hongaar / semantic-release-yarn Goto Github PK

View Code? Open in Web Editor NEW

19.0 2.0 1.0 4.46 MB

🧶 A semantic-release plugin to publish npm packages with Yarn. Comes with built-in support for monorepos.

License: MIT License

JavaScript 0.13% Shell 0.12% TypeScript 99.74%

monorepo npm plugin release-automation semantic-release yarn

semantic-release-yarn's Introduction

semantic-release-yarn

A semantic-release plugin to publish npm packages with Yarn. Comes with built-in support for monorepos.

 {
   "branches": ["main"],
   "plugins": [
     "@semantic-release/commit-analyzer",
     "@semantic-release/release-notes-generator",
-    "@semantic-release/npm",
+    "semantic-release-yarn",
     "@semantic-release/github",
     "@semantic-release/git"
   ]
 }

Install
Usage
NPM registry authentication
Monorepo support
Configuration
Examples
- Only create package tarball
Plugin steps
Development
- Roadmap
Credits

Install

yarn add --dev semantic-release-yarn

Note: this plugin only works with Yarn 2 and higher.

Usage

Use this plugin instead of the default @semantic-release/npm. The plugin must be added in the semantic-release configuration, for example:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    "semantic-release-yarn",
    "@semantic-release/github",
    "@semantic-release/git"
  ]
}

NPM registry authentication

Providing a NPM access token in your configuration is required and can be set either via environment variables or the .yarnrc.yml file.

Make sure your access token has write access to the package you want to publish:

When using a classic/legacy token, it must be either:
- A "Publish" token if you're not using 2FA or if 2FA is disabled for write operations (The "Require two-factor authentication for write actions" is unchecked in your 2FA settings)
- An "Automation" token if 2FA is enabled for write operations (The "Require two-factor authentication for write actions" is checked in your 2FA settings)
When using a granular access token make sure it has "Read and write" permissions on the package you want to publish.

Note: only the npmAuthToken is supported. The legacy npmAuthIdent (username:password) authentication is strongly discouraged and not supported by this plugin.

Monorepo support

Currently, simple monorepo versioning and publishing is supported. All workspaces versions will be aligned (a.k.a. fixed/locked mode) and when a new release is due, all workspaces will be published to the NPM registry.

Monorepos are detected by the presence of a workspaces option in the root package.json file, for example:

{
  "workspaces": ["packages/*"]
}

You can set the mainWorkspace plugin option to use in notifications of new releases (e.g. in issue and pull request comments made by the @semantic-release/github plugin.

See our roadmap for further implementation status.

Configuration

Environment variables

Variable	Description
`YARN_NPM_AUTH_TOKEN`	NPM access token. Translates to the npmAuthToken `.yarnrc.yml` option.
`YARN_NPM_PUBLISH_REGISTRY`	NPM registry to use. Translates to the npmPublishRegistry `.yarnrc.yml` option.

Most other Yarn options could be specified as environment variables as well. Just prefix the names and write them in snake case. Refer to the Yarnrc files documentation to see all options.

Note: the configuration set by environment variables will take precedence over configuration set in the .yarnrc.yml file.

`.yarnrc.yml` file

Options can also be set in a .yarnrc.yml file. See Yarnrc files for the complete list of option.

`package.json` file

The registry can be configured in the package.json and will take precedence over the configuration in environment variables and the .yarnrc.yml file:

{
  "publishConfig": {
    "registry": "https://registry.npmjs.org/"
  }
}

Note: the @semantic-release/npm plugin supports setting the publishConfig.tag option. However, Yarn 2 doesn't seem to > support this.

Plugin options

These options can be added to the semantic-release configuration, for example:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    [
      "semantic-release-yarn",
      {
        "npmPublish": false
      }
    ],
    "@semantic-release/github"
  ]
}

Options	Description	Default
`npmPublish`	Whether to publish the NPM package to the registry. If `false` the `package.json` version will still be updated.	`false` if the `package.json` private property is `true` and no monorepo is detected, `true` otherwise.
`pkgRoot`	Directory path to publish.	`.`
`tarballDir`	Directory path in which to write the package tarball. If `false` the tarball is not kept on the file system.
`mainWorkspace`	Name of monorepo workspace to be used in release info

Note: the pkgRoot directory must contain a package.json. The version will be updated only in the package.json within the pkgRoot directory.

Examples

Only create package tarball

The npmPublish and tarballDir option can be used to skip the publishing to the NPM registry and instead release the package tarball with another plugin. For example with the @semantic-release/github plugin:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    [
      "semantic-release-yarn",
      {
        "npmPublish": false,
        "tarballDir": "dist"
      }
    ],
    [
      "@semantic-release/github",
      {
        "assets": "dist/*.tgz"
      }
    ]
  ]
}

Plugin steps

Step	Description
`verifyConditions`	Verify Yarn 2 or higher is installed, verify the presence of a NPM auth token (either in an environment variable or an `.yarnrc.yml` file) and verify the authentication method is valid.
`prepare`	Update the `package.json` version and create the package tarball.
`addChannel`	Add a tag for the release.
`publish`	Publish to the npm registry.

Development

After cloning this repository, optionally install husky so you never commit incorrectly formatted code:

yarn husky install

Roadmap

Monorepo support
- Support for fixed versions
- Support for private/non-private root package
- Support for channels
- Support for release information for each workspace
- Support for independant versions (probably impossible without custom analyze-commits plugin)
Get rid of CJS build once upstream PR 2607 lands
Since we're using the latest AggregateError package, semantic-release is not picking up our error stack and we get a generic error message instead of a well formatted one. Hope this can be fixed once upstream PR #2631 lands

Credits

©️ Copyright 2022 Joram van den Boezem
♻️ Licensed under the MIT license
⚡ Powered by Node.js and TypeScript (and a lot of amazing open source packages)
🚀 This plugin is forked from the core @semantic-release/npm plugin.

semantic-release-yarn's People

Contributors

Stargazers

Watchers

Forkers

nigelzor

semantic-release-yarn's Issues

GitLab CI build fails with No ancestor could be found between any of HEAD and master, origin/master, upstream/master, main, origin/main, upstream/main

When running under GitLab CI, the plugin executes yarn version and I get the error:

No ancestor could be found between any of HEAD and master, origin/master, upstream/master, main, origin/main, upstream/main

I can run yarn version in the project just fine locally, but if I add that command to the GitLab CI job (and not use the plugin), I can reproduce the error. I suspect the problem is related to GitLab CI checking out the project in a detached head state.

I haven't been able to find a solution, so I may just write my own plugin that uses jq to update the package version.

The automated release is failing 🚨

🚨 The automated release from the `main` branch failed. 🚨

I recommend you give this issue a high priority, so other packages depending on you can benefit from your bug fixes and new features again.

You can find below the list of errors reported by semantic-release. Each one of them has to be resolved in order to automatically publish your package. I’m sure you can fix this 💪.

Errors are usually caused by a misconfiguration or an authentication problem. With each error reported below you will find explanation and guidance to help you to resolve it.

Once all the errors are resolved, semantic-release will release your package the next time you push a commit to the main branch. You can also manually restart the failed CI job that runs semantic-release.

If you are not sure how to resolve this, here are some links that can help you:

If those don’t help, or if this issue is reporting something you think isn’t right, you can always ask the humans behind semantic-release.

Cannot push to the Git repository.

semantic-release cannot push the version tag to the branch main on the remote Git repository with URL https://[secure]@github.com/hongaar/semantic-release-yarn.git.

This can be caused by:

a misconfiguration of the repositoryUrl option
the repository being unavailable
or missing push permission for the user configured via the Git credentials on your CI environment

Good luck with your project ✨

Your semantic-release bot 📦🚀

Document Gitlab configuration

Add to readme:

variables:
  GIT_STRATEGY: clone

Originally posted by @hongaar in #200 (comment)

Workspaces are not correctly handled in yarn v4

Using workspaces with yarn v4 does not work as --all, --recursive or --worktree argument is mandatory now.

Link to the changelog of yarn 4 : https://yarnpkg.com/advanced/changelog#major-changes

Example of stacktrace:

Usage Error: Invalid option schema: missing at least one property from "all", "recursive", "since", or "worktree"
$ yarn workspaces foreach [--from #0] [-A,--all] [-R,--recursive] [-W,--worktree] [-v,--verbose] [-p,--parallel] [-i,--interlaced] [-j,--jobs #0] [-t,--topological] [--topological-dev] [--include #0] [--exclude #0] [--no-private] [--since] [-n,--dry-run] <commandName> ...
    at makeError (file:///builds/Shauni/monorepo-example/.yarn/cache/execa-npm-8.0.1-0211bd404c-d2ab5fe1e2.zip/node_modules/execa/lib/error.js:60:11)
    at handlePromise (file:///builds/Shauni/monorepo-example/.yarn/cache/execa-npm-8.0.1-0211bd404c-d2ab5fe1e2.zip/node_modules/execa/index.js:124:26)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async prepare (file:///builds/Shauni/monorepo-example/.yarn/__virtual__/semantic-release-yarn-virtual-1341558b4b/0/cache/semantic-release-yarn-npm-2.0.2-cefdfa588d-51b71877f1.zip/node_modules/semantic-release-yarn/dist/prepare.js:28:5)
    at async prepare (file:///builds/Shauni/monorepo-example/.yarn/__virtual__/semantic-release-yarn-virtual-1341558b4b/0/cache/semantic-release-yarn-npm-2.0.2-cefdfa588d-51b71877f1.zip/node_modules/semantic-release-yarn/dist/index.js:31:5)
    at async validator (file:///builds/Shauni/monorepo-example/.yarn/cache/semantic-release-npm-22.0.5-ef3ebea609-c8ec10d4a6.zip/node_modules/semantic-release/lib/plugins/normalize.js:36:24)
    at async file:///builds/Shauni/monorepo-example/.yarn/cache/semantic-release-npm-22.0.5-ef3ebea609-c8ec10d4a6.zip/node_modules/semantic-release/lib/plugins/pipeline.js:38:36
    at async Promise.all (index 0)
    at async next (file:///builds/Shauni/monorepo-example/.yarn/cache/p-reduce-npm-3.0.0-a4e7df18a7-387de355e9.zip/node_modules/p-reduce/index.js:15:44) {
  shortMessage: 'Command failed with exit code 1: yarn workspaces foreach --topological --verbose --no-private version 1.1.0 --immediate',
  command: 'yarn workspaces foreach --topological --verbose --no-private version 1.1.0 --immediate',
  escapedCommand: 'yarn workspaces foreach --topological --verbose --no-private version 1.1.0 --immediate',
  exitCode: 1,
  signal: undefined,
  signalDescription: undefined,
  stdout: '\x1B[31m\x1B[1mUsage Error\x1B[22m\x1B[39m: Invalid option schema: missing at least one property from "all", "recursive", "since", or "worktree"\n' +
    '\n' +
    '\x1B[1m$ \x1B[22myarn workspaces foreach [--from #0] [-A,--all] [-R,--recursive] [-W,--worktree] [-v,--verbose] [-p,--parallel] [-i,--interlaced] [-j,--jobs #0] [-t,--topological] [--topological-dev] [--include #0] [--exclude #0] [--no-private] [--since] [-n,--dry-run] <commandName> ...',
  stderr: '',
  cwd: '/builds/Shauni/monorepo-example',
  failed: true,
  timedOut: false,
  isCanceled: false,
  killed: false,
  pluginName: 'semantic-release-yarn'
}

I will suggest to use --worktree as it was the default value in v3 ^^

Edit: after some tests it seems that --worktree doesn't exist in v3. Should we use --all or another argument to avoid checking yarn's version?

Does not work with v4

Full error stack

Error: Command failed with exit code 1: yarn plugin import version
➤ YN0051: Couldn't find a plugin named @yarnpkg/plugin-version on the remote registry.
A plugin named @yarnpkg/plugin-version is already installed; possibly attempting to import a built-in plugin.
➤ YN0000: Failed with errors in 0s 378ms
    at makeError (file:///home/vsts/work/1/s/node_modules/execa/lib/error.js:60:11)
    at handlePromise (file:///home/vsts/work/1/s/node_modules/execa/index.js:124:26)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async installYarnPluginIfNeeded (file:///home/vsts/work/1/s/node_modules/semantic-release-yarn/dist/yarn-plugins.js:13:9)
    at async prepare (file:///home/vsts/work/1/s/node_modules/semantic-release-yarn/dist/prepare.js:20:5)
    at async prepare (file:///home/vsts/work/1/s/node_modules/semantic-release-yarn/dist/index.js:31:5)
    at async validator (file:///home/vsts/work/1/s/node_modules/semantic-release/lib/plugins/normalize.js:36:24)
    at async file:///home/vsts/work/1/s/node_modules/semantic-release/lib/plugins/pipeline.js:38:36
    at async Promise.all (index 0)
    at async next (file:///home/vsts/work/1/s/node_modules/p-reduce/index.js:15:44) {
  shortMessage: 'Command failed with exit code 1: yarn plugin import version',
  command: 'yarn plugin import version',
  escapedCommand: 'yarn plugin import version',
  exitCode: 1,
  signal: undefined,
  signalDescription: undefined,
  stdout: "➤ YN0051: Couldn't find a plugin named @yarnpkg/plugin-version on the remote registry.\n" +
    'A plugin named @yarnpkg/plugin-version is already installed; possibly attempting to import a built-in plugin.\n' +
    '➤ YN0000: Failed with errors in 0s 378ms',
  stderr: '',
  cwd: '/home/vsts/work/1/s/packages/design-system',
  failed: true,
  timedOut: false,
  isCanceled: false,
  killed: false,
  pluginName: 'semantic-release-yarn'

This is the most important bit:

A plugin named @yarnpkg/plugin-version is already installed; possibly attempting to import a built-in plugin.

This comes as a surprise, because installYarnPluginIfNeeded looks really well written and I don't see why it wouldn't work 🤔

Anyway, the simplest fix would be to just skip installYarnPluginIfNeeded altogether if v4 is detected, as all plugins are now built-in.

Is there any example of use the env vars? (eg: YARN_NPM_AUTH_TOKEN)

is this used in .yarnrc like this:

npmAuthToken: ${YARN_NPM_AUTH_TOKEN}
?