Tracer-bullet sandbox for testing the release-branch flow we want to roll into triggerdotdev/trigger.dev. Real npm publishes, real Docker builds, real Helm chart pushes — small enough to iterate on, real enough that mistakes show up.
| Piece | Path | Notes |
|---|---|---|
@pkgring/core |
packages/core |
No deps. Foundation package. |
@pkgring/sdk |
packages/sdk |
Depends on core. Tests cross-package version cascade. |
@pkgring/cli |
packages/cli |
Depends on sdk + core. Has a bin. |
@pkgring/web |
apps/web |
Tiny Node HTTP server, packaged as a Docker image. |
| Helm chart | charts/pkgring |
References the web image. |
| Workflows | .github/workflows/*.yml |
The actual artifact under test. |
A successful release publishes:
- npm:
@pkgring/core@X.Y.Z,@pkgring/sdk@X.Y.Z,@pkgring/cli@X.Y.Z(linked viafixed) - Docker:
ghcr.io/ericallam/pkgring-sandbox:vX.Y.Z(multi-arch,latestonly updated on main releases) - Helm:
oci://ghcr.io/ericallam/charts/pkgring:X.Y.Z - GitHub release:
vX.Y.Zwith notes auto-generated from changesets
- Push to GitHub:
gh repo create ericallam/pkgring-sandbox --public --source=. --remote=origin --push - Create npm org
@pkgring:npm org create pkgring(or via npmjs.com UI) - Configure trusted publishing for each package (npmjs.com → package settings → Trusted Publishing):
- Publisher: GitHub Actions
- Repo:
ericallam/pkgring-sandbox - Workflow:
release.yml - Environment:
npm-publish
- Create the
npm-publishenvironment in GitHub repo settings (no secrets needed; OIDC handles auth) - Branch protection on
mainandrelease/*: require PRs, allow squash merge
The Docker + Helm pipelines use ${{ secrets.GITHUB_TOKEN }} and need no extra setup.
pnpm install
pnpm run build
pnpm run typecheck
pnpm run changeset:add # add a changeset for a changeThree flows live side by side. They share workflow files; the difference is which branch the changesets live on and whether .changeset/pre.json is present.
release.yml figures out which flow you're in by inspecting the version it's about to publish and the current latest on npm. See the decision table for the full matrix.
- Merge PRs to main with changesets
changesets-pr.ymlopens / refresheschangeset-release/main- Merge that PR
release.ymlpublishes everything: npm underlatest, Docker:latest+:release-X.Yupdated, GitHub release marked Latest, marketing-site dispatch fires
See docs/RELEASE-BRANCHES.md. TL;DR:
git switch -c release/1.2.x v1.2.0 # cut from the last good tag
git cherry-pick <fix-sha> # bring in the fix
pnpm run changeset:add # patch
git push origin release/1.2.x # changesets-pr.yml opens
# changeset-release/release/1.2.x
# ... merge that PR; release.yml ships v1.2.1.If 1.2.1 is lower than the current npm latest (main has moved on), the hotfix publishes under dist-tag release-1.2 and skips Docker :latest + GitHub Latest badge. The :release-1.2 Docker line tag IS updated.
See docs/RC-FLOW.md. TL;DR:
git switch main
pnpm exec changeset pre enter rc # creates .changeset/pre.json
git add .changeset/pre.json
git commit -m "chore: enter prerelease mode (rc)"
git push # bot regenerates PR as v0.6.0-rc.0
# ... merge that PR; release.yml ships 0.6.0-rc.0 under dist-tag `rc`.
# Iterate: every new changeset merged to main bumps to rc.1, rc.2, …
# When stable-ready: `pnpm exec changeset pre exit`, push, merge → ships 0.6.0.RC publishes never claim latest, skip the Docker :latest and :release-X.Y line tags, mark the GitHub release as Pre-release, and skip the marketing-site changelog dispatch. The stable cut-over (pre exit) restores all the Latest signals.
See docs/TESTING.md for thirteen scenarios — eight for the hotfix flow, five for the RC flow — to mechanically run before porting these workflows back to trigger.dev.
Free. Public repo on GitHub (Actions minutes free), public npm org (free), GHCR (free for public packages). The only "cost" is npm version numbers — every test consumes them forever.