[js] Update to latest schema for 3P packages #379
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test, release, and sync | |
| on: | |
| pull_request: | |
| paths: | |
| - "**" | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - "**" | |
| jobs: | |
| update-lock-file: | |
| if: github.head_ref != 'changeset-release/main' | |
| name: "Update lock file for PRs before checks and build" | |
| runs-on: "ubuntu-22.04" | |
| outputs: | |
| VERIFIED_LOCK_COMMIT: ${{ steps.sync-lock-file.outputs.VERIFIED_LOCK_COMMIT }} | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v3" | |
| with: | |
| # use branch name instead of triggering ref so we can commit to the PR branch: | |
| ref: ${{ github.head_ref }} | |
| fetch-depth: 2 | |
| - name: "Setup Node" | |
| uses: "actions/setup-node@v3" | |
| with: | |
| node-version-file: ".nvmrc" | |
| - name: "Install dependencies with yarn cache" | |
| uses: ./.github/actions/yarn-nm-install | |
| with: | |
| cwd: "." | |
| install-mode: "update-lock-only" | |
| # Since we are in update-lock-only mode the resulting yarn cache is much smaller and less useful | |
| # for the rest of the steps. But since this is the first step and the cache is restored for each | |
| # step in the workflow, they all get the same useless cache unless we set a different prefix here: | |
| cache-prefix: "update-lock-file-for-prs" | |
| - name: "Commit and push changes if modified" | |
| id: sync-lock-file | |
| run: | | |
| if [[ $(git rev-parse --abbrev-ref HEAD) == "main" ]] && ! git diff-index --quiet HEAD; then | |
| echo "Lock file must not be modified by CI on main branch." | |
| exit 1; | |
| fi | |
| git config --global user.name 'Lightspark Eng' | |
| git config --global user.email '[email protected]' | |
| git add -A | |
| git diff-index --quiet HEAD || git commit -nm "CI update lock file for PR" | |
| git push | |
| echo "$(git rev-parse HEAD)" | |
| echo "VERIFIED_LOCK_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT | |
| checks: | |
| # Wait to see if the lock file should be updated before running checks: | |
| needs: "update-lock-file" | |
| runs-on: "ubuntu-22.04" | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v3" | |
| with: | |
| ref: ${{ needs.update-lock-file.outputs.VERIFIED_LOCK_COMMIT }} | |
| - name: "Setup Node" | |
| uses: "actions/setup-node@v3" | |
| with: | |
| node-version-file: ".nvmrc" | |
| cache: "yarn" | |
| cache-dependency-path: "yarn.lock" | |
| - name: Install dependencies with yarn cache | |
| uses: ./.github/actions/yarn-nm-install | |
| with: | |
| cwd: "." | |
| - name: Restore turbo cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: ./node_modules/.cache/turbo | |
| # see https://bit.ly/43Til68 - we only need a single cache for all turbo files | |
| # but the cache still needs a unique id in order for it to properly save each time. | |
| # restore-keys will always take the latest matching cache: | |
| key: turbo-checks-${{ runner.os }}-${{ github.run_id }} # Can use time based key as well | |
| restore-keys: | | |
| turbo-checks-${{ runner.os }} | |
| - name: Setup Lightspark env file | |
| run: | | |
| echo 'export LIGHTSPARK_WALLET_BASE_URL="api.dev.dev.sparkinfra.net"' > ~/.lightsparkenv | |
| echo 'export LIGHTSPARK_ACCOUNT_ID="${{ secrets.LIGHTSPARK_TEST_ACCOUNT_ID }}"' >> ~/.lightsparkenv | |
| echo 'export LIGHTSPARK_JWT_PRIV_KEY="${{ secrets.LIGHTSPARK_TEST_ACCOUNT_JWT_PRIV_KEY }}"' >> ~/.lightsparkenv | |
| echo 'export LIGHTSPARK_JWT_PUB_KEY="${{ secrets.LIGHTSPARK_TEST_ACCOUNT_JWT_PUB_KEY }}"' >> ~/.lightsparkenv | |
| - run: "yarn checks" | |
| - name: "Notify failure on Slack" | |
| if: "failure() && github.event_name == 'push'" | |
| run: | | |
| curl --data-binary @- --header "Content-Type: application/json" --silent "${{ secrets.SLACK_WEBHOOK_ENGINT }}" <<EOF | |
| { | |
| "text": ":x: ${{ github.workflow }} workflow by ${{ github.actor }} <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id}}|failed> in ${{ github.job }} on <${{ github.server_url }}/${{ github.repository }}/commit/$GITHUB_SHA|${{ github.ref_name }}>" | |
| } | |
| EOF | |
| # turbo doesn't seem to parallelize builds with checks although they don't depend on one another, | |
| # or else there's something in CI that prevents it from doing it well. Faster to keep them separate. | |
| build: | |
| # Wait to see if the lock file should be updated before running checks: | |
| needs: "update-lock-file" | |
| runs-on: "ubuntu-22.04" | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v3" | |
| with: | |
| ref: ${{ needs.update-lock-file.outputs.VERIFIED_LOCK_COMMIT }} | |
| - name: "Setup Node" | |
| uses: "actions/setup-node@v3" | |
| with: | |
| node-version-file: ".nvmrc" | |
| cache: "yarn" | |
| cache-dependency-path: "yarn.lock" | |
| - name: yarn install with cache | |
| uses: ./.github/actions/yarn-nm-install | |
| with: | |
| cwd: "." | |
| - name: Restore turbo cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: ./node_modules/.cache/turbo | |
| # see https://bit.ly/43Til68 - we only need a single cache for all turbo files | |
| # but the cache still needs a unique id in order for it to properly save each time. | |
| # restore-keys will always take the latest matching cache: | |
| key: turbo-build-${{ runner.os }}-${{ github.run_id }} # Can use time based key as well | |
| restore-keys: | | |
| turbo-build-${{ runner.os }} | |
| - run: "yarn build" | |
| - name: "Notify failure on Slack" | |
| if: "failure() && github.event_name == 'push'" | |
| run: | | |
| curl --data-binary @- --header "Content-Type: application/json" --silent "${{ secrets.SLACK_WEBHOOK_ENGINT }}" <<EOF | |
| { | |
| "text": ":x: ${{ github.workflow }} workflow by ${{ github.actor }} <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id}}|failed> in ${{ github.job }} on <${{ github.server_url }}/${{ github.repository }}/commit/$GITHUB_SHA|${{ github.ref_name }}>" | |
| } | |
| EOF | |
| release: | |
| name: Release | |
| needs: ["checks", "build"] | |
| if: "success() && github.event_name == 'push'" | |
| runs-on: ubuntu-latest | |
| environment: npm | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v3 | |
| - name: "Setup Node" | |
| uses: "actions/setup-node@v3" | |
| with: | |
| node-version-file: ".nvmrc" | |
| cache: "yarn" | |
| cache-dependency-path: "yarn.lock" | |
| - name: Install dependencies with yarn cache | |
| uses: ./.github/actions/yarn-nm-install | |
| with: | |
| cwd: "." | |
| - name: Create Release Pull Request or Publish to npm | |
| id: changesets | |
| uses: changesets/action@v1 | |
| with: | |
| # This expects you to have a script called release which does a build for your packages and calls changeset publish | |
| publish: yarn release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| # If the Version Packages PR has been created in the changesets step we should check if our workspace | |
| # package.json files have been updated from dependency bumps and update the lock file if so: | |
| - name: "Install dependencies with yarn cache" | |
| id: update-lock-file-for-version-packages-pr | |
| if: steps.changesets.outputs.published == 'false' && github.ref == 'refs/heads/main' | |
| uses: ./.github/actions/yarn-nm-install | |
| with: | |
| cwd: "." | |
| install-mode: "update-lock-only" | |
| # check if previous step updated the lock file and commit and push if so: | |
| - name: Update lock file for Version Packages PR | |
| if: steps.changesets.outputs.published == 'false' && github.ref == 'refs/heads/main' | |
| run: | | |
| if git ls-remote --exit-code --heads origin changeset-release/main; then | |
| git fetch origin changeset-release/main | |
| if git show-ref --quiet changeset-release/main; then | |
| git checkout changeset-release/main | |
| git push --set-upstream origin changeset-release/main | |
| git config --global user.name 'Lightspark Eng' | |
| git config --global user.email '[email protected]' | |
| git add -A | |
| git diff-index --quiet HEAD || git commit -nm "CI update lock file for PR" | |
| git push | |
| echo "$(git rev-parse HEAD)" | |
| else | |
| echo "changeset-release/main branch does not exist locally." | |
| fi | |
| else | |
| echo "changeset-release/main branch does not exist on remote." | |
| fi | |
| - name: Notify publish on Slack | |
| if: steps.changesets.outputs.published == 'true' | |
| # You can do something when a publish happens. | |
| run: | | |
| json_escape () { | |
| printf '%s' "$1" | python -c 'import json,sys; print(json.dumps(sys.stdin.read()))' | |
| } | |
| format_packages() { | |
| local json_input="$1" | |
| local formatted_output | |
| formatted_output=$(python -c "import json; data = $json_input; formatted_data = [f\"{item['name'].replace('@lightsparkdev/', '')}@{item['version']}\" for item in data]; print(', '.join(formatted_data))") | |
| echo "$formatted_output" | |
| } | |
| formatted_packages=$(format_packages '${{ steps.changesets.outputs.publishedPackages }}') | |
| text=$(json_escape ":white_check_mark: ${{ github.actor }} <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id}}|published> new js-sdk versions from <${{ github.server_url }}/${{ github.repository }}/releases/tag/${{ github.ref_name }}|${{ github.ref_name }}>: $formatted_packages") | |
| curl --data-binary @- --header "Content-Type: application/json" --silent "${{ secrets.SLACK_WEBHOOK_ENGINT }}" <<EOF | |
| { | |
| "text": $text | |
| } | |
| EOF | |
| - name: "Notify failure on Slack" | |
| if: "failure() && github.event_name == 'push'" | |
| run: | | |
| curl --data-binary @- --header "Content-Type: application/json" --silent "${{ secrets.SLACK_WEBHOOK_ENGINT }}" <<EOF | |
| { | |
| "text": ":x: js-sdk public repo: ${{ github.workflow }} workflow by ${{ github.actor }} <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id}}|failed> in ${{ github.job }} on <${{ github.server_url }}/${{ github.repository }}/commit/$GITHUB_SHA|${{ github.ref_name }}>" | |
| } | |
| EOF | |
| create-webdev-pr: | |
| name: Create Webdev PR | |
| if: "github.event_name == 'push'" | |
| runs-on: ubuntu-latest | |
| environment: npm | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Reset develop to main | |
| run: | | |
| git checkout develop | |
| git reset --hard origin/main | |
| git push origin develop --force | |
| git checkout main | |
| - name: Generate a token | |
| id: generate_token | |
| uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 | |
| with: | |
| app_id: ${{ secrets.APP_ID }} | |
| private_key: ${{ secrets.APP_PRIVATE_KEY }} | |
| - name: "Run Copybara" | |
| env: | |
| TOKEN: ${{ steps.generate_token.outputs.token }} | |
| run: | | |
| ls -la | |
| git config --global user.name 'Lightspark Eng' | |
| git config --global user.email '[email protected]' | |
| echo "https://x-access-token:${TOKEN}@github.com" > ~/.git-credentials | |
| on_exit() { | |
| # See this for possible error codes from Copybara https://github.com/google/copybara/issues/236 | |
| exit_code=$? | |
| case $exit_code in | |
| 0) | |
| echo "Copybara completed successfully" | |
| exit 0 | |
| ;; | |
| 4) | |
| echo "Copybara completed with no changes detected, exiting 0" | |
| exit 0 | |
| ;; | |
| *) | |
| echo "Copybara failed with exit code $exit_code" | |
| exit $exit_code | |
| ;; | |
| esac | |
| } | |
| curl https://lsdev-repo.s3-us-west-2.amazonaws.com/github-actions/copybara_deploy.jar --output ./copybara.jar | |
| trap on_exit EXIT | |
| java -jar copybara.jar ./copy.bara.sky js-sdk-push-to-webdev | |
| - name: "Notify failure on Slack" | |
| if: "failure() && github.event_name == 'push'" | |
| run: | | |
| curl --data-binary @- --header "Content-Type: application/json" --silent "${{ secrets.SLACK_WEBHOOK_ENGINT }}" <<EOF | |
| { | |
| "text": ":x: ${{ github.workflow }} workflow by ${{ github.actor }} <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id}}|failed> in ${{ github.job }} on <${{ github.server_url }}/${{ github.repository }}/commit/$GITHUB_SHA|${{ github.ref_name }}>" | |
| } | |
| EOF |