Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configure GitHub bot for automated releases and protected branches #104

Closed
jwulf opened this issue Apr 4, 2024 · 4 comments
Closed

Configure GitHub bot for automated releases and protected branches #104

jwulf opened this issue Apr 4, 2024 · 4 comments
Assignees
Labels
friction This is an issue that is slowing down development, but can be worked around

Comments

@jwulf
Copy link
Member

jwulf commented Apr 4, 2024

The workflow is like this:

All development work should be done via PRs against the alpha branch.

When a PR is merged to alpha, the tests are run, then semantic-release runs to determine if a new release is required. If it is, then an alpha package is published to NPM.

Production releases are accomplished by opening a PR from alpha to main.

When a PR is merged into main, semantic-release runs and if a new package release is required, a package is published to NPM.

@jwulf
Copy link
Member Author

jwulf commented Apr 4, 2024

The challenge here is that branch protection rules that require a PR thwart semantic release, which needs to push tags, updated package.json and CHANGELOG.md directly to the branch.

A potential solution to this is detailed here: https://gonzalohirsch.com/blog/semantic-release-and-branch-protection-rules/

@jwulf
Copy link
Member Author

jwulf commented Apr 4, 2024

This solution requires installing a GitHub App in the repository, which is a permissions issue.

GitHub Copilot suggests an alternative: turn off branch protection, and:

Developers create feature branches off the alpha branch and open pull requests to merge their changes back into alpha.

When the changes in alpha are ready to be released, the CI runs semantic-release on the alpha branch. semantic-release determines the next version number based on the commits, generates the release notes, updates the version number in package.json, creates a git tag, pushes the changes back to alpha, and publishes the package to the npm registry.

When alpha is ready to be merged into main, a pull request is opened to merge alpha into main.

The CI runs semantic-release on the main branch. semantic-release determines the next version number based on the commits, generates the release notes, updates the version number in package.json, creates a git tag, pushes the changes back to main, and publishes the package to the npm registry.

@jwulf
Copy link
Member Author

jwulf commented Apr 5, 2024

This workflow is implemented now. This allows releases to take place, but does not enforce pull requests to the release branches (main and alpha). This means we need to have explicit knowledge and manual discipline to make sure that releases are not done inadvertently.

I've put in a request to have a GitHub App added to the repo to allow this one to be implemented later. That workflow will enforce PRs to be merged to create a release at the repo level.

@jwulf jwulf self-assigned this Apr 7, 2024
@jwulf jwulf changed the title Configure automated releases Configure GitHub bot for automated releases and protected branches Apr 8, 2024
@jwulf jwulf added the friction This is an issue that is slowing down development, but can be worked around label May 9, 2024
@jwulf
Copy link
Member Author

jwulf commented Sep 19, 2024

Automated releases from main are working.

@jwulf jwulf closed this as completed Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
friction This is an issue that is slowing down development, but can be worked around
Projects
Status: ✅ Done
Development

No branches or pull requests

1 participant