Update automated release process to latest version (#1611)

.github/actions/get-prerelease/action.yml

@@ -0,0 +1,30 @@
+name: Return a boolean indicating if the version contains prerelease identifiers
+
+#
+# Returns a simple true/false boolean indicating whether the version indicates it's a prerelease or not.
+#
+# TODO: Remove once the common repo is public.
+#
+
+inputs:
+ version:
+ required: true
+
+outputs:
+ prerelease:
+ value: ${{ steps.get_prerelease.outputs.PRERELEASE }}
+
+runs:
+ using: composite
+
+ steps:
+ - id: get_prerelease
+ shell: bash
+ run: |
+ if [[ "${VERSION}" == *"beta"* || "${VERSION}" == *"alpha"* ]]; then
+ echo "PRERELEASE=true" >> $GITHUB_OUTPUT
+ else
+ echo "PRERELEASE=false" >> $GITHUB_OUTPUT
+ fi
+ env:
+ VERSION: ${{ inputs.version }}

.github/actions/get-release-notes/action.yml

@@ -0,0 +1,42 @@
+name: Return the release notes extracted from the body of the PR associated with the release.
+
+#
+# Returns the release notes from the content of a pull request linked to a release branch. It expects the branch name to be in the format release/vX.Y.Z, release/X.Y.Z, release/vX.Y.Z-beta.N. etc.
+#
+# TODO: Remove once the common repo is public.
+#
+inputs:
+ version:
+ required: true
+ repo_name:
+ required: false
+ repo_owner:
+ required: true
+ token:
+ required: true
+
+outputs:
+ release-notes:
+ value: ${{ steps.get_release_notes.outputs.RELEASE_NOTES }}
+
+runs:
+ using: composite
+
+ steps:
+ - uses: actions/github-script@v7
+ id: get_release_notes
+ with:
+ result-encoding: string
+ script: |
+ const { data: pulls } = await github.rest.pulls.list({
+ owner: process.env.REPO_OWNER,
+ repo: process.env.REPO_NAME,
+ state: 'all',
+ head: `${process.env.REPO_OWNER}:release/${process.env.VERSION}`,
+ });
+ core.setOutput('RELEASE_NOTES', pulls[0].body);
+ env:
+ GITHUB_TOKEN: ${{ inputs.token }}
+ REPO_OWNER: ${{ inputs.repo_owner }}
+ REPO_NAME: ${{ inputs.repo_name }}
+ VERSION: ${{ inputs.version }}

.github/actions/get-version/action.yml

@@ -0,0 +1,21 @@
+name: Return the version extracted from the branch name
+
+#
+# Returns the version from the .version file.
+#
+# TODO: Remove once the common repo is public.
+#
+
+outputs:
+ version:
+ value: ${{ steps.get_version.outputs.VERSION }}
+
+runs:
+ using: composite
+
+ steps:
+ - id: get_version
+ shell: bash
+ run: |
+ VERSION=$(head -1 .version)
+ echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT

.github/actions/npm-publish/action.yml

@@ -0,0 +1,52 @@
+name: Publish release to npm
+
+inputs:
+ node-version:
+ required: true
+ npm-token:
+ required: true
+ version:
+ required: true
+ require-build:
+ default: true
+ release-directory:
+ default: './'
+
+runs:
+ using: composite
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Setup Node
+ uses: actions/setup-node@v4
+ with:
+ node-version: ${{ inputs.node-version }}
+ cache: 'npm'
+ registry-url: 'https://registry.npmjs.org'
+
+ - name: Install dependencies
+ shell: bash
+ run: npm ci --include=dev
+
+ - name: Build package
+ if: inputs.require-build == 'true'
+ shell: bash
+ run: npm run build
+
+ - name: Publish release to NPM
+ shell: bash
+ working-directory: ${{ inputs.release-directory }}
+ run: |
+ if [[ "${VERSION}" == *"beta"* ]]; then
+ TAG="beta"
+ elif [[ "${VERSION}" == *"alpha"* ]]; then
+ TAG="alpha"
+ else
+ TAG="latest"
+ fi
+ npm publish --provenance --tag $TAG
+ env:
+ NODE_AUTH_TOKEN: ${{ inputs.npm-token }}
+ VERSION: ${{ inputs.version }}

.github/actions/release-create/action.yml

@@ -0,0 +1,47 @@
+name: Create a GitHub release
+
+#
+# Creates a GitHub release with the given version.
+#
+# TODO: Remove once the common repo is public.
+#
+
+inputs:
+ token:
+ required: true
+ files:
+ required: false
+ name:
+ required: true
+ body:
+ required: true
+ tag:
+ required: true
+ commit:
+ required: true
+ draft:
+ default: false
+ required: false
+ prerelease:
+ default: false
+ required: false
+ fail_on_unmatched_files:
+ default: true
+ required: false
+
+runs:
+ using: composite
+
+ steps:
+ - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
+ with:
+ body: ${{ inputs.body }}
+ name: ${{ inputs.name }}
+ tag_name: ${{ inputs.tag }}
+ target_commitish: ${{ inputs.commit }}
+ draft: ${{ inputs.draft }}
+ prerelease: ${{ inputs.prerelease }}
+ fail_on_unmatched_files: ${{ inputs.fail_on_unmatched_files }}
+ files: ${{ inputs.files }}
+ env:
+ GITHUB_TOKEN: ${{ inputs.token }}

.github/actions/tag-exists/action.yml

@@ -0,0 +1,36 @@
+name: Return a boolean indicating if a tag already exists for the repository
+
+#
+# Returns a simple true/false boolean indicating whether the tag exists or not.
+#
+# TODO: Remove once the common repo is public.
+#
+
+inputs:
+ token:
+ required: true
+ tag:
+ required: true
+
+outputs:
+ exists:
+ description: 'Whether the tag exists or not'
+ value: ${{ steps.tag-exists.outputs.EXISTS }}
+
+runs:
+ using: composite
+
+ steps:
+ - id: tag-exists
+ shell: bash
+ run: |
+ GET_API_URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/git/ref/tags/${TAG_NAME}"
+ http_status_code=$(curl -LI $GET_API_URL -o /dev/null -w '%{http_code}\n' -s -H "Authorization: token ${GITHUB_TOKEN}")
+ if [ "$http_status_code" -ne "404" ] ; then
+ echo "EXISTS=true" >> $GITHUB_OUTPUT
+ else
+ echo "EXISTS=false" >> $GITHUB_OUTPUT
+ fi
+ env:
+ TAG_NAME: ${{ inputs.tag }}
+ GITHUB_TOKEN: ${{ inputs.token }}

.github/workflows/npm-release.yml

@@ -0,0 +1,83 @@
+name: Create npm and GitHub Release
+
+on:
+ workflow_call:
+ inputs:
+ node-version:
+ required: true
+ type: string
+ require-build:
+ default: true
+ type: string
+ release-directory:
+ default: './'
+ type: string
+ secrets:
+ github-token:
+ required: true
+ npm-token:
+ required: true
+
+### TODO: Replace instances of './.github/actions/' w/ `auth0/dx-sdk-actions/` and append `@latest` after the common `dx-sdk-actions` repo is made public.
+### TODO: Also remove `get-prerelease`, `get-version`, `release-create`, `tag-create` and `tag-exists` actions from this repo's .github/actions folder once the repo is public.
+
+jobs:
+ release:
+ if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
+ runs-on: ubuntu-latest
+ environment: release
+
+ steps:
+ # Checkout the code
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+
+ # Get the version from the branch name
+ - id: get_version
+ uses: ./.github/actions/get-version
+
+ # Get the prerelease flag from the branch name
+ - id: get_prerelease
+ uses: ./.github/actions/get-prerelease
+ with:
+ version: ${{ steps.get_version.outputs.version }}
+
+ # Get the release notes
+ - id: get_release_notes
+ uses: ./.github/actions/get-release-notes
+ with:
+ token: ${{ secrets.github-token }}
+ version: ${{ steps.get_version.outputs.version }}
+ repo_owner: ${{ github.repository_owner }}
+ repo_name: ${{ github.event.repository.name }}
+
+ # Check if the tag already exists
+ - id: tag_exists
+ uses: ./.github/actions/tag-exists
+ with:
+ tag: ${{ steps.get_version.outputs.version }}
+ token: ${{ secrets.github-token }}
+
+ # If the tag already exists, exit with an error
+ - if: steps.tag_exists.outputs.exists == 'true'
+ run: exit 1
+
+ # Publish the release to npm
+ - uses: ./.github/actions/npm-publish
+ with:
+ node-version: ${{ inputs.node-version }}
+ require-build: ${{ inputs.require-build }}
+ release-directory: ${{ inputs.release-directory }}
+ version: ${{ steps.get_version.outputs.version }}
+ npm-token: ${{ secrets.npm-token }}
+
+ # Create a release for the tag
+ - uses: ./.github/actions/release-create
+ with:
+ token: ${{ secrets.github-token }}
+ name: ${{ steps.get_version.outputs.version }}
+ body: ${{ steps.get_release_notes.outputs.release-notes }}
+ tag: ${{ steps.get_version.outputs.version }}
+ commit: ${{ github.sha }}
+ prerelease: ${{ steps.get_prerelease.outputs.prerelease }}