PublishingLast Updated: 2020-12-22
We use a combination of tools from
pnpm to handle publishing these packages. A detailed blog post on our publishing process can be found here.
The normal path to publishing the packages in this monorepo is:
- Once a week (as defined in
mainbranch will publish packages to the
nexttag as a pre-release. Pre-release versions have
alphain their patch ranges, ie:
v1.2.3-alpha.0. Publishing is handled automatically by CircleCI.
- Manually, when there are changes pushed to the
stablebranch, CircleCI will publish a new patch version, publishing the mainline
latest-tag that Grouparoo customers use.
Please update the
stable branch with a rebase from
git checkout main && \ git pull && \ git checkout stable && \ git pull && \ git rebase main && \ git push
Both methods of publishing will also create a new Github release and generate release notes from our Pull Requests. This is done by the
lerna-changelog package. Only Pull Requests with labels will be included. Release Notes can be viewed at github.com/grouparoo/grouparoo/releases.
You can also publish packages manually via the
/bin/publish script in this repo. This is the same script that CI uses. If you are on the the
main branch, you will be publishing the pre-release
alpha packages, and if you are on the
stable branch, you will be publishing the mainline
- Be sure you have no working changes in your git branch (
git reset --hard origin/main)
- Ensure you are logged into NPM as a user who has publish rights to the
@grouparooorganization on NPM. Check with
- Ensure you have the
GITHUB_AUTHenvironment variable set. This is a Github PAT token which is needed to automatically publish our release notes for the new version. You can include this as part of the publish command in-line.
GITHUB_AUTH=xxx ./bin/publishfrom the root of the monorepo. Just like with the Automated Publishing Path, if you are on the
mainbranch, a new alpha release will be created, and if you are on the
stablebranch, a new mainline release.
- This will also run
- You may be asked for your NPM 2FA code before the process completes.
- Release notes will be automatically created by
- This will also run
- If CI doesn't pass, no packages will be published
- If the latest release on main was a commit generated from a previous release, it will have a commit message like
chore(release): publish v0.1.15-alpha.1 [ci skip]. The
[ci skip]part means CI won't run this commit again... if you want to then publish a
stablerelease, you will need to do it manually.
- There may be problems publishing to NPM (rare HTTP timeouts). If this happens you will need to publish individual packages that had trouble. You can do this by pulling the latest commit Lerna has made with the updated version numbers (
git pull) and
cd-ing into the package folder and running
npm publish --tag alphaor
npm publish --tag latest. DO NOT FORGET THE
- There is a ~5 min delay upon publishing a new NPM package to seeing it in the CLI and npmjs.com website. Just wait!
- If your NPM account requires 2FA (which it should!) Lerna will ask you for a code in the CLI as part of the publish process. Watch out for the prompt, as it is time-sensitive.
- Using either
semantic-releaseor tags from our Pull Requests, we can determine if the next version to publish is a breaking-change or not, and determine if the next version number should be a major/minor/patch change.
- Automatically publish mainline releases.
CI uses a few secrets for authentication:
GITHUB_AUTH- a Github PAT token. This is stored as an environment variable within Circle CI.
NPM_TOKEN- a NPM access token. This is stored as an environment variable within Circle CI.
- A SSH key with write access to the
grouparoo/grouparoorepo. This SSH key is only used for CI to checkout our repositories. CircleCI knows the private key and Github knows the public key.
As a note, we cannot
Include administrators on Github's branch protection for the main or release branches as lerna needs to push it's changes back to the main branch after bumping the version and publishing.