Taskmaster

name: Release on: push: branches: - main workflow_dispatch: # Manual trigger is always RC pre-release concurrency: ${{ github.workflow }}-${{ github.ref }} permissions: contents: write pull-requests: write id-token: write jobs: # ========== GUARD: Fail fast if workflow_dispatch on main ========== dispatch-guard: if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/main' runs-on: ubuntu-latest steps: - run: | echo "::error::workflow_dispatch is intended for RC runs on non-main branches only." echo "To create a stable release, push to main with changesets." exit 1 # ========== STABLE RELEASE (main branch push only) ========== release: if: github.ref == 'refs/heads/main' && github.event_name == 'push' runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - uses: actions/setup-node@v4 with: node-version: 20 cache: npm registry-url: "https://registry.npmjs.org" - name: Update npm for trusted publishing run: npm install -g npm@latest - name: Cache node_modules uses: actions/cache@v4 with: path: | node_modules */*/node_modules key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: Install dependencies run: npm ci timeout-minutes: 2 - name: Check pre-release mode run: node ./.github/scripts/check-pre-release-mode.mjs "main" - name: Build packages run: npm run turbo:build env: NODE_ENV: production FORCE_COLOR: 1 TM_PUBLIC_BASE_DOMAIN: ${{ secrets.TM_PUBLIC_BASE_DOMAIN }} TM_PUBLIC_SUPABASE_URL: ${{ secrets.TM_PUBLIC_SUPABASE_URL }} TM_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.TM_PUBLIC_SUPABASE_ANON_KEY }} - name: Create Release Pull Request or Publish uses: changesets/action@v1 with: version: npm run version publish: npm run release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} NPM_CONFIG_PROVENANCE: true # ========== PRE-RELEASE (manual workflow_dispatch only) ========== rc: if: github.event_name == 'workflow_dispatch' && github.ref != 'refs/heads/main' runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - uses: actions/setup-node@v4 with: node-version: 20 cache: npm registry-url: "https://registry.npmjs.org" - name: Update npm for trusted publishing run: npm install -g npm@latest - name: Cache node_modules uses: actions/cache@v4 with: path: | node_modules */*/node_modules key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - name: Install dependencies run: npm ci timeout-minutes: 2 - name: Enter RC mode (if not already in RC mode) run: | # Check if we're in pre-release mode with the "rc" tag if [ -f .changeset/pre.json ]; then MODE=$(jq -r '.mode' .changeset/pre.json 2>/dev/null || echo '') TAG=$(jq -r '.tag' .changeset/pre.json 2>/dev/null || echo '') if [ "$MODE" = "exit" ]; then echo "Pre-release mode is in 'exit' state, re-entering RC mode..." npx changeset pre enter rc elif [ "$MODE" = "pre" ] && [ "$TAG" != "rc" ]; then echo "In pre-release mode but with wrong tag ($TAG), switching to RC..." npx changeset pre exit npx changeset pre enter rc elif [ "$MODE" = "pre" ] && [ "$TAG" = "rc" ]; then echo "Already in RC pre-release mode" else echo "Unknown mode state: $MODE, entering RC mode..." npx changeset pre enter rc fi else echo "No pre.json found, entering RC mode..." npx changeset pre enter rc fi - name: Version RC packages run: npx changeset version env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Run format run: npm run format env: FORCE_COLOR: 1 - name: Build packages run: npm run turbo:build env: NODE_ENV: production FORCE_COLOR: 1 TM_PUBLIC_BASE_DOMAIN: ${{ secrets.TM_PUBLIC_BASE_DOMAIN }} TM_PUBLIC_SUPABASE_URL: ${{ secrets.TM_PUBLIC_SUPABASE_URL }} TM_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.TM_PUBLIC_SUPABASE_ANON_KEY }} - name: Publish RC to npm run: npx changeset publish env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} NPM_CONFIG_PROVENANCE: true - name: Commit & Push changes uses: stefanzweifel/git-auto-commit-action@v5 with: commit_message: "chore: rc version bump [skip ci]" branch: ${{ github.ref_name }}