Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(release): Fix failing release #213

Merged
merged 1 commit into from
May 12, 2024
Merged

chore(release): Fix failing release #213

merged 1 commit into from
May 12, 2024

Conversation

rajdip-b
Copy link
Member

@rajdip-b rajdip-b commented May 12, 2024

User description

Description

The error was happening because npm can't understand pnpm workspace. Refactoring it to pnpx worked, but with some tradeoffs.

  • Installed the release deps in top level package.json as devDependencies
  • Changed npm to pnpm
  • Changed npx to pnpx

Fixes #171


PR Type

enhancement


Description

  • Added necessary semantic release dependencies directly into package.json to manage versions and ensure compatibility.
  • Simplified the installation process in the GitHub Actions workflow by using pnpm i which respects the lock file and installs all necessary dependencies.
  • Updated the release command to use pnpx instead of npx to better integrate with the pnpm environment, addressing the issue where npm could not understand pnpm workspace.

Changes walkthrough 📝

Relevant files
Enhancement
package.json
Update package.json to Include Semantic Release Dependencies

package.json

  • Added dependencies for semantic release process.
  • Included specific versions for changelog, commit analyzer, git,
    github, and release notes generator.
  • Added conventional changelog package.
  • +6/-0     
    release.yml
    Simplify Installation and Update Release Command in GitHub Actions

    .github/workflows/release.yml

  • Simplified installation command to use pnpm i.
  • Changed release command to use pnpx instead of npx.
  • +2/-2     

    💡 PR-Agent usage:
    Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

    Copy link
    Contributor

    PR Description updated to latest commit (ab4a50c)

    Copy link
    Contributor

    PR Review 🔍

    ⏱️ Estimated effort to review [1-5]

    2, because the changes are straightforward and limited to dependency management and build configuration. The modifications in package.json and .github/workflows/release.yml are clear and concise, focusing on integrating pnpm and pnpx for better package management in a monorepo setup.

    🧪 Relevant tests

    No

    ⚡ Possible issues

    Dependency Version Lock: The specific versions of the newly added dependencies might lead to potential conflicts with other packages or future updates.

    Build Process Change: Switching from npx to pnpx and simplifying the install command might affect the build process if not properly tested in the CI/CD pipeline.

    🔒 Security concerns

    No

    Copy link

    Quality Gate Passed Quality Gate passed

    Issues
    0 New issues
    0 Accepted issues

    Measures
    0 Security Hotspots
    No data about Coverage
    0.0% Duplication on New Code

    See analysis details on SonarCloud

    Copy link
    Contributor

    PR Code Suggestions ✨

    CategorySuggestion                                                                                                                                    Score
    Best practice
    Use --frozen-lockfile with pnpm install to ensure reproducible builds

    Replace pnpm i with pnpm install --frozen-lockfile to ensure reproducible builds by
    installing dependencies from the lock file without generating a new one or updating
    existing ones.

    .github/workflows/release.yml [22]

    -run: pnpm i
    +run: pnpm install --frozen-lockfile
     
    Suggestion importance[1-10]: 7

    Why: Using --frozen-lockfile is a good practice for ensuring reproducible builds, especially in CI environments. This suggestion correctly addresses a potential issue with the current pnpm i command.

    7
    Pin the versions of newly added dependencies to ensure stability

    Consider using a more specific version range or pinning the versions of the newly added
    dependencies to avoid unexpected breaking changes due to major version updates. Using
    caret (^) allows any minor version updates which might introduce breaking changes
    unknowingly.

    package.json [138-145]

    -"@semantic-release/changelog": "^6.0.3",
    -"@semantic-release/commit-analyzer": "^12.0.0",
    -"@semantic-release/git": "^10.0.1",
    -"@semantic-release/github": "^10.0.3",
    -"@semantic-release/release-notes-generator": "^13.0.0",
    -"conventional-changelog-conventionalcommits": "^8.0.0",
    +"@semantic-release/changelog": "6.0.3",
    +"@semantic-release/commit-analyzer": "12.0.0",
    +"@semantic-release/git": "10.0.1",
    +"@semantic-release/github": "10.0.3",
    +"@semantic-release/release-notes-generator": "13.0.0",
    +"conventional-changelog-conventionalcommits": "8.0.0",
     
    Suggestion importance[1-10]: 6

    Why: Pinning versions can indeed prevent unexpected breaking changes, but using caret versions is also a common practice in JavaScript for allowing non-breaking updates. The suggestion is valid but not critical.

    6
    Maintainability
    Use the full pnpm install command for clarity in CI/CD scripts

    Consider using the full command pnpm install instead of the shorthand pnpm i in CI/CD
    scripts for better readability and maintainability, especially for new developers or
    external contributors who might be reviewing or modifying these scripts.

    .github/workflows/release.yml [22]

    -run: pnpm i
    +run: pnpm install
     
    Suggestion importance[1-10]: 5

    Why: While using the full command enhances readability, pnpm i is a widely recognized shorthand. This is a minor improvement and not crucial for functionality or maintainability.

    5

    @rajdip-b rajdip-b enabled auto-merge (squash) May 12, 2024 16:29
    @rajdip-b rajdip-b disabled auto-merge May 12, 2024 16:29
    @rajdip-b rajdip-b merged commit 40f64f3 into develop May 12, 2024
    6 checks passed
    @rajdip-b rajdip-b deleted the fix/release branch May 12, 2024 16:29
    rajdip-b pushed a commit that referenced this pull request May 12, 2024
    ## [1.3.0](v1.2.0...v1.3.0) (2024-05-12)
    
    ### 🚀 Features
    
    * Add approval support ([#158](#158)) ([e09ae60](e09ae60))
    * **api:** Add configuration live update support ([#181](#181)) ([f7d6684](f7d6684))
    * **api:** Add feature to export data of a workspace ([#152](#152)) ([46833aa](46833aa))
    * **api:** Add Integration support ([#203](#203)) ([f1ae87e](f1ae87e))
    * **api:** Add note to [secure] and variable ([#151](#151)) ([2e62351](2e62351))
    * **api:** Add OAuth redirection and polished authentication ([#212](#212)) ([d2968bc](d2968bc))
    * **api:** Add support for storing and managing variables ([#149](#149)) ([963a8ae](963a8ae))
    * **api:** Added GitLab OAuth ([#188](#188)) ([4d3bbe4](4d3bbe4))
    * **api:** Added validation for reason field ([#190](#190)) ([90b8ff2](90b8ff2))
    * **api:** Create default workspace on user's creation ([#182](#182)) ([3dc0c4c](3dc0c4c))
    * **api:** Reading `port` Dynamically ([#170](#170)) ([fd46e3e](fd46e3e))
    * **auth:** Add Google OAuth ([#156](#156)) ([cf387ea](cf387ea))
    * **web:** Added waitlist ([#168](#168)) ([1084c77](1084c77))
    * **web:** Landing revamp ([#165](#165)) ([0bc723b](0bc723b))
    
    ### 🐛 Bug Fixes
    
    * **web:** alignment issue in “Collaboration made easy” section ([#178](#178)) ([df5ca75](df5ca75))
    * **workspace:** delete duplicate tailwind config ([99d922a](99d922a))
    
    ### 📚 Documentation
    
    * add contributor list ([f37569a](f37569a))
    * Add integration docs ([#204](#204)) ([406ddb7](406ddb7))
    * Added integration docs to gitbook summary ([ab37530](ab37530))
    * **api:** Add swagger docs of API key controller ([#167](#167)) ([2910476](2910476))
    * **api:** Add swagger docs of User Controller ([#166](#166)) ([fd59522](fd59522))
    * fix typo in environment-variables.md ([#163](#163)) ([48294c9](48294c9))
    * Remove supabase from docs ([#169](#169)) ([eddbce8](eddbce8))
    * **setup:** replace NX with Turbo in setup instructions ([#175](#175)) ([af8a460](af8a460))
    * Update README.md ([b59f16b](b59f16b))
    * Update running-the-api.md ([177dbbf](177dbbf))
    * Update running-the-api.md ([#193](#193)) ([3d5bcac](3d5bcac))
    
    ### 🔧 Miscellaneous Chores
    
    * Added lockfile ([60a3b9b](60a3b9b))
    * Added lockfile ([6bb512c](6bb512c))
    * **api:** Added type inference and runtime validation to `process.env` ([#200](#200)) ([249e07d](249e07d))
    * **api:** Fixed prisma script env errors ([#209](#209)) ([8762354](8762354))
    * **API:** Refactor authority check functions in API ([#189](#189)) ([e9d710d](e9d710d))
    * **api:** Refactor user e2e tests ([b38d45a](b38d45a))
    * **ci:** Disabled api stage release ([97877c4](97877c4))
    * **ci:** Update stage deployment config ([868a6a1](868a6a1))
    * **codecov:** update api-e2e project coverage ([1e90d7e](1e90d7e))
    * **dockerfile:** Fixed web dockerfile ([6134bb2](6134bb2))
    * **docker:** Optimized web Dockerfile to reduct image size ([#173](#173)) ([444286a](444286a))
    * **release:** Downgraded package version ([c173fee](c173fee))
    * **release:** Fix failing release ([#213](#213)) ([40f64f3](40f64f3))
    * **release:** Install pnpm ([1081bea](1081bea))
    * **release:** Updated release commit ([b8958e7](b8958e7))
    * **release:** Updated release commit ([e270eb8](e270eb8))
    * Update deprecated husky Install command ([#202](#202)) ([e61102c](e61102c))
    * Upgrade @million/lint from 0.0.66 to 0.0.73 ([#172](#172)) ([dd43ed9](dd43ed9))
    * **web:** Updated fly memory config ([4debc66](4debc66))
    
    ### 🔨 Code Refactoring
    
    * **api:** Made events central to workspace ([#159](#159)) ([9bc00ae](9bc00ae))
    * **api:** Migrated to cookie based authentication ([#206](#206)) ([ad6911f](ad6911f))
    * **monorepo:** Migrate from nx to turbo ([#153](#153)) ([88b4b00](88b4b00))
    @rajdip-b
    Copy link
    Member Author

    🎉 This PR is included in version 1.3.0 🎉

    The release is available on GitHub release

    Your semantic-release bot 📦🚀

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Labels
    None yet
    Projects
    None yet
    Development

    Successfully merging this pull request may close these issues.

    Fix release pipeline
    1 participant