chore(deps-dev): bump esbuild from 0.27.1 to 0.28.1 (#1259) #438
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Publish | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| permissions: {} | |
| outputs: | |
| VERSION_EXISTS: ${{ steps.check-version.outputs.VERSION_EXISTS }} | |
| NPM_VERSION: ${{ steps.get-version.outputs.NPM_VERSION }} | |
| GIT_TAG_VERSION: ${{ steps.get-version.outputs.GIT_TAG_VERSION }} | |
| RELEASE_CHANNEL: ${{ steps.npm-tag.outputs.RELEASE_CHANNEL }} | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get version | |
| id: get-version | |
| shell: bash | |
| run: | | |
| set -e | |
| NPM_VERSION=$(npm pkg get version | tr -d '"') | |
| GIT_TAG_VERSION="v${NPM_VERSION}" | |
| echo "NPM_VERSION=${NPM_VERSION}" >> "$GITHUB_OUTPUT" | |
| echo "GIT_TAG_VERSION=${GIT_TAG_VERSION}" >> "$GITHUB_OUTPUT" | |
| - name: Check if version already exists | |
| id: check-version | |
| shell: bash | |
| run: | | |
| set +e | |
| git rev-parse "${{ steps.get-version.outputs.GIT_TAG_VERSION }}" >/dev/null 2>&1 | |
| if [[ $? -eq 0 ]]; then | |
| echo "VERSION_EXISTS=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "VERSION_EXISTS=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Get npm tag | |
| id: npm-tag | |
| shell: bash | |
| run: | | |
| set -e | |
| VERSION="${{ steps.get-version.outputs.GIT_TAG_VERSION }}" | |
| # Extract the release channel (latest, alpha, beta, rc) | |
| if [[ $VERSION =~ ^v?[0-9]+\.[0-9]+\.[0-9]+(-(.+))?$ ]]; then | |
| if [[ -n "${BASH_REMATCH[2]}" ]]; then | |
| CAPTURED_CHANNEL="${BASH_REMATCH[2]}" | |
| # The captured channel might have more dots, cases like | |
| # v1.2.3-alpha.1 For such cases we only want the channel relevant | |
| # part which is alpha. | |
| RELEASE_CHANNEL="${CAPTURED_CHANNEL%%.*}" | |
| else | |
| RELEASE_CHANNEL="latest" | |
| fi | |
| else | |
| echo "::error title=Invalid Version::Encountered unexpected version ${{ steps.get-version.outputs.GIT_TAG_VERSION }}, cannot proceed!" | |
| exit 1 | |
| fi | |
| echo "RELEASE_CHANNEL=${RELEASE_CHANNEL}" >> "$GITHUB_OUTPUT" | |
| - name: Output deployment info | |
| run: echo "::notice title=Deployment Info::Deploying version ${{ steps.get-version.outputs.GIT_TAG_VERSION }} to channel ${{ steps.npm-tag.outputs.RELEASE_CHANNEL }}" | |
| publish: | |
| runs-on: ubuntu-latest | |
| environment: Production | |
| permissions: | |
| contents: write | |
| id-token: write | |
| needs: | |
| - check | |
| if: needs.check.outputs.VERSION_EXISTS == 'false' | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| - uses: actions/checkout@v6 | |
| with: | |
| persist-credentials: false | |
| fetch-depth: 0 | |
| - uses: pnpm/action-setup@v5 | |
| - uses: actions/setup-node@v6 | |
| with: | |
| node-version: "24" | |
| registry-url: "https://registry.npmjs.org" | |
| cache: "pnpm" | |
| - name: Build | |
| run: | | |
| pnpm install --frozen-lockfile | |
| pnpm run build | |
| - name: Build .mcpb | |
| run: pnpm run build:mcpb | |
| - name: Publish to NPM | |
| run: | | |
| pnpm publish --tag ${{ needs.check.outputs.RELEASE_CHANNEL }} --no-git-checks | |
| pnpm -r --filter './packages/*' publish --tag ${{ needs.check.outputs.RELEASE_CHANNEL }} --no-git-checks | |
| - name: Generate AI release summary | |
| id: ai-summary | |
| continue-on-error: true | |
| env: | |
| GROVE_API_KEY: ${{ secrets.GROVE_API_KEY }} | |
| GH_TOKEN: ${{ github.token }} | |
| run: node --experimental-strip-types scripts/generate-release-notes.ts --newVersion ${{ needs.check.outputs.GIT_TAG_VERSION }} --commitSha ${{ github.sha }} | |
| - name: Publish github release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| shell: bash | |
| run: | | |
| set -e | |
| gh release create ${{ needs.check.outputs.GIT_TAG_VERSION }} \ | |
| dist-mcpb/*.mcpb \ | |
| --title "${{ needs.check.outputs.GIT_TAG_VERSION }}" \ | |
| --notes-file "${{ steps.ai-summary.outputs.notes_file }}" \ | |
| --target ${{ github.sha }} \ | |
| ${{ (needs.check.outputs.RELEASE_CHANNEL != 'latest' && '--prerelease') || ''}} | |
| - name: Wait for package to be available on npm | |
| run: | | |
| PACKAGE_NAME=$(npm pkg get name | tr -d '"') | |
| NPM_VERSION="${{ needs.check.outputs.NPM_VERSION }}" | |
| MAX_ATTEMPTS=30 | |
| SLEEP_SECONDS=10 | |
| echo "Waiting for ${PACKAGE_NAME}@${NPM_VERSION} to be available on npm..." | |
| for i in $(seq 1 $MAX_ATTEMPTS); do | |
| if npm view "${PACKAGE_NAME}@${NPM_VERSION}" version >/dev/null 2>&1; then | |
| echo "✓ Package ${PACKAGE_NAME}@${NPM_VERSION} is now available on npm" | |
| exit 0 | |
| fi | |
| echo "Attempt $i/$MAX_ATTEMPTS: Package not yet available, waiting ${SLEEP_SECONDS}s..." | |
| sleep $SLEEP_SECONDS | |
| done | |
| echo "::error::Package ${PACKAGE_NAME}@${NPM_VERSION} did not become available after $((MAX_ATTEMPTS * SLEEP_SECONDS)) seconds" | |
| exit 1 | |
| docker-push: | |
| needs: [check, publish] | |
| uses: ./.github/workflows/docker-publish.yml | |
| permissions: | |
| contents: read | |
| with: | |
| npm_version: ${{ needs.check.outputs.NPM_VERSION }} | |
| release_channel: ${{ needs.check.outputs.RELEASE_CHANNEL }} | |
| secrets: | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| mcp-publish: | |
| needs: [check, docker-push] | |
| if: needs.check.outputs.VERSION_EXISTS == 'false' && needs.check.outputs.RELEASE_CHANNEL == 'latest' | |
| uses: ./.github/workflows/mcp-publish.yml | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jira-release: | |
| runs-on: ubuntu-latest | |
| needs: [check, publish] | |
| if: needs.check.outputs.VERSION_EXISTS == 'false' && needs.check.outputs.RELEASE_CHANNEL == 'latest' | |
| permissions: {} | |
| steps: | |
| - name: Update Jira release versions | |
| env: | |
| JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} | |
| VERSION_NUMBER: ${{ needs.check.outputs.NPM_VERSION }} | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| JIRA_URL="https://jira.mongodb.org" | |
| PROJECT_KEY="MCP" | |
| TODAY=$(date -u +%Y-%m-%d) | |
| AUTH_HEADER="Authorization: Bearer ${JIRA_API_TOKEN}" | |
| # Fetch all project versions and find vNext | |
| versions=$(curl -sSf -H "${AUTH_HEADER}" "${JIRA_URL}/rest/api/2/project/${PROJECT_KEY}/versions") | |
| vnext_id=$(echo "${versions}" | jq -r '.[] | select(.name == "vNext") | .id') | |
| project_id=$(echo "${versions}" | jq -r '.[0].projectId') | |
| if [[ -z "${vnext_id}" ]]; then | |
| echo "::error::vNext version not found in Jira project ${PROJECT_KEY}" | |
| exit 1 | |
| fi | |
| # Rename vNext to the release version and mark it as released | |
| curl -sSf -X PUT \ | |
| -H "${AUTH_HEADER}" -H "Content-Type: application/json" \ | |
| -d "{\"name\": \"${VERSION_NUMBER}\", \"released\": true, \"releaseDate\": \"${TODAY}\"}" \ | |
| "${JIRA_URL}/rest/api/2/version/${vnext_id}" > /dev/null | |
| echo "Renamed vNext to ${VERSION_NUMBER} and marked as released on ${TODAY}" | |
| # Create a new vNext version with start date today | |
| curl -sSf -X POST \ | |
| -H "${AUTH_HEADER}" -H "Content-Type: application/json" \ | |
| -d "{\"name\": \"vNext\", \"projectId\": ${project_id}, \"startDate\": \"${TODAY}\"}" \ | |
| "${JIRA_URL}/rest/api/2/version" > /dev/null | |
| echo "Created new vNext version with start date ${TODAY}" |