Expensify
diff --git a/‎.github/OSBotify-private-key.asc.gpg‎
5.01 KB b/‎.github/OSBotify-private-key.asc.gpg‎
5.01 KB
diff --git a/‎.github/workflows/npmpublish.yml‎
Lines changed: 0 additions & 31 deletions b/‎.github/workflows/npmpublish.yml‎
Lines changed: 0 additions & 31 deletions
diff --git a/‎.github/workflows/publish.yml‎
Lines changed: 76 additions & 0 deletions b/‎.github/workflows/publish.yml‎
Lines changed: 76 additions & 0 deletions
diff --git a/‎.nvmrc‎
Lines changed: 1 addition & 0 deletions b/‎.nvmrc‎
Lines changed: 1 addition & 0 deletions
@@ -0,0 +1,76 @@
+name: Publish package to npmjs
+
+# This workflow runs when code is pushed to `main` (i.e: when a pull request is merged)
+on:
+    push:
+        branches: [main]
+
+# Ensure that only one instance of this workflow executes at a time.
+# If multiple PRs are merged in quick succession, there will only ever be one publish workflow running and one pending.
+concurrency: ${{ github.workflow }}
+
+jobs:
+    version:
+        runs-on: ubuntu-latest
+
+        # OSBotify will update the version on `main`, so this check is important to prevent an infinite loop
+        if: ${{ github.actor != 'OSBotify' }}
+
+        steps:
+            - uses: actions/checkout@v4
+              with:
+                ref: main
+                # The OS_BOTIFY_COMMIT_TOKEN is a personal access token tied to osbotify, which allows him to push to protected branches
+                token: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }}
+
+            - name: Decrypt & Import OSBotify GPG key
+              run: |
+                cd .github
+                gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" --output OSBotify-private-key.asc OSBotify-private-key.asc.gpg
+                gpg --import OSBotify-private-key.asc
+              env:
+                LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
+
+            - name: Set up git for OSBotify
+              run: |
+                git config --global user.signingkey 367811D53E34168C
+                git config --global commit.gpgsign true
+                git config --global user.name OSBotify
+                git config --global user.email infra+osbotify@expensify.com
+
+            - uses: actions/setup-node@v4
+              with:
+                node-version-file: ".nvmrc"
+
+            - name: Install npm packages
+              run: npm ci
+
+            - name: Update npm version
+              run: npm version patch
+
+            - name: Set new version in GitHub ENV
+              run: echo "NEW_VERSION=$(jq '.version' package.json)" >> $GITHUB_ENV
+
+            - name: Push branch and publish tags
+              run: git push origin main && git push --tags
+
+            - name: Build package
+              run: npm run build
+
+            - name: Publish to npm
+              run: npm publish
+              env:
+                NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+            - name: Get merged pull request
+              id: getMergedPullRequest
+              run: |
+                read -r number < <(gh pr list --search ${{ github.sha }} --state merged --json 'number' | jq -r '.[0] | [.number] | join(" ")')
+                echo "number=$number" >> "$GITHUB_OUTPUT"
+              env:
+                GITHUB_TOKEN: ${{ github.token }}
+
+            - name: Comment on merged pull request
+              run: gh pr comment ${{ steps.getMergedPullRequest.outputs.number }} --body "🚀Published to npm in v${{ env.NEW_VERSION }}"
+              env:
+                GITHUB_TOKEN: ${{ github.token }}
@@ -0,0 +1 @@
+20.15.1