: Improve SHA extraction robustness.

The current approach using cut is fragile and doesn't handle potential variations in SHA format. Consider using a more robust method.

        run: |
-          id=$(echo ${{github.sha}} | cut -c 1-12)
+          id="${GITHUB_SHA:0:12}"
          echo "id=${id}" >> $GITHUB_OUTPUT

---

8-10: Consider limiting auto-releases from main branch.

The workflow triggers on every push to main, which means every merge will create a beta release. This could lead to excessive releases and npm registry pollution.

Consider adding a path filter or requiring manual dispatch for releases:

  push:
    branches:
      - main
+    paths:
+      - 'api/client/javascript/**'
+      - '.github/workflows/sdk-javascript-dev-release.yaml'

Or remove the push trigger entirely if manual releases are preferred:

on:
  workflow_dispatch:
-  push:
-    branches:
-      - main

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6f78002 and b16abc3.

📒 Files selected for processing (5)

• .dagger/release.go (1 hunks)
• .github/workflows/sdk-javascript-dev-release.yaml (1 hunks)
• .github/workflows/sdk-javascript-release.yaml (0 hunks)
• .github/workflows/sdk-javascript.yaml (0 hunks)
• api/client/javascript/Makefile (1 hunks)

💤 Files with no reviewable changes (2)

• .github/workflows/sdk-javascript.yaml
• .github/workflows/sdk-javascript-release.yaml

🔇 Additional comments (6)

api/client/javascript/Makefile (3)

11-11: Good synchronization reminder.

The warning comment correctly emphasizes the need to keep this Makefile target in sync with the Dagger implementation during the transition period.

---

15-25: Excellent environment variable validation.

The precondition checks for required environment variables provide clear error messages and usage examples, ensuring the target fails fast with helpful guidance.

---

28-30: LGTM on the publishing logic.

The implementation correctly:

• Uses --no-git-tag-version to avoid creating git tags during version bumping
• Uses --no-git-checks to bypass git status checks during publishing
• Provides clear success feedback with all relevant details

.dagger/release.go (1)

126-126: Good documentation of transition state.

The TODO comment clearly indicates the temporary nature of this synchronization requirement and provides guidance for future cleanup once the release process is fully migrated to Nix.

.github/workflows/sdk-javascript-dev-release.yaml (2)

45-50: Well-designed cache strategy.

The cache key hierarchy provides good fallback options:

• Primary: branch-specific with flake hash
• Fallback 1: branch-specific without hash
• Fallback 2: main branch with hash
• Fallback 3: main branch without hash
• Fallback 4: any OS build

This should provide effective cache hits while maintaining cache freshness.

---

54-57: LGTM on the Nix-based build execution.

The implementation correctly:

• Uses nix develop --impure .#ci for the development environment
• Passes the required environment variables to the Makefile target
• Uses a semantic beta versioning scheme with the commit SHA