service role support (#19) #19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Package Main Preview Publish | |
| on: | |
| push: | |
| branches: [main] | |
| jobs: | |
| publish-main-preview: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Enable corepack | |
| run: corepack enable | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: "npm" | |
| registry-url: "https://registry.npmjs.org" | |
| - name: Install dependencies | |
| run: npm install | |
| - name: Build package | |
| run: npm run build | |
| - name: Generate preview package name and version | |
| id: preview_info | |
| run: | | |
| COMMIT_HASH="${{ github.sha }}" | |
| SHORT_COMMIT="${COMMIT_HASH:0:7}" | |
| # Get current version from package.json | |
| BASE_VERSION=$(node -p "require('./package.json').version") | |
| # Format: 0.3.0-dev.abc1234 (valid semver prerelease) | |
| PREVIEW_VERSION="$BASE_VERSION-dev.$SHORT_COMMIT" | |
| echo "version=$PREVIEW_VERSION" >> $GITHUB_OUTPUT | |
| echo "package_name=@base44-preview/sdk" >> $GITHUB_OUTPUT | |
| echo "full_package=@base44-preview/sdk@$PREVIEW_VERSION" >> $GITHUB_OUTPUT | |
| - name: Update package.json for preview | |
| run: | | |
| # Create a backup of original package.json | |
| cp package.json package.json.bak | |
| # Get the official package name for safety checks | |
| OFFICIAL_PACKAGE=$(node -p "require('./package.json').name") | |
| PREVIEW_PACKAGE="${{ steps.preview_info.outputs.package_name }}" | |
| echo "Official package: $OFFICIAL_PACKAGE" | |
| echo "Preview package: $PREVIEW_PACKAGE" | |
| # Safety check: Ensure we're not accidentally using the official package name | |
| if [ "$PREVIEW_PACKAGE" = "$OFFICIAL_PACKAGE" ]; then | |
| echo "❌ ERROR: Preview package name matches official package name!" | |
| echo "This would overwrite the official package. Aborting." | |
| exit 1 | |
| fi | |
| # Update name with error handling | |
| if ! npm pkg set name="$PREVIEW_PACKAGE"; then | |
| echo "❌ ERROR: Failed to set package name to $PREVIEW_PACKAGE" | |
| exit 1 | |
| fi | |
| # Update version with error handling | |
| if ! npm pkg set version="${{ steps.preview_info.outputs.version }}"; then | |
| echo "❌ ERROR: Failed to set package version to ${{ steps.preview_info.outputs.version }}" | |
| exit 1 | |
| fi | |
| echo "✅ Package.json updated successfully" | |
| - name: Final safety check before publish | |
| run: | | |
| # Double-check package name one more time before publishing | |
| CURRENT_PACKAGE_NAME=$(node -p "require('./package.json').name") | |
| OFFICIAL_PACKAGE=$(jq -r '.name' package.json.bak) | |
| echo "About to publish: $CURRENT_PACKAGE_NAME" | |
| if [ "$CURRENT_PACKAGE_NAME" = "$OFFICIAL_PACKAGE" ]; then | |
| echo "❌ CRITICAL ERROR: About to publish to official package name!" | |
| echo "This is not allowed. Check the workflow configuration." | |
| exit 1 | |
| fi | |
| echo "✅ Safety check passed. Package name is safe to publish." | |
| - name: Publish preview package | |
| run: | | |
| if npm publish --tag preview; then | |
| echo "✅ Package published successfully" | |
| else | |
| echo "❌ Package publish failed" | |
| exit 1 | |
| fi | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: Restore original package.json | |
| if: always() | |
| run: | | |
| if [ -f package.json.bak ]; then | |
| mv package.json.bak package.json | |
| echo "✅ Original package.json restored" | |
| else | |
| echo "❌ WARNING: Backup file package.json.bak not found" | |
| echo "This could indicate an earlier step failed" | |
| fi | |
| permissions: | |
| contents: read |