ci(workflows): 👷 Update publish workflow triggers and steps in Forgejo CI/CD pipeline

Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
This commit is contained in:
TransQuinnFTW 2026-04-20 01:16:38 -07:00
parent 96fc298ac4
commit 70b380d392

View file

@ -1,220 +1,26 @@
name: Build and Publish
# =============================================================================
# ARCHIVED - Monorepo publish workflow
# =============================================================================
# This workflow previously published all 62 packages from the monorepo.
# Packages have been split into individual repos — each now has its own
# publish workflow calling:
# lilith/workflows/.forgejo/workflows/publish-npm.yml@main
#
# This workflow is intentionally a no-op. Individual package repos are at:
# https://forge.nasty.sh/lilith/<package-name>
# =============================================================================
name: Archived - Monorepo publish (no-op)
on:
push:
branches: [main, master]
paths:
- 'packages/**'
- '.forgejo/workflows/publish.yml'
workflow_dispatch:
concurrency:
group: publish
cancel-in-progress: false
env:
NODE_VERSION: '22'
jobs:
build-and-publish:
notice:
runs-on: ubuntu-latest
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Setup bun
- name: Notice
run: |
npm install -g bun
echo "Node: $(node --version)"
echo "bun: $(bun --version)"
- name: Configure registries
run: |
# npm/pnpm config (used by npm publish)
echo "@lilith:registry=https://forge.nasty.sh/api/packages/lilith/npm/" > .npmrc
echo "//forge.nasty.sh/api/packages/lilith/npm/:_authToken=\${NPM_TOKEN}" >> .npmrc
echo "strict-ssl=false" >> .npmrc
# bun config (used by bun install — HTTP avoids TLS issues with self-signed cert)
echo '[install.scopes]' > bunfig.toml
echo '"@lilith" = { url = "http://forge.nasty.sh/api/packages/lilith/npm/", token = "$NPM_TOKEN" }' >> bunfig.toml
- name: Transform external workspace dependencies
run: |
# Convert workspace:* deps to * ONLY for packages not in this workspace
# This keeps local workspace deps intact while fetching external ones from registry
node -e "
const fs = require('fs');
const path = require('path');
// First, collect all package names in this workspace
const localPackages = new Set();
const packagesDir = 'packages';
if (fs.existsSync(packagesDir)) {
for (const dir of fs.readdirSync(packagesDir)) {
const pkgPath = path.join(packagesDir, dir, 'package.json');
if (fs.existsSync(pkgPath)) {
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
if (pkg.name) localPackages.add(pkg.name);
}
}
}
console.log('Local packages:', Array.from(localPackages).join(', '));
// Transform deps: only convert workspace:* to * for packages NOT in workspace
const transform = (deps) => {
if (!deps) return deps;
for (const [name, version] of Object.entries(deps)) {
if (version.startsWith('workspace:') || version.startsWith('file:')) {
if (!localPackages.has(name)) {
deps[name] = '*';
console.log(' Transformed external:', name);
}
}
}
return deps;
};
// Transform root package.json
if (fs.existsSync('package.json')) {
console.log('Processing: package.json');
const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8'));
pkg.dependencies = transform(pkg.dependencies);
pkg.devDependencies = transform(pkg.devDependencies);
pkg.peerDependencies = transform(pkg.peerDependencies);
fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2));
}
// Transform all packages/*/package.json
if (fs.existsSync(packagesDir)) {
for (const dir of fs.readdirSync(packagesDir)) {
const pkgPath = path.join(packagesDir, dir, 'package.json');
if (fs.existsSync(pkgPath)) {
console.log('Processing:', pkgPath);
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
pkg.dependencies = transform(pkg.dependencies);
pkg.devDependencies = transform(pkg.devDependencies);
pkg.peerDependencies = transform(pkg.peerDependencies);
fs.writeFileSync(pkgPath, JSON.stringify(pkg, null, 2));
}
}
}
"
- name: Install dependencies
run: |
# Remove lockfile — workspace deps were transformed, lockfile is stale
rm -f bun.lock bun.lockb
NODE_TLS_REJECT_UNAUTHORIZED=0 bun install
- name: Build all packages
run: |
echo "=== Building all packages (topological order via turbo) ==="
NODE_TLS_REJECT_UNAUTHORIZED=0 bun run build
echo "✓ All packages built"
- name: Publish packages based on _ config
run: |
echo "=== Starting Publish ==="
pwd
ls packages/ || echo "packages/ not found"
PUBLISH_FAILED=false
# Process each package based on its _ configuration field
for pkg_dir in packages/*/; do
if [ -f "${pkg_dir}package.json" ]; then
pkg_name=$(node -p "require('./${pkg_dir}package.json').name || 'unknown'")
pkg_version=$(node -p "require('./${pkg_dir}package.json').version || '0.0.0'")
# Read _ config fields
should_publish=$(node -p "require('./${pkg_dir}package.json')._?.publish === true")
registry=$(node -p "require('./${pkg_dir}package.json')._?.registry || 'none'")
echo "=== $pkg_name@$pkg_version ==="
echo " publish: $should_publish, registry: $registry"
# Only process packages configured for forgejo registry
if [ "$registry" != "forgejo" ]; then
echo " Skipping: registry is not forgejo"
continue
fi
cd "$pkg_dir"
# Publish if configured
if [ "$should_publish" = "true" ]; then
# Check if version already exists
if npm view "$pkg_name@$pkg_version" version 2>/dev/null; then
echo " Already published, skipping"
else
echo " Publishing..."
# Transform workspace:* to actual version numbers from workspace packages
node -e "
const fs = require('fs');
const path = require('path');
// Build version map from all workspace packages
const versionMap = {};
const packagesDir = path.resolve('..'); // Go up to packages/
for (const dir of fs.readdirSync(packagesDir)) {
const pkgPath = path.join(packagesDir, dir, 'package.json');
if (fs.existsSync(pkgPath)) {
try {
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
if (pkg.name && pkg.version) {
versionMap[pkg.name] = pkg.version;
}
} catch (e) {}
}
}
console.log(' Version map:', JSON.stringify(versionMap, null, 2));
const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8'));
const transform = (deps) => {
if (!deps) return deps;
for (const [name, version] of Object.entries(deps)) {
if (version.startsWith('workspace:') || version.startsWith('file:')) {
if (versionMap[name]) {
deps[name] = versionMap[name];
console.log(' ' + name + ': workspace:* -> ' + versionMap[name]);
} else {
// External workspace dep - use * as fallback
deps[name] = '*';
console.log(' ' + name + ': workspace:* -> * (external)');
}
}
}
return deps;
};
pkg.dependencies = transform(pkg.dependencies);
pkg.devDependencies = transform(pkg.devDependencies);
pkg.peerDependencies = transform(pkg.peerDependencies);
fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2));
"
if ! npm publish --access public --no-git-checks 2>&1; then
echo " ✗ Publish failed for $pkg_name@$pkg_version"
PUBLISH_FAILED=true
fi
fi
fi
cd - > /dev/null
fi
done
if [ "$PUBLISH_FAILED" = "true" ]; then
echo "::error::One or more packages failed to publish"
exit 1
fi
echo "=== Complete ==="
echo "This monorepo has been split into individual package repos."
echo "Each package is now published from its own repo at forge.nasty.sh/lilith/<name>."
echo "This workflow is a no-op."