Skip to content

Commit

Permalink
Merge pull request #218 from Expensify/andrew-new-bot
Browse files Browse the repository at this point in the history
  • Loading branch information
@justinpersaud
justinpersaud authored Oct 16, 2024
2 parents 2b39bbb + 8ae11d2 commit 132eefa
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 65 deletions.
Binary file removed .github/OSBotify-private-key.asc.gpg
View file
Binary file not shown.
92 changes: 27 additions & 65 deletions .github/workflows/publish.yml
View file
Original file line number Diff line number Diff line change
@@ -1,74 +1,36 @@
name: Publish package to npmjs

# This workflow runs when code is pushed to `main` (i.e: when a pull request is merged)
on:
push:
branches: [main]
push:
branches: [main]

# Ensure that only one instance of this workflow executes at a time.
# If multiple PRs are merged in quick succession, there will only ever be one publish workflow running and one pending.
concurrency: ${{ github.workflow }}

jobs:
version:
runs-on: ubuntu-latest

# OSBotify will update the version on `main`, so this check is important to prevent an infinite loop
if: ${{ github.actor != 'OSBotify' }}

steps:
- uses: actions/checkout@v4
with:
ref: main
# The OS_BOTIFY_COMMIT_TOKEN is a personal access token tied to osbotify, which allows him to push to protected branches
token: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }}

- name: Decrypt & Import OSBotify GPG key
run: |
cd .github
gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" --output OSBotify-private-key.asc OSBotify-private-key.asc.gpg
gpg --import OSBotify-private-key.asc
env:
LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}

- name: Set up git for OSBotify
run: |
git config --global user.signingkey AEE1036472A782AB
git config --global commit.gpgsign true
git config --global user.name OSBotify
git config --global user.email infra+osbotify@expensify.com
- uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
registry-url: 'https://registry.npmjs.org'

- name: Install npm packages
run: npm ci

- name: Update npm version
run: npm version patch

- name: Set new version in GitHub ENV
run: echo "NEW_VERSION=$(jq '.version' package.json)" >> $GITHUB_ENV

- name: Push branch and publish tags
run: git push origin main && git push --tags

- name: Publish to npm
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

- name: Get merged pull request
id: getMergedPullRequest
run: |
read -r number < <(gh pr list --search ${{ github.sha }} --state merged --json 'number' | jq -r '.[0] | [.number] | join(" ")')
echo "number=$number" >> "$GITHUB_OUTPUT"
env:
GITHUB_TOKEN: ${{ github.token }}

- name: Comment on merged pull request
run: gh pr comment ${{ steps.getMergedPullRequest.outputs.number }} --body "🚀Published to npm in v${{ env.NEW_VERSION }}"
env:
GITHUB_TOKEN: ${{ github.token }}
get_pull_request:
# os-botify[bot] will update the version on `main`, so this check is important to prevent an infinite loop
if: ${{ github.actor != 'os-botify[bot]' }}
runs-on: ubuntu-latest
outputs:
pull_request_number: ${{ steps.getMergedPullRequest.outputs.number }}
steps:
- uses: actions/checkout@v3
with:
ref: main

- name: Get merged pull request
id: getMergedPullRequest
uses: actions-ecosystem/action-get-merged-pull-request@59afe90821bb0b555082ce8ff1e36b03f91553d9
with:
github_token: ${{ github.token }}

publish:
needs: get_pull_request
uses: Expensify/GitHub-Actions/.github/workflows/npmPublish.yml@main
secrets: inherit
with:
repository: ${{ github.repository }}
# 'outputs' provides a string, and we need a number, so we use fromJSON to convert it
pull_request_number: ${{ fromJSON(needs.get_pull_request.outputs.pull_request_number) }}

0 comments on commit 132eefa

Please sign in to comment.