From 16b154098faa81176bf56929469bd67b4be22e69 Mon Sep 17 00:00:00 2001 From: Luke Hagar Date: Fri, 26 Sep 2025 14:46:52 +0000 Subject: [PATCH] Update CI/CD workflows to streamline processes, adjust permissions, and enhance build and release steps. Modify biome.json to turn off console warnings. --- .github/workflows/ci.yml | 175 +++++++--------------- .github/workflows/release.yml | 265 +++++++++++++++++----------------- biome.json | 2 +- 3 files changed, 181 insertions(+), 261 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ea18f04..475c1cb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,135 +1,58 @@ -name: CI/CD Pipeline +name: CI on: - push: - branches: [ main, develop ] pull_request: - branches: [ main, develop ] - release: - types: [ published ] + branches: [ main ] + push: + branches: [ main ] + +# Cancel superseded PR runs when the PR is updated +concurrency: + group: ci-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +permissions: + contents: read jobs: - test: - name: Test Suite + build-test: + name: Build & Test runs-on: ubuntu-latest - strategy: - matrix: - node-version: [18, 20, 21] - bun-version: [1.0.0, latest] - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - - - name: Setup Bun ${{ matrix.bun-version }} - uses: oven-sh/setup-bun@v1 - with: - bun-version: ${{ matrix.bun-version }} - - - name: Install dependencies - run: bun install --frozen-lockfile - - - name: Run linting - run: bun run lint - - - name: Run type checking - run: bun run type-check - - - name: Run tests - run: bun run test - - - name: Run test coverage - run: bun run test:coverage - - - name: Upload coverage to Codecov - uses: codecov/codecov-action@v3 - with: - file: ./coverage/lcov.info - flags: unittests - name: codecov-umbrella - fail_ci_if_error: false - build: - name: Build Package - runs-on: ubuntu-latest - needs: test - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '20' - - - name: Setup Bun - uses: oven-sh/setup-bun@v1 - with: - bun-version: latest - - - name: Install dependencies - run: bun install --frozen-lockfile - - - name: Build package - run: bun run build - - - name: Verify build output - run: | - ls -la dist/ - node -e "console.log('Build verification:', require('./dist/index.js'))" - - - name: Upload build artifacts - uses: actions/upload-artifact@v4 - with: - name: dist-files - path: dist/ - retention-days: 30 + - uses: actions/checkout@v4 - publish: - name: Publish to NPM - runs-on: ubuntu-latest - needs: [test, build] - if: github.event_name == 'release' && github.event.action == 'published' - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '20' - registry-url: 'https://registry.npmjs.org' - - - name: Setup Bun - uses: oven-sh/setup-bun@v1 - with: - bun-version: latest - - - name: Install dependencies - run: bun install --frozen-lockfile - - - name: Build package - run: bun run build - - - name: Publish to NPM - run: bun run publish:package - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: Create GitHub Release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ github.event.release.tag_name }} - release_name: ${{ github.event.release.name }} - body: ${{ github.event.release.body }} - draft: false - prerelease: false \ No newline at end of file + - name: Use Node 20 + uses: actions/setup-node@v4 + with: + node-version: 20 + cache: npm + + - name: Setup Bun + uses: oven-sh/setup-bun@v1 + with: + bun-version: latest + + - name: Install + run: bun install --frozen-lockfile + + - name: Lint + run: bun run lint + continue-on-error: false + + - name: Typecheck + run: bun run type-check + + - name: Test + run: bun run test + + - name: Build + run: bun run build + + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v3 + with: + file: ./coverage/lcov.info + flags: unittests + name: codecov-umbrella + fail_ci_if_error: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 885542c..2a0e8ce 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,143 +1,140 @@ name: Release on: - push: - branches: - - main + workflow_run: + workflows: ["CI"] # Must match the CI workflow name exactly + types: [completed] + +permissions: + contents: write # Needed to create tags/releases + packages: write # If you also publish GitHub Packages + id-token: write # Optional (for OIDC to cloud registries) jobs: - release: - name: Publish Release + publish-and-release: + # Only proceed if: + # 1) CI concluded successfully + # 2) The run was triggered by a push (not a PR) + # 3) The branch is main + # 4) The run belongs to this repository (not a fork) + if: > + github.event.workflow_run.conclusion == 'success' && + github.event.workflow_run.event == 'push' && + github.event.workflow_run.head_branch == 'main' && + github.event.workflow_run.head_repository.full_name == github.repository + runs-on: ubuntu-latest - + steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '22' - - - name: Setup Bun - uses: oven-sh/setup-bun@v1 - with: - bun-version: latest - - - name: Install dependencies - run: bun install --frozen-lockfile - - - name: Run tests - run: bun run test - - - name: Run linting - run: bun run lint - - - name: Build package - run: bun run build - - - name: Get current version - id: current-version - run: | - CURRENT_VERSION=$(node -p "require('./package.json').version") - echo "version=$CURRENT_VERSION" >> $GITHUB_OUTPUT - echo "tag=v$CURRENT_VERSION" >> $GITHUB_OUTPUT - - - name: Check if version exists on NPM - id: version-check - run: | - VERSION=${{ steps.current-version.outputs.version }} - if npm view prettier-plugin-openapi@$VERSION version >/dev/null 2>&1; then - echo "exists=true" >> $GITHUB_OUTPUT - echo "Version $VERSION already exists on NPM" - else - echo "exists=false" >> $GITHUB_OUTPUT - echo "Version $VERSION does not exist on NPM" - fi - - - name: Bump patch version if needed - id: bump-version - if: steps.version-check.outputs.exists == 'true' - run: | - npm version patch --no-git-tag-version - NEW_VERSION=$(node -p "require('./package.json').version") - echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT - echo "tag=v$NEW_VERSION" >> $GITHUB_OUTPUT - echo "bumped=true" >> $GITHUB_OUTPUT - - - name: Set final version - id: final-version - run: | - if [ "${{ steps.bump-version.outputs.bumped }}" = "true" ]; then - echo "version=${{ steps.bump-version.outputs.version }}" >> $GITHUB_OUTPUT - echo "tag=${{ steps.bump-version.outputs.tag }}" >> $GITHUB_OUTPUT - else - echo "version=${{ steps.current-version.outputs.version }}" >> $GITHUB_OUTPUT - echo "tag=${{ steps.current-version.outputs.tag }}" >> $GITHUB_OUTPUT - fi - - - name: Generate release message - id: release-message - run: | - if [ "${{ steps.bump-version.outputs.bumped }}" = "true" ]; then - COMMIT_MSG=$(git log -1 --pretty=format:"%s") - echo "message=Automated patch release: $COMMIT_MSG" >> $GITHUB_OUTPUT - else - COMMIT_MSG=$(git log -1 --pretty=format:"%s") - echo "message=Release: $COMMIT_MSG" >> $GITHUB_OUTPUT - fi - - - name: Commit version bump if needed - if: steps.bump-version.outputs.bumped == 'true' - run: | - git config --local user.email "action@github.com" - git config --local user.name "GitHub Action" - git add package.json - git commit -m "chore: bump version to ${{ steps.bump-version.outputs.version }}" - - - name: Create tag - run: | - git tag ${{ steps.final-version.outputs.tag }} - - - name: Push changes and tag - run: | - git push origin main - git push origin ${{ steps.final-version.outputs.tag }} - - - name: Publish to NPM - run: npm publish - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: Create Release - uses: elgohr/Github-Release-Action@v5 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ steps.final-version.outputs.tag }} - name: Release ${{ steps.final-version.outputs.tag }} - body: | - ## Release ${{ steps.final-version.outputs.version }} + # Check out the exact commit that passed CI + - name: Checkout the successful commit + uses: actions/checkout@v4 + with: + ref: ${{ github.event.workflow_run.head_sha }} + + - name: Use Node 20 + uses: actions/setup-node@v4 + with: + node-version: 20 + cache: npm + registry-url: https://registry.npmjs.org/ + + - name: Setup Bun + uses: oven-sh/setup-bun@v1 + with: + bun-version: latest + + - name: Install + run: bun install --frozen-lockfile + + # Optional: Re-run build to ensure publish artifacts exist + - name: Build + run: bun run build + + # Read current version from package.json + - name: Read current version + id: current-version + shell: bash + run: | + ver=$(node -p "require('./package.json').version") + echo "version=$ver" >> "$GITHUB_OUTPUT" + + # Check if version was already bumped in this commit + - name: Check if version was bumped + id: version-check + shell: bash + run: | + # Get the previous commit's version + PREV_VERSION=$(git show HEAD~1:package.json 2>/dev/null | node -p "require('./package.json').version" 2>/dev/null || echo "0.0.0") + CURRENT_VERSION="${{ steps.current-version.outputs.version }}" - ${{ steps.release-message.outputs.message }} + echo "Previous version: $PREV_VERSION" + echo "Current version: $CURRENT_VERSION" - ## Installation - - ```bash - npm install prettier-plugin-openapi@${{ steps.final-version.outputs.version }} - ``` - - ## Usage - - Add to your `.prettierrc`: - - ```json - { - "plugins": ["prettier-plugin-openapi"] - } - ``` - draft: false - prerelease: false \ No newline at end of file + if [ "$PREV_VERSION" != "$CURRENT_VERSION" ]; then + echo "Version was already bumped from $PREV_VERSION to $CURRENT_VERSION" + echo "bumped=false" >> "$GITHUB_OUTPUT" + echo "final_version=$CURRENT_VERSION" >> "$GITHUB_OUTPUT" + else + echo "No version bump detected, will auto-patch bump" + echo "bumped=true" >> "$GITHUB_OUTPUT" + fi + + # Auto-patch bump version if no version change was made + - name: Auto-patch bump version + if: steps.version-check.outputs.bumped == 'true' + id: bump-version + shell: bash + run: | + npm version patch --no-git-tag-version + NEW_VERSION=$(node -p "require('./package.json').version") + echo "version=$NEW_VERSION" >> "$GITHUB_OUTPUT" + echo "Auto-bumped version to $NEW_VERSION" + + # Set final version + - name: Set final version + id: final-version + shell: bash + run: | + if [ "${{ steps.version-check.outputs.bumped }}" = "true" ]; then + echo "version=${{ steps.bump-version.outputs.version }}" >> "$GITHUB_OUTPUT" + else + echo "version=${{ steps.current-version.outputs.version }}" >> "$GITHUB_OUTPUT" + fi + + # Commit version bump if auto-bumped + - name: Commit auto-bumped version + if: steps.version-check.outputs.bumped == 'true' + shell: bash + run: | + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git add package.json + git commit -m "chore: auto-bump version to ${{ steps.bump-version.outputs.version }}" + git push origin main + + # Create a git tag like v1.2.3 if it doesn't already exist + - name: Create tag if missing + shell: bash + run: | + TAG="v${{ steps.final-version.outputs.version }}" + if git rev-parse "$TAG" >/dev/null 2>&1; then + echo "Tag $TAG already exists." + else + git tag "$TAG" ${{ github.event.workflow_run.head_sha }} + git push origin "$TAG" + fi + + # Publish to npm (requires NPM_TOKEN in repo secrets) + - name: Publish to npm + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + run: npm publish --access public + + # Create a GitHub Release for the tag + - name: Create GitHub Release + uses: softprops/action-gh-release@v2 + with: + tag_name: v${{ steps.final-version.outputs.version }} + name: v${{ steps.final-version.outputs.version }} + generate_release_notes: true diff --git a/biome.json b/biome.json index 45c9867..b5a3134 100644 --- a/biome.json +++ b/biome.json @@ -29,7 +29,7 @@ "useConst": "error" }, "suspicious": { - "noConsole": "warn", + "noConsole": "off", "noVar": "error" } }