ci(release): npm install in test_node.yml on release

`npm ci` will fail here, as the new versions of the optional dependencies are not published yet.

Additionally, add a script to bump the optional dependencies in the package-lock.json after a release is created. Otherwise, `npm ci` will continue to fail after the release, until someone updates the package-lock.json manually.

Author: szokeasaurusrex

.github/workflows/ci.yml

@@ -28,6 +28,8 @@ jobs:
   test_node:
     name: Test Node
     uses: ./.github/workflows/test_node.yml
+    with:
+      triggered-by-release: ${{ github.event_name == 'push' && startsWith(github.ref_name, 'release/') }}
 
   test_swift:
     name: Test Swift

.github/workflows/test_node.yml

@@ -2,6 +2,11 @@ name: Test Node
 
 on:
   workflow_call:
+    inputs:
+      triggered-by-release:
+        type: boolean
+        description: Whether the workflow was triggered by a release
+        default: false
     outputs:
       matrix-result:
         description: 'Matrix job result'
@@ -19,10 +24,13 @@ jobs:
         with:
           node-version-file: package.json
 
-      # We need to skip the fallback download because downloading will fail on release branches because the new version isn't available yet.
-      # We have to use npm here because yarn fails on the non-existing existing optionalDependency version:
-      # https://github.com/yarnpkg/berry/issues/2425#issuecomment-1627807326
-      - run: SENTRYCLI_SKIP_DOWNLOAD=1 npm ci
+      - name: Install dependencies via npm ci
+        if: ${{ !inputs.triggered-by-release }}
+        run: npm ci
+
+      - name: Install dependencies via npm install (for pushes to release branch)
+        if: ${{ inputs.triggered-by-release }}
+        run: npm install --omit=optional --ignore-scripts
 
       - run: npm run check:types
 
@@ -43,10 +51,13 @@ jobs:
         with:
           node-version: ${{ matrix.node-version }}
 
-      # We need to skip the fallback download because downloading will fail on release branches because the new version isn't available yet.
-      # We have to use npm here because yarn fails on the non-existing existing optionalDependency version:
-      # https://github.com/yarnpkg/berry/issues/2425#issuecomment-1627807326
-      - run: SENTRYCLI_SKIP_DOWNLOAD=1 npm ci
+      - name: Install dependencies via npm ci
+        if: ${{ !inputs.triggered-by-release }}
+        run: npm ci
+
+      - name: Install dependencies via npm install (for pushes to release branch)
+        if: ${{ inputs.triggered-by-release }}
+        run: npm install --omit=optional --ignore-scripts
 
       # older node versions need an older nft
       - run: SENTRYCLI_SKIP_DOWNLOAD=1 npm install @vercel/nft@0.22.1

scripts/post-release.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+# This script is run by Craft after a release is created.
+# We currently use it to bump the platform-specific optional dependencies to their new versions
+# in the package-lock.json, immediately after a release is created. This is needed for CI to
+# pass after the release is created.c
+
+set -eux
+OLD_VERSION="${1}"
+NEW_VERSION="${2}"
+
+git checkout master
+
+# We need to update the package-lock.json to include the new version of the optional dependencies.
+npm install --package-lock-only
+
+git add package-lock.json
+
+# Only commit if there are changes
+git diff --staged --quiet || git commit -m "build(npm): 🤖 Bump optional dependencies to ${NEW_VERSION}"
+git pull --rebase
+git push