From 7abf48901c41c02506617e4e4ba69ab14873f522 Mon Sep 17 00:00:00 2001 From: Lilith Date: Wed, 21 Jan 2026 11:44:57 -0800 Subject: [PATCH] =?UTF-8?q?ci(config):=20=F0=9F=94=A7=20Update=20Forgejo?= =?UTF-8?q?=20CI/CD=20workflows=20and=20deployment=20templates?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .forgejo/workflows/publish.yml | 176 +++++++++++++++++++++++++++++++++ 1 file changed, 176 insertions(+) create mode 100644 .forgejo/workflows/publish.yml diff --git a/.forgejo/workflows/publish.yml b/.forgejo/workflows/publish.yml new file mode 100644 index 0000000..056e505 --- /dev/null +++ b/.forgejo/workflows/publish.yml @@ -0,0 +1,176 @@ +name: Build and Publish + +on: + push: + branches: [main, master] + workflow_dispatch: + +env: + NODE_VERSION: '22' + PNPM_VERSION: '9' + +jobs: + build-and-publish: + runs-on: ubuntu-latest + env: + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: ${{ env.NODE_VERSION }} + + - name: Setup pnpm + run: | + npm install -g pnpm@${{ env.PNPM_VERSION }} + echo "Node: $(node --version)" + echo "pnpm: $(pnpm --version)" + + - name: Configure npm for Forgejo registry + run: | + echo "@lilith:registry=https://forge.nasty.sh/api/packages/lilith/npm/" > .npmrc + echo "//forge.nasty.sh/api/packages/lilith/npm/:_authToken=\${NPM_TOKEN}" >> .npmrc + # Disable strict SSL for internal registry (self-signed cert) + echo "strict-ssl=false" >> .npmrc + + - name: Transform external workspace dependencies + run: | + # Convert workspace:* deps to * for packages not in this workspace + node -e " + const fs = require('fs'); + const path = require('path'); + + // Collect all package names in this workspace + const localPackages = new Set(); + const dirs = fs.readdirSync('.').filter(d => + fs.statSync(d).isDirectory() && + fs.existsSync(path.join(d, 'package.json')) && + !d.startsWith('.') && d !== 'node_modules' + ); + for (const dir of dirs) { + const pkgPath = path.join(dir, 'package.json'); + const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8')); + if (pkg.name) localPackages.add(pkg.name); + } + // Add root package + if (fs.existsSync('package.json')) { + const rootPkg = JSON.parse(fs.readFileSync('package.json', 'utf8')); + if (rootPkg.name) localPackages.add(rootPkg.name); + } + console.log('Local packages:', Array.from(localPackages).join(', ')); + + const transform = (deps) => { + if (!deps) return deps; + for (const [name, version] of Object.entries(deps)) { + if (version.startsWith('workspace:') || version.startsWith('file:')) { + if (!localPackages.has(name)) { + deps[name] = '*'; + console.log(' Transformed external:', name); + } + } + } + return deps; + }; + + // Transform root package.json + if (fs.existsSync('package.json')) { + console.log('Processing: package.json'); + const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8')); + pkg.dependencies = transform(pkg.dependencies); + pkg.devDependencies = transform(pkg.devDependencies); + pkg.peerDependencies = transform(pkg.peerDependencies); + fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2)); + } + + // Transform all workspace package.json files + for (const dir of dirs) { + const pkgPath = path.join(dir, 'package.json'); + console.log('Processing:', pkgPath); + const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8')); + pkg.dependencies = transform(pkg.dependencies); + pkg.devDependencies = transform(pkg.devDependencies); + pkg.peerDependencies = transform(pkg.peerDependencies); + fs.writeFileSync(pkgPath, JSON.stringify(pkg, null, 2)); + } + " + + - name: Install dependencies + run: | + echo "Installing dependencies..." + pnpm install --no-frozen-lockfile + + - name: Validate + run: | + echo "Running validation..." + # Run typecheck if available + if grep -q '"typecheck"' package.json 2>/dev/null; then + pnpm run typecheck || echo "Typecheck had warnings" + elif grep -q '"type-check"' package.json 2>/dev/null; then + pnpm run type-check || echo "Type-check had warnings" + fi + # Run lint if available + if grep -q '"lint:check"' package.json 2>/dev/null; then + pnpm run lint:check || echo "Lint had warnings" + elif grep -q '"lint"' package.json 2>/dev/null; then + pnpm run lint || echo "Lint had warnings" + fi + + - name: Build and Publish based on _ config + run: | + pkg_name=$(node -p "require('./package.json').name") + pkg_version=$(node -p "require('./package.json').version") + + # Read _ config fields + should_build=$(node -p "require('./package.json')._?.build === true") + should_publish=$(node -p "require('./package.json')._?.publish === true") + registry=$(node -p "require('./package.json')._?.registry || 'none'") + + echo "=== $pkg_name@$pkg_version ===" + echo " build: $should_build, publish: $should_publish, registry: $registry" + + # Only process if configured for forgejo registry + if [ "$registry" != "forgejo" ]; then + echo "Skipping: registry is not forgejo" + exit 0 + fi + + # Build if configured + if [ "$should_build" = "true" ]; then + echo "Building..." + pnpm run build + fi + + # Publish if configured + if [ "$should_publish" = "true" ]; then + if npm view "$pkg_name@$pkg_version" version 2>/dev/null; then + echo "Already published, skipping" + else + echo "Publishing..." + + # Transform workspace:* and file: dependencies + node -e " + const fs = require('fs'); + const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8')); + const transform = (deps) => { + if (!deps) return deps; + for (const [name, version] of Object.entries(deps)) { + if (version.startsWith('workspace:') || version.startsWith('file:')) { + deps[name] = '*'; + } + } + return deps; + }; + pkg.dependencies = transform(pkg.dependencies); + pkg.devDependencies = transform(pkg.devDependencies); + pkg.peerDependencies = transform(pkg.peerDependencies); + fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2)); + " + + npm publish --access public --no-git-checks + fi + fi + + echo "=== Complete ==="