tldraw/.github/workflows/publish-patch.yml
David Sheldrick 9058a483be
[infra] Patch release scripting (#3072)
This PR adds tooling to enable a PR-based workflow for publishing
'patch' releases.

### How releases currently work

Quick recap of how the 'major' and 'minor' releases work:

- You trigger them manually in the github actions UI
- It only works on the `main` branch.
- You select a mode: `'major'`, `'minor'`, or `'override'` with a
specific version. The override option is mainly for transitioning in and
out of prerelease mode, but potentially also skipping unlucky numbers
like 13 if you're feeling superstitious 🧙🏼
- It bumps the version numbers in the `package.json` and `version.ts`
files.
- It compiles a changelog based on descriptions/titles from all the PRs
that have gone in to `main`.
- It tags the commit with the version number e.g. `v2.0.0` and pushes
all the changes made to `main` (i.e. changelogs, version bumps and the
tag)
- It creates a github release, e.g.
https://github.com/tldraw/tldraw/releases/tag/v2.0.0
- It deploys the packages to npm
- It tells huppy bot about the release (for now-defunct purposes, we can
remove that code later)
- It triggers the template repo update workflow

### Introducing: Release Branches

This PR adds one step into the above process: creating a 'release'
branch. e.g. if it publishes a new version tagged `v2.1.0` it will also
create a branch named `v2.1.x`.

These branches are protected in the following ways:
- Only huppy bot can create or delete them (ad-hoc admin overrides are,
of course, still doable should the need arise)
- Like `main` they can only be updated via pull request.

The process to create a patch release becomes simple:

1. Checkout the `v<major>.<minor>.x` branch you want to create a patch
release for. e.g.

       git fetch && git checkout v2.1.x

4. Branch off, e.g.

       git checkout -b david/my-patch-release

6. Cherry-pick any commits you need from `main` into your branch,
resolving any conflicts if they arise. **important**: don't do new work
here because it won't be merged back into `main` automatically. Fix the
thing in `main` first and then cherry-pick, unless you're in a big rush
or whatever. e.g.

       git cherry-pick abdeaf234 cde234d09 ab23af287
       
7. Push your new branch to github as normal and make a PR targeting the
`v<major>.<minor>.x` branch.

8. Merge it.

Congratulations, you just triggered a patch release build.

### What happens (differently) during a patch release build.

 A key thing to understand here is that **this script allows us to
deploy patch versions of _older_ major/minor releases**. This will
happen when we have customers pinned to older versions and they need a
quick bugfix but don't have time to upgrade to the latest due to some
breaking change. This will also happen if we ever adopt a kind of 'LTS'
release model.

With that said, here's how things go down differently:

- Firstly, the build happens automatically after the PR is merged, and
you don't select 'major' or 'minor' or anything, it just does its thing.
- It bumps the version numbers in the `package.json` files and the
`version.ts` files but these changes stay within the release branch,
they don't get propagated to `main` (nor should they).
- It compiles a changelog entry featuring just your one PR's
description/title, and also pushes this to the release branch (but not
`main`).
- It still tags the commit and creates a github release as normal.
- It still deploys the packages to npm (obvs). HOWEVER it only uses the
`latest` tag if this will indeed be the latest version of the public
packages. Otherwise, if we're patching an older release, it uses the
`revision` tag. Unfortunately it doesn't seem to be an option to deploy
with _no_ tag, but using `revision` still allows version strings like
`~2.0.0` to capture subsequent patch releases like `2.0.3`.
- Similarly it _only_ notifies huppy bot and _only_ triggers the
template repo update if the version being deployed is actually the
latest version.

I'm going to merge this now to test it out but I'd still appreciate
reviews.
2024-03-05 16:05:22 +00:00

61 lines
2.1 KiB
YAML

name: Publish patch release
# This bumps the patch version, updates the changelogs in the release branch only, publishes a GitHub release, and publishes the packages to npm.
# Prevent more than one non-canary npm publishing job from running at the same time
concurrency:
group: npm-publish
# Package publishing is manually triggered on github actions dashboard
on:
push:
branches:
- 'v[0-9]*.[0.9]*.x'
jobs:
deploy:
name: Publish patch release
environment: npm deploy
timeout-minutes: 15
runs-on: ubuntu-latest-16-cores-open
outputs:
is_latest_version: ${{ steps.publish_step.outputs.is_latest_version }}
steps:
- name: Generate GH token
id: generate_token
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
with:
app_id: ${{ secrets.HUPPY_APP_ID }}
private_key: ${{ secrets.HUPPY_APP_PRIVATE_KEY }}
- name: Check out code
uses: actions/checkout@v3
with:
token: ${{ steps.generate_token.outputs.token }}
- name: Prepare repository
# Fetch full git history and tags for auto
run: git fetch --unshallow --tags
- name: Run our setup
uses: ./.github/actions/setup
- name: Publish
id: publish_step
run: |
git config --global user.name 'huppy-bot[bot]'
git config --global user.email '128400622+huppy-bot[bot]@users.noreply.github.com'
yarn tsx ./scripts/publish-patch.ts
env:
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
HUPPY_TOKEN: ${{ secrets.HUPPY_TOKEN }}
publish_templates:
name: Publishes code templates to separate repositories
uses: tldraw/tldraw/.github/workflows/publish-templates.yml@main
if: ${{ needs.deploy.outputs.is_latest_version == 'true' }}
secrets:
VITE_TEMPLATE_REPO_SSH_DEPLOY_KEY: ${{ secrets.VITE_TEMPLATE_REPO_SSH_DEPLOY_KEY }}
NEXTJS_TEMPLATE_REPO_SSH_DEPLOY_KEY: ${{ secrets.NEXTJS_TEMPLATE_REPO_SSH_DEPLOY_KEY }}
needs: deploy