Skip to content

Combine release workflows into one file #448

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 4, 2025
Merged

Combine release workflows into one file #448

merged 1 commit into from
Nov 4, 2025

Conversation

@jonrohan
Copy link
Member

@jonrohan jonrohan commented Nov 4, 2025

@jonrohan jonrohan requested a review from a team as a code owner November 4, 2025 18:34
@jonrohan jonrohan requested review from Copilot and pksjce November 4, 2025 18:34
@changeset-bot
Copy link

changeset-bot bot commented Nov 4, 2025

⚠️ No Changeset found

Latest commit: 3564b1f

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Copilot AI reviewed Nov 4, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR consolidates three separate GitHub Actions workflow files for releasing different versions (main, canary, and release candidate) into a single unified workflow file. The changes streamline the release process by reducing workflow file duplication and modernizing the configuration.

Key changes:

  • Removes two standalone workflow files (release_canary.yml and release_candidate.yml) and merges their functionality into release.yml as separate jobs
  • Updates Node.js version from 20 to 24 and actions/setup-node from v4 to v6
  • Adds enhanced security with OIDC permissions and improved concurrency control

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
.github/workflows/release_candidate.yml Deleted file - functionality moved to release.yml
.github/workflows/release_canary.yml Deleted file - functionality moved to release.yml
.github/workflows/release.yml Consolidated all release workflows into a single file with separate jobs for main, canary, and candidate releases

.github/workflows/release.yml
Comment on lines +67 to +72
- name: Publish canary version
run: |
echo "$( jq '.version = "0.0.0"' package.json )" > package.json
echo -e "---\n'eslint-plugin-primer-react': patch\n---\n\nFake entry to force publishing" > .changeset/force-snapshot-release.md
npx changeset version --snapshot
npx changeset publish --tag canary
Copy link

Copilot AI Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The canary release job is missing NPM authentication configuration. The original release_canary.yml workflow included a 'Create .npmrc' step that set up NPM_AUTH_TOKEN_SHARED for publishing. Without this authentication, the 'npx changeset publish' command on line 72 will likely fail.

Copilot uses AI. Check for mistakes.
.github/workflows/release.yml
Comment on lines +117 to +121
- name: Publish release candidate
run: |
version=$(jq -r .version package.json)
echo "$( jq ".version = \"$(echo $version)-rc.$(git rev-parse --short HEAD)\"" package.json )" > package.json
yarn publish --tag next
Copy link

Copilot AI Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The release candidate job is missing NPM authentication configuration. The original release_candidate.yml workflow included a 'Create .npmrc' step that set up NPM_AUTH_TOKEN_SHARED for publishing. Without this authentication, the 'yarn publish' command on line 121 will likely fail.

Copilot uses AI. Check for mistakes.
.github/workflows/release.yml
run: |
version=$(jq -r .version package.json)
echo "$( jq ".version = \"$(echo $version)-rc.$(git rev-parse --short HEAD)\"" package.json )" > package.json
yarn publish --tag next
Copy link

Copilot AI Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using 'yarn publish' is inconsistent with the rest of the workflow which uses npm commands (npm ci, npm run build). The canary job on line 72 uses 'npx changeset publish' which is the correct approach. This should be changed to use npm/npx for consistency and to properly leverage the changeset tooling already in use.

Suggested change
yarn publish --tag next
npx changeset publish --tag next

Copilot uses AI. Check for mistakes.
@jonrohan jonrohan merged commit 85e9ab2 into main Nov 4, 2025
20 of 22 checks passed
@jonrohan jonrohan deleted the combine_release_workflows branch November 4, 2025 18:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@joshblack joshblack joshblack approved these changes

@pksjce pksjce Awaiting requested review from pksjce pksjce is a code owner automatically assigned from primer/engineer-reviewers

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jonrohan @joshblack