name: 01 - Publish env: prefix: # 'v4-', when v5 is released on: workflow_dispatch: inputs: increment: type: boolean description: 'Would you like to set the version before publishing? (Else: The current version from the code repository will be used.)' default: true tag: type: choice description: Which NPM tag should be assigned? options: - dev - next - latest version: # semver bump keyword passed to scripts/version.mjs type: choice description: SemVer keyword for version bump options: - prerelease - prepatch - patch - preminor - minor label: # pre-release identifier passed as --preid to scripts/version.mjs type: choice description: SemVer pre release label (optional) options: - rc - beta - alpha permissions: contents: read id-token: write jobs: publish: if: github.repository == 'public-ui/kolibri' runs-on: ubuntu-latest permissions: contents: read id-token: write packages: write steps: - uses: actions/create-github-app-token@v3 id: app-token with: client-id: ${{ secrets.APP_ID }} private-key: ${{ secrets.PRIVATE_KEY }} - name: Get GitHub App User ID id: get-user-id run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" env: GH_TOKEN: ${{ steps.app-token.outputs.token }} - uses: actions/checkout@v7 with: token: ${{ steps.app-token.outputs.token }} - name: Install Node.js uses: actions/setup-node@v6 with: node-version: 24 registry-url: https://registry.npmjs.org - name: Install pnpm uses: pnpm/action-setup@v6 id: pnpm-install with: version: 10 - name: Get pnpm store directory id: pnpm-cache shell: bash run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT - uses: actions/cache@v6 name: Setup pnpm cache with: path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} key: ${{ runner.os }}-pnpm-store restore-keys: | ${{ runner.os }}-pnpm-store - name: Install run: pnpm i --frozen-lockfile - name: Configure Git user run: | git config --local user.email "${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com" git config --local user.name "${{ steps.app-token.outputs.app-slug }}[bot]" - name: Bump versions without dev-tag and with git push if: github.event.inputs.increment == 'true' && github.event.inputs.tag != 'dev' run: 'HUSKY=0 node scripts/version.mjs ${{github.event.inputs.version}} --preid=${{github.event.inputs.label}}' - name: Bump versions with dev-tag and without git push if: github.event.inputs.increment == 'true' && github.event.inputs.tag == 'dev' run: 'HUSKY=0 node scripts/version.mjs prerelease --preid=$GITHUB_SHA --no-push' - name: Build run: pnpm -r build - name: Build and publish all packages run: | PACKAGE_DIRS=( 'packages/components' 'packages/adapters/angular/v19' 'packages/adapters/angular/v20' 'packages/adapters/angular/v21' 'packages/adapters/react' 'packages/adapters/react-v19' 'packages/adapters/react-standalone' 'packages/adapters/solid' 'packages/adapters/svelte' 'packages/adapters/vue' 'packages/adapters/preact' 'packages/adapters/hydrate' 'packages/adapters/react-hook-form-adapter' 'packages/tools/kolibri-cli' 'packages/tools/mcp' 'packages/themes/bwst' 'packages/themes/default' 'packages/themes/desy' 'packages/themes/ecl' 'packages/themes/kern' 'packages/themes' 'packages/samples/react' 'packages/tools/visual-tests' ) for DIR in "${PACKAGE_DIRS[@]}"; do echo "Publishing package from ${DIR}" ( cd "$DIR" bash "${GITHUB_WORKSPACE}/scripts/safe-publish.sh" --access public --provenance --no-git-checks --tag "${{env.prefix}}${{github.event.inputs.tag}}" ) done env: NODE_AUTH_TOKEN: ${{secrets.NPMJS_GRANULAR_TOKEN}} NPM_CONFIG_PROVENANCE: true - name: Verify all packages published to npmjs run: | VERSION=$(node -p "require('./package.json').version") echo "Verifying version: $VERSION" FAILED=() PACKAGE_DIRS=( 'packages/components' 'packages/adapters/angular/v19' 'packages/adapters/angular/v20' 'packages/adapters/angular/v21' 'packages/adapters/react' 'packages/adapters/react-v19' 'packages/adapters/react-standalone' 'packages/adapters/solid' 'packages/adapters/svelte' 'packages/adapters/vue' 'packages/adapters/preact' 'packages/adapters/hydrate' 'packages/adapters/react-hook-form-adapter' 'packages/tools/kolibri-cli' 'packages/tools/mcp' 'packages/themes/bwst' 'packages/themes/default' 'packages/themes/desy' 'packages/themes/ecl' 'packages/themes/kern' 'packages/themes' 'packages/samples/react' 'packages/tools/visual-tests' ) for DIR in "${PACKAGE_DIRS[@]}"; do PKG=$(node -p "require('./${DIR}/package.json').name") PUBLISHED=$(npm view "${PKG}@${VERSION}" version --registry https://registry.npmjs.org 2>/dev/null || true) if [ "$PUBLISHED" = "$VERSION" ]; then echo "✅ ${PKG}@${VERSION}" else echo "❌ ${PKG}@${VERSION} – NOT found on npm (got: '$PUBLISHED')" FAILED+=("$PKG") fi done if [ ${#FAILED[@]} -ne 0 ]; then echo "" echo "❌ The following packages were NOT successfully published:" printf ' - %s\n' "${FAILED[@]}" exit 1 fi echo "✅ All ${#PACKAGE_DIRS[@]} packages verified on npmjs registry." env: NODE_AUTH_TOKEN: ${{secrets.NPMJS_GRANULAR_TOKEN}} - name: Update version tag for stable deployments if: github.event.inputs.tag == 'latest' run: | VERSION_TAG="${{env.prefix}}${{github.event.inputs.tag}}" echo "Updating version tag: $VERSION_TAG" git tag -d "$VERSION_TAG" 2>/dev/null || true git push origin ":refs/tags/$VERSION_TAG" 2>/dev/null || true git tag -a "$VERSION_TAG" -m "Update $VERSION_TAG to $(git describe --tags --abbrev=0)" git push origin "$VERSION_TAG" echo "Successfully updated tag $VERSION_TAG"