Skip to content

Publish Release

Publish Release #6

name: "Publish Release"
on:
workflow_dispatch:
inputs:
snap-package-dir:
description: "Snap package name, should already exist under ./packages (eg: hedera-wallet-snap/packages/snap)"
type: string
required: true
tag:
description: "Existing Tag to Publish (eg: v3.7.0)"
type: string
required: true
dry-run-enabled:
description: "Dry Run Enabled"
type: boolean
required: false
default: true
defaults:
run:
shell: bash
permissions:
contents: write
jobs:
validate-release:
name: Validate Release
runs-on: [self-hosted, Linux, medium, ephemeral]
outputs:
tag: ${{ steps.tag.outputs.name }}
version: ${{ steps.tag.outputs.version }}
prerelease: ${{ steps.tag.outputs.prerelease }}
steps:
- name: Checkout Code
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
ref: ${{ github.event.inputs.tag || '' }}
fetch-depth: 0
- name: Install Semantic Version Tools
run: |
echo "::group::Download SemVer Binary"
sudo curl -L -o /usr/local/bin/semver https://raw.githubusercontent.com/fsaintjacques/semver-tool/master/src/semver
echo "::endgroup::"
echo "::group::Change SemVer Binary Permissions"
sudo chmod -v +x /usr/local/bin/semver
echo "::endgroup::"
echo "::group::Show SemVer Binary Version Info"
semver --version
echo "::endgroup::"
- name: Setup JQ
uses: dcarbone/install-jq-action@8867ddb4788346d7c22b72ea2e2ffe4d514c7bcb # v2.1.0
with:
version: 1.7
- name: Extract NPM Package Information
id: npm-package
run: echo "version=$(jq -r '.version' package.json)" >>"${GITHUB_OUTPUT}"
- name: Extract Tag Information
id: tag
run: |
REF_NAME="$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))"
IS_VALID_SEMVER="$(semver validate "${REF_NAME}")"
if [[ "${IS_VALID_SEMVER}" != "valid" ]]; then
echo "::error title=Invalid Tag::The tag '${REF_NAME}' is not a valid SemVer tag."
exit 1
fi
RELEASE_VERSION="$(semver get release "${REF_NAME}")"
PREREL_VERSION="$(semver get prerel "${REF_NAME}")"
IS_PRERELEASE="false"
[[ -n "${PREREL_VERSION}" ]] && IS_PRERELEASE="true"
FINAL_VERSION="${RELEASE_VERSION}"
[[ -n "${PREREL_VERSION}" ]] && FINAL_VERSION="${RELEASE_VERSION}-${PREREL_VERSION}"
TAG_NAME="v${FINAL_VERSION}"
echo "name=${TAG_NAME}" >>"${GITHUB_OUTPUT}"
echo "version=${FINAL_VERSION}" >>"${GITHUB_OUTPUT}"
echo "prerelease=${IS_PRERELEASE}" >>"${GITHUB_OUTPUT}"
- name: Validate Tag and Package Versions
run: |
COMPARISON_RESULT="$(semver compare "${{ steps.npm-package.outputs.version }}" "${{ steps.tag.outputs.version }}")"
if [[ "${COMPARISON_RESULT}" -ne 0 ]]; then
echo "::error title=Version Mismatch::The version in package.json (${{ steps.npm-package.outputs.version }}) does not match the version in the tag (${{ steps.tag.outputs.version }})."
exit 1
fi
run-safety-checks:
name: Safety Checks
runs-on: [self-hosted, Linux, medium, ephemeral]
defaults:
run:
working-directory: "./packages/${{ github.event.inputs.snap-package-dir }}/packages/snap"
steps:
- name: Checkout Code
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
ref: ${{ github.event.inputs.tag || '' }}
- name: Setup Node
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: 18
- name: Setup yarn
run: npm install -g yarn
- name: Yarn install
run: yarn install
- name: Build Code
run: yarn run build
publish-release:
name: Publish Release
runs-on: [self-hosted, Linux, medium, ephemeral]
defaults:
run:
working-directory: "./packages/${{ github.event.inputs.snap-package-dir }}/packages/snap"
needs:
- validate-release
- run-safety-checks
if: ${{ github.actor == 'NanaEC' || github.actor == 'nathanklick' || github.actor == 'kpachhai' }}
steps:
- name: Checkout Code
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
ref: ${{ github.event.inputs.tag || '' }}
- name: Install PNPM
uses: pnpm/action-setup@a3252b78c470c02df07e9d59298aecedc3ccdd6d # v3.0.0
with:
version: 8.10.0
- name: Setup Node
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: 18
- name: Install Yarn
run: pnpm install -g yarn
- name: Yarn Build
run: |
yarn install
yarn run build
- name: Calculate Publish Arguments
id: publish
run: |
PUBLISH_ARGS="--access public --no-git-checks"
[[ "${{ github.event.inputs.dry-run-enabled }}" == "true" ]] && PUBLISH_ARGS="${PUBLISH_ARGS} --dry-run"
echo "args=${PUBLISH_ARGS}" >>"${GITHUB_OUTPUT}"
# Add the registry authentication stanza with variable substitution to the .npmrc configuration file.
echo "@hashgraph:registry=https://registry.npmjs.org/" >> ".npmrc"
echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' >> ".npmrc"
- name: Publish Release
if: ${{ github.event.inputs.dry-run-enabled != 'true' }}
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: pnpm publish ${{ steps.publish.outputs.args }}
- name: Generate Github Release
uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
if: ${{ github.event.inputs.dry-run-enabled != 'true' }}
with:
tag: ${{ needs.validate-release.outputs.tag }}
prerelease: ${{ needs.validate-release.outputs.prerelease == 'true' }}
draft: false
generateReleaseNotes: true
skipIfReleaseExists: true