userland-migrations/.github/workflows/codemod_publish.yml at main · nodejs/userland-migrations · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json

# For more information see: https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow

name: Publish Codemod

on:
  push:
    tags:
      - "v*@*" # eg: v1.0.0@codemod-name
  workflow_dispatch:
    inputs:
      tag:
        description: "Tag to publish (format: v1.0.0@codemod-name)"
        required: true
        type: string

permissions: read-all

jobs:
  validate-and-publish:
    name: Validate and Publish Codemod
    runs-on: ubuntu-latest

    permissions:
      id-token: write
      contents: read
    outputs:
      version: ${{ steps.parse-tag.outputs.version }}
      codemod-name: ${{ steps.parse-tag.outputs.codemod-name }}
      codemod-path: ${{ steps.parse-tag.outputs.codemod-path }}

    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
        with:
          egress-policy: audit

      - name: Checkout repository
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0

      - name: Parse tag and extract metadata
        id: parse-tag
        env:
          EVENT_NAME: ${{ github.event_name }}
          INPUT_TAG: ${{ github.event.inputs.tag }}
          GITHUB_REF: ${{ github.ref }}
        run: |
          # Determine the tag based on trigger type
          if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then
            TAG="$INPUT_TAG"
            echo "Using manually provided tag: $TAG"
          else
            TAG="${GITHUB_REF#refs/tags/}"
            echo "Using pushed tag: $TAG"
          fi

          # Validate tag format
          if [[ ! "$TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+@[a-zA-Z0-9_-]+$ ]]; then
            echo "❌ Invalid tag format: $TAG"
            echo "Expected format: v1.0.0@codemod-name"
            exit 1
          fi

          # Extract components
          VERSION="${TAG%@*}"      # Everything before @
          VERSION="${VERSION#v}"   # Remove v prefix
          CODEMOD_NAME="${TAG#*@}" # Everything after @
          CODEMOD_PATH="recipes/$CODEMOD_NAME"

          # Set outputs
          echo "version=$VERSION" >> $GITHUB_OUTPUT
          echo "codemod-name=$CODEMOD_NAME" >> $GITHUB_OUTPUT
          echo "codemod-path=$CODEMOD_PATH" >> $GITHUB_OUTPUT

      - name: Verify codemod directory
        env:
          CODEMOD_PATH: ${{ steps.parse-tag.outputs.codemod-path }}
        run: |
          if [[ ! -d "$CODEMOD_PATH" ]]; then
            echo "❌ Codemod directory not found: $CODEMOD_PATH"
            echo "Available directories in recipes/:"
            ls -lah recipes/ || echo "No recipes directory found"
            exit 1
          fi

          echo "✓ Found codemod directory: $CODEMOD_PATH"
          echo "Directory contents:"
          ls -lah "$CODEMOD_PATH"

      - name: Setup Node.js environment
        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
        with:
          node-version-file: ".nvmrc"
          cache: npm
          cache-dependency-path: package-lock.json

      # We don't use dev dependencies
      # But we need npm to put local workspace in `node_modules`
      # so codemod can bundle workspaces in the codemod tarball correctly
      - name: Install project dependencies
        run: npm ci

      # Run test before login to not waste time if it fails
      - name: Run codemod Tests
        working-directory: ${{ steps.parse-tag.outputs.codemod-path }}
        run: node --test


      - name: Publish codemod to registry
        uses: codemod/publish-action@dd6c8dbc5ceb1a6146feba41481d88b43da50024 # v1
        with:
          path: ${{ steps.parse-tag.outputs.codemod-path }}

      - name: Create release summary
        env:
          CODEMOD_NAME: ${{ steps.parse-tag.outputs.codemod-name }}
          VERSION: ${{ steps.parse-tag.outputs.version }}
          TAG: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.tag || github.ref_name }}
          TRIGGER: ${{ github.event_name == 'workflow_dispatch' && 'Manual' || 'Tag Push' }}
          ACTOR: ${{ github.triggering_actor }}
        run: |
          cat >> $GITHUB_STEP_SUMMARY << EOF
          # 🚀 Codemod Publication Summary

          **Codemod:** \`$CODEMOD_NAME\`
          **Version:** \`$VERSION\`
          **Tag:** \`$TAG\`
          **Trigger:** $TRIGGER by $ACTOR

          ✅ Codemod has been successfully published to the registry!
          EOF