Skip to content

Fix/sign request (#2802) #1807

Fix/sign request (#2802)

Fix/sign request (#2802) #1807

Workflow file for this run

name: Release
# Taken from: https://github.com/changesets/action#with-publishing
on:
workflow_dispatch:
push:
branches:
- main
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
release:
name: Changelog PR or Release
if: ${{ github.repository_owner == 'kadena-community' }}
runs-on: ubuntu-latest
permissions:
id-token: write
contents: write
pull-requests: write
packages: write
env:
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
steps:
- uses: actions/checkout@v4
with:
show-progress: false
token: ${{ secrets.RELEASE_ACTION_GITHUB_TOKEN }}
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
graph:
- 'packages/apps/graph/**'
- name: Runner setup
uses: ./.github/actions/runner-setup
- name: Lint monorepo root
run: pnpm run lint
- name: Build, lint, test all packages
run: pnpm turbo lint build test
- name: Create Release PR or Publish
id: changesets
uses: changesets/action@v1
with:
# Note: pnpm install after versioning is necessary to refresh lockfile
version: pnpm run version
publish: pnpm run publish
commit: 'Update changelogs and bump versions'
title: '[ci] Release'
env:
# Needs "Contents" r+w and "Pull requests" r+w access to open/update PRs and push to main
GITHUB_TOKEN: ${{ secrets.RELEASE_ACTION_GITHUB_TOKEN }}
# Needs r+w access for packages of both orgs to publish to npm
NPM_TOKEN: ${{ secrets.RELEASE_ACTION_NPM_TOKEN }}
NPM_CONFIG_PROVENANCE: true
- name: Output (debug)
if: steps.changesets.outputs.published == 'true'
# Do something more interesting when a publish happens.
run: echo ${{ steps.changesets.outputs.publishedPackages }}
- name: Checkout code
uses: actions/checkout@v3
- name: Log in GHCR
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Get version_id from GHCR for `@kadena/graph` latest version on NPM
id: npm-ghcr-version-id
run: |
latest_tag=$(npm view @kadena/graph --json | jq -r '."dist-tags".latest')
version_id=$(gh api "orgs/kadena-community/packages/container/graphql/versions" | \
jq --arg tag "$latest_tag" -r '.[] | select(.metadata.container.tags | index($tag)) | .id')
echo "version_id=$version_id" >> $GITHUB_OUTPUT
- name: Build Docker Image for `:latest`
id: docker-build-graph-latest
# only run when npm-ghcr-version-id is empty
# when it's not empty, the image is already built
if: steps.npm-ghcr-version-id.outputs.version_id == ''
run: |
cd packages/apps/graph && \
docker compose build graphql --push --build-arg \
-t=ghcr.io/kadena/graphql:latest,ghcr.io/kadena/graphql:$(npm view @kadena/graph --json |jq '."dist-tags".latest')
- name: Build Docker Image `:preview`
id: docker-build-graph-preview
# no need to publish when `:latest` is publishing
if: steps.docker-build-graph-latest.conclusion != 'skipped' && steps.filter.outputs.graph == 'true'
# only run when `packages/apps/graph/**` has changes
run: |
cd packages/apps/graph && \
docker compose build graphql --push --build-arg \
-t=ghcr.io/kadena-community/graphql:preview,ghcr.io/kadena-community/graphql:sha-${GITHUB_SHA::7}