diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index f801918c..00000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: Build conda-store-ui -on: - pull_request: - branches: - - "*" - push: - branches: - - main - - workflow_call: - -jobs: - build: - name: "Build Package" - runs-on: ubuntu-latest - steps: - - name: "Checkout repository ๐Ÿ›Ž" - uses: actions/checkout@v4 - - - name: "Set up Node.js ๐Ÿงถ" - uses: actions/setup-node@v4 - with: - node-version: 18 - cache: "yarn" - - - name: "Install dependencies ๐Ÿ“ฆ" - run: yarn - - - name: "Lint code ๐Ÿ”" - run: yarn eslint:check - - - name: "Build application ๐Ÿ—" - run: yarn run build - - - name: "Build application artifacts ๐Ÿ—" - # ensure we use the prod target to minimise assets - run: yarn run webpack:prod bundle - - - name: "Upload artifacts ๐Ÿ“ค" - uses: actions/upload-artifact@v4 - with: - name: webpack-bundle - path: dist/ diff --git a/.github/workflows/javascript-tests.yml b/.github/workflows/javascript-tests.yml index 840a7504..99590b1f 100644 --- a/.github/workflows/javascript-tests.yml +++ b/.github/workflows/javascript-tests.yml @@ -12,7 +12,7 @@ on: pull_request: jobs: - build: + js-tests: runs-on: ubuntu-latest strategy: @@ -23,7 +23,7 @@ jobs: steps: - name: "Checkout repository ๐Ÿ›Ž" uses: actions/checkout@v4 - - name: Setup Node.js ${{ matrix.node-version }} + - name: "Setup Node.js ${{ matrix.node-version }}" uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3466dc9d..f6f984a8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,58 +1,141 @@ -name: Release conda-store-ui +name: "Build and maybe release conda-store-ui" on: - # we want to make a release whenever a new tag is created + release: + types: [published] push: - tags: - - "*" + branches: [main] + tags: ["*"] + pull_request: + branches: + - main + workflow_dispatch: -jobs: - call-build: - uses: conda-incubator/conda-store-ui/.github/workflows/build.yml@main +env: + FORCE_COLOR: "1" + PACKAGE_FILE: "conda-store-ui.tgz" - make-release: +jobs: + # always build and verify + build-application: + name: "Build conda-store-ui" runs-on: ubuntu-latest - # ensure that the artifacts are available from the build job - needs: call-build steps: - name: "Checkout repository ๐Ÿ›Ž" uses: actions/checkout@v4 - # Setup .npmrc file to publish to npm - name: "Set up Node.js ๐Ÿงถ" uses: actions/setup-node@v4 with: - node-version: 18 - registry-url: "https://registry.npmjs.org" - scope: "@conda-store-ui" + node-version: "20.x" + cache: "yarn" - name: "Install dependencies ๐Ÿ“ฆ" run: yarn - - name: "Lint code ๐Ÿ”Ž" + - name: "Lint code ๐Ÿ”" run: yarn eslint:check - - name: "Download webpack bundle ๐Ÿ“ฆ" + - name: "Build source code (library) ๐Ÿ—" + run: yarn run build + + - name: "Build source code (web app) ๐Ÿ—" + # ensure we use the prod target to minimise assets + run: yarn run webpack:prod bundle + + - name: "Generate package tarball ๐Ÿ“ฆ" + run: yarn pack --filename ${{ env.PACKAGE_FILE }} + + - name: "Upload package tarball ๐Ÿ“ค" + uses: actions/upload-artifact@v4 + with: + name: conda-store-ui-package + path: ${{ env.PACKAGE_FILE }} + + verify-build: + name: "Verify conda-store-ui build" + runs-on: ubuntu-latest + needs: build-application + + steps: + - name: "Checkout repository ๐Ÿ›Ž" + uses: actions/checkout@v4 + + - name: "Download build artefacts ๐Ÿ“ฆ" uses: actions/download-artifact@v4 with: - name: webpack-bundle - path: dist/ + name: conda-store-ui-package - - name: "Generate package tarball ๐Ÿ“ฆ" - run: yarn pack --filename conda-store-ui.tgz + # (setup-node workaround https://github.com/actions/setup-node/issues/763) otherwise the authentication fails for npmjs + - name: "Set npmjs scope" + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + run: | + npm config delete @conda-store-ui:registry --location project + npm config set @conda-store-ui:registry 'https://registry.npmjs.org' --location project + npm config set //registry.npmjs.org/:_authToken '${NODE_AUTH_TOKEN}' --location project - - name: "Set NPM scope" #(setup-node workaround https://github.com/actions/setup-node/issues/763) + - name: "Check publish (dry run) ๐Ÿ“ค" + run: | + echo "Publishing dry run..." + npm publish --verbose --access public ${{ env.PACKAGE_FILE }} --dry-run env: - NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + release-to-npmjs: + name: "Release conda-store-ui to npmjs ๐Ÿ“ฆ" + runs-on: ubuntu-latest + needs: + - build-application + - verify-build + if: github.repository_owner == 'conda-incubator' && github.event_name == 'release' && startsWith(github.ref, 'refs/tags/') + # needed for attestations + permissions: + id-token: write + attestations: write + contents: read + + steps: + - name: "Checkout repository ๐Ÿ›Ž" + uses: actions/checkout@v4 + + # Set registry in .npmrc and set up auth to read in from + # env.NODE_AUTH_TOKEN. + - name: "Set up Node.js ๐Ÿงถ" + uses: actions/setup-node@v4 + with: + node-version: "20.x" + registry-url: "https://registry.npmjs.org" + scope: "@conda-store-ui" + + - name: "Download build artefacts ๐Ÿ“ฆ" + uses: actions/download-artifact@v4 + with: + name: conda-store-ui-package + + # Create an attestation with GitHub to track build provenance + # More info: https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds + - name: "Attest Build Provenance โœจ" + uses: actions/attest-build-provenance@v1 + if: github.repository_owner == 'conda-incubator' && github.event_name == 'release' && startsWith(github.ref, 'refs/tags/') + with: + subject-path: ${{ env.PACKAGE_FILE }} + + # (setup-node workaround https://github.com/actions/setup-node/issues/763) otherwise the authentication fails for npmjs + - name: "Set npmjs scope" + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} run: | npm config delete @conda-store-ui:registry --location project npm config set @conda-store-ui:registry 'https://registry.npmjs.org' --location project - npm config set //registry.npmjs.org/:_authToken '${NPM_AUTH_TOKEN}' --location project + npm config set //registry.npmjs.org/:_authToken '${NODE_AUTH_TOKEN}' --location project + + - name: "Check npmjs/conda-store-ui scope" + run: npm show - name: "Publish to npm ๐Ÿ“ค" run: | - echo "Publishing with tag ${{ env.GITHUB_REF_NAME }}" - npm publish --verbose --access public conda-store-ui.tgz + npm publish --verbose --access public ${{ env.PACKAGE_FILE }} env: - NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.gitignore b/.gitignore index 1d8d860d..19a68077 100644 --- a/.gitignore +++ b/.gitignore @@ -164,3 +164,5 @@ static !.yarn/sdks !.yarn/versions .pnp.*# + +.bun.lockb diff --git a/RELEASE.md b/RELEASE.md index 15409104..2c830fdb 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -23,8 +23,8 @@ ``` > [!IMPORTANT] -> You need to be logged in to the npmjs registry to publish the package. -> And have access to the conda-store npm namespace. +> You need to be logged in to the `npmjs` registry to publish the package. +> And have access to the `conda-store` npm namespace. 1. Perform a local dry run publish: diff --git a/package.json b/package.json index bce2954e..aea98702 100644 --- a/package.json +++ b/package.json @@ -146,4 +146,4 @@ "node": ">=18.0.0" }, "packageManager": "yarn@4.4.0" -} \ No newline at end of file +}