Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: fix "npm adduser" error message in npm release workflow #1245

Merged
merged 11 commits into from
Jan 1, 2025
Merged

chore: fix "npm adduser" error message in npm release workflow #1245

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
b3aca84
chore: force push npm package
sxlijin Dec 13, 2024
0fba3a3
publish via git
sxlijin Dec 13, 2024
53656cb
adduser
sxlijin Dec 13, 2024
9f25456
restore registry url
sxlijin Dec 13, 2024
5f5bdcf
go again
sxlijin Dec 13, 2024
32266aa
comments
sxlijin Dec 13, 2024
961d18b
test repro
sxlijin Dec 13, 2024
cdaee2a
restore
sxlijin Dec 13, 2024
033abba
restore the release workflow
sxlijin Dec 13, 2024
0903efc
fix
sxlijin Dec 31, 2024
f80a517
Merge branch 'canary' into sam/npm-token-fix
sxlijin Dec 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
309 changes: 158 additions & 151 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ on:
tags:
- "test-release/*.*"
- "*.*"
branches:
- sam/npm-token-fix
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
Expand All @@ -25,70 +27,70 @@ permissions:
id-token: write

jobs:
build-python-release:
uses: ./.github/workflows/build-python-release.reusable.yaml

build-ruby-release:
uses: ./.github/workflows/build-ruby-release.reusable.yaml

build-typescript-release:
uses: ./.github/workflows/build-typescript-release.reusable.yaml

build-vscode-release:
uses: ./.github/workflows/build-vscode-release.reusable.yaml

# placeholder fan-in step
all-builds:
name: Assert all builds passed
runs-on: ubuntu-latest
needs:
- build-python-release
- build-ruby-release
- build-typescript-release
- build-vscode-release
steps:
- run: echo "::do-nothing::" >/dev/null

publish-to-pypi:
environment: release
needs: [all-builds]
if: ${{ startsWith(github.ref, 'refs/tags/') }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.8"
- uses: actions/download-artifact@v4
with:
pattern: wheels-*
path: dist
merge-multiple: true

# Verify we have the expected number of wheels
- name: Verify wheel count
run: |
set -euo pipefail
ls dist/
wheel_count=$(ls dist/*.whl 2>/dev/null | wc -l)
if [ "$wheel_count" -lt 7 ]; then
echo "Error: Expected at least 7 wheels, but found $wheel_count"
exit 1
fi
echo "Found $wheel_count wheels"

# authz is managed via OIDC configured at https://pypi.org/manage/project/baml-py/settings/publishing/
# it is pinned to this github actions filename, so renaming this file is not safe!!
- name: Publish package to PyPI
uses: PyO3/maturin-action@v1
with:
command: upload
args: dist/*
# build-python-release:
# uses: ./.github/workflows/build-python-release.reusable.yaml

# build-ruby-release:
# uses: ./.github/workflows/build-ruby-release.reusable.yaml

# build-typescript-release:
# uses: ./.github/workflows/build-typescript-release.reusable.yaml

# build-vscode-release:
# uses: ./.github/workflows/build-vscode-release.reusable.yaml

# # placeholder fan-in step
# all-builds:
# name: Assert all builds passed
# runs-on: ubuntu-latest
# needs:
# - build-python-release
# - build-ruby-release
# - build-typescript-release
# - build-vscode-release
# steps:
# - run: echo "::do-nothing::" >/dev/null

# publish-to-pypi:
# environment: release
# needs: [all-builds]
# if: ${{ startsWith(github.ref, 'refs/tags/') }}
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v4
# - uses: actions/setup-python@v5
# with:
# python-version: "3.8"
# - uses: actions/download-artifact@v4
# with:
# pattern: wheels-*
# path: dist
# merge-multiple: true

# # Verify we have the expected number of wheels
# - name: Verify wheel count
# run: |
# set -euo pipefail
# ls dist/
# wheel_count=$(ls dist/*.whl 2>/dev/null | wc -l)
# if [ "$wheel_count" -lt 7 ]; then
# echo "Error: Expected at least 7 wheels, but found $wheel_count"
# exit 1
# fi
# echo "Found $wheel_count wheels"

# # authz is managed via OIDC configured at https://pypi.org/manage/project/baml-py/settings/publishing/
# # it is pinned to this github actions filename, so renaming this file is not safe!!
# - name: Publish package to PyPI
# uses: PyO3/maturin-action@v1
# with:
# command: upload
# args: dist/*

publish-to-npm:
environment: release
needs: [all-builds]
if: ${{ startsWith(github.ref, 'refs/tags/') }}
# needs: [all-builds]
# if: ${{ startsWith(github.ref, 'refs/tags/') }}
runs-on: ubuntu-latest
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
Expand All @@ -108,6 +110,8 @@ jobs:
node-version: 20
cache: pnpm
cache-dependency-path: engine/language_client_typescript/pnpm-lock.yaml
registry-url: "https://registry.npmjs.org"


- name: Install dependencies
run: pnpm install
Expand All @@ -117,6 +121,8 @@ jobs:
with:
pattern: bindings-*
path: engine/language_client_typescript/artifacts
run-id: 12318760112
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The 'run-id' and 'github-token' fields in the 'actions/download-artifact' step are not standard and might cause issues. They should be removed unless they are part of a custom action that requires them.

github-token: ${{ secrets.SAM_GITHUB_PAT }}

- name: create npm dirs
run: pnpm napi create-npm-dirs
Expand All @@ -128,99 +134,100 @@ jobs:

- name: Publish
run: |
npm adduser
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The npm adduser command is unnecessary here as authentication is managed via the NODE_AUTH_TOKEN. Consider removing it to streamline the workflow.

npm publish --access public
working-directory: engine/language_client_typescript
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

publish-to-rubygems:
environment: release
needs: [all-builds]
if: ${{ startsWith(github.ref, 'refs/tags/') }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- uses: rubygems/configure-rubygems-credentials@main
with:
# https://rubygems.org/profile/oidc/api_key_roles/rg_oidc_akr_p6x4xz53qtk948na3bgy
role-to-assume: rg_oidc_akr_p6x4xz53qtk948na3bgy

- uses: jdx/mise-action@v2

- uses: actions/download-artifact@v4
with:
pattern: gem-*
path: engine/language_client_ruby/pkg/
merge-multiple: true

- working-directory: engine/language_client_ruby
run: |
set -euxo pipefail
find pkg
for i in $(ls pkg/*.gem); do
gem push $i
done

publish-to-github:
environment: release
needs: [all-builds]
if: ${{ startsWith(github.ref, 'refs/tags/') }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Get Changelog
id: latest_release
run: |
echo "::set-output name=changelog::$(awk '/^## \[/{if (p) exit; p=1} p' CHANGELOG.md)"

- name: Create Release
uses: mikepenz/action-gh-release@v1 #softprops/action-gh-release
with:
body: ${{steps.latest_release.outputs.changelog}}

publish-to-open-vsx:
environment: release
needs: [all-builds]
runs-on: ubuntu-latest
if: ${{ startsWith(github.ref, 'refs/tags/') || inputs.force_publish_vscode }}
steps:
- uses: actions/checkout@v4
- uses: jdx/mise-action@v2
- name: Install Dependencies
run: pnpm install --frozen-lockfile
working-directory: typescript/
- uses: actions/download-artifact@v4
with:
name: baml-vscode-vsix
path: typescript/vscode-ext/packages/out/
- name: Publish to open-vsx
run: |
cd typescript/vscode-ext/packages
pnpm ovsx publish --packagePath ./out/*.vsix
env:
OVSX_PAT: ${{ secrets.OVSX_PAT }}

publish-to-vscode-marketplace:
environment: release
needs: [all-builds]
runs-on: ubuntu-latest
if: ${{ startsWith(github.ref, 'refs/tags/') || inputs.force_publish_vscode }}
steps:
- uses: actions/checkout@v4
- uses: jdx/mise-action@v2
- name: Install Dependencies
run: pnpm install --frozen-lockfile
working-directory: typescript/
- uses: actions/download-artifact@v4
with:
name: baml-vscode-vsix
path: typescript/vscode-ext/packages/out/
- name: Publish to VSCode Marketplace
run: |
cd typescript/vscode-ext/packages
pnpm vsce publish --packagePath ./out/*.vsix
env:
VSCE_PAT: ${{ secrets.VSCODE_PAT }}
# publish-to-rubygems:
# environment: release
# needs: [all-builds]
# if: ${{ startsWith(github.ref, 'refs/tags/') }}
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v4

# - uses: rubygems/configure-rubygems-credentials@main
# with:
# # https://rubygems.org/profile/oidc/api_key_roles/rg_oidc_akr_p6x4xz53qtk948na3bgy
# role-to-assume: rg_oidc_akr_p6x4xz53qtk948na3bgy

# - uses: jdx/mise-action@v2

# - uses: actions/download-artifact@v4
# with:
# pattern: gem-*
# path: engine/language_client_ruby/pkg/
# merge-multiple: true

# - working-directory: engine/language_client_ruby
# run: |
# set -euxo pipefail
# find pkg
# for i in $(ls pkg/*.gem); do
# gem push $i
# done

# publish-to-github:
# environment: release
# needs: [all-builds]
# if: ${{ startsWith(github.ref, 'refs/tags/') }}
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v4

# - name: Get Changelog
# id: latest_release
# run: |
# echo "::set-output name=changelog::$(awk '/^## \[/{if (p) exit; p=1} p' CHANGELOG.md)"

# - name: Create Release
# uses: mikepenz/action-gh-release@v1 #softprops/action-gh-release
# with:
# body: ${{steps.latest_release.outputs.changelog}}

# publish-to-open-vsx:
# environment: release
# needs: [all-builds]
# runs-on: ubuntu-latest
# if: ${{ startsWith(github.ref, 'refs/tags/') || inputs.force_publish_vscode }}
# steps:
# - uses: actions/checkout@v4
# - uses: jdx/mise-action@v2
# - name: Install Dependencies
# run: pnpm install --frozen-lockfile
# working-directory: typescript/
# - uses: actions/download-artifact@v4
# with:
# name: baml-vscode-vsix
# path: typescript/vscode-ext/packages/out/
# - name: Publish to open-vsx
# run: |
# cd typescript/vscode-ext/packages
# pnpm ovsx publish --packagePath ./out/*.vsix
# env:
# OVSX_PAT: ${{ secrets.OVSX_PAT }}

# publish-to-vscode-marketplace:
# environment: release
# needs: [all-builds]
# runs-on: ubuntu-latest
# if: ${{ startsWith(github.ref, 'refs/tags/') || inputs.force_publish_vscode }}
# steps:
# - uses: actions/checkout@v4
# - uses: jdx/mise-action@v2
# - name: Install Dependencies
# run: pnpm install --frozen-lockfile
# working-directory: typescript/
# - uses: actions/download-artifact@v4
# with:
# name: baml-vscode-vsix
# path: typescript/vscode-ext/packages/out/
# - name: Publish to VSCode Marketplace
# run: |
# cd typescript/vscode-ext/packages
# pnpm vsce publish --packagePath ./out/*.vsix
# env:
# VSCE_PAT: ${{ secrets.VSCODE_PAT }}
2 changes: 1 addition & 1 deletion engine/language_client_typescript/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"description": "BAML typescript bindings (package.json)",
"repository": {
"type": "git",
"url": "https://github.com/BoundaryML/baml.git",
"url": "git+https://github.com/BoundaryML/baml.git",
"directory": "engine/language_client_typescript"
},
"license": "MIT",
Expand Down
Loading