Backfill GitHub Package Registry #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Backfill GitHub Package Registry | |
| # Manually triggered. Copies versions already published on npm into the GitHub | |
| # Package Registry (GHR) so GHR mirrors npm. Re-publishing the npm tarball | |
| # guarantees the GHR copy is byte-identical to what npm consumers received | |
| # (no rebuild). | |
| # | |
| # dist-tags: scripts/publish.sh computes the tag for each version from the | |
| # version string against GHR's current latest (latest only when strictly newer, | |
| # otherwise v<major>-last-published; beta/alpha/rc for pre-releases), so latest | |
| # never moves backwards while backfilling historical versions. | |
| # | |
| # Idempotent: scripts/publish.sh skips any version already present on GHR, so | |
| # this can be re-run safely. | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: "Single version to backfill (e.g. 5.3.4). Leave blank to process all published npm versions (versions already on GHR are skipped)." | |
| required: false | |
| default: "" | |
| dry_run: | |
| description: "Dry run: report what would be published to GHR without publishing." | |
| type: boolean | |
| required: false | |
| default: false | |
| jobs: | |
| backfill: | |
| name: Backfill npm versions to GHR | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout branch | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 18 | |
| - name: Configure GitHub Package Registry auth | |
| run: echo "//npm.pkg.github.com/:_authToken=\${NODE_AUTH_TOKEN}" >> ~/.npmrc | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Backfill | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| DRY_RUN: ${{ inputs.dry_run }} | |
| INPUT_VERSION: ${{ inputs.version }} | |
| run: | | |
| set -euo pipefail | |
| pkg="@optimizely/optimizely-sdk" | |
| npm_registry="https://registry.npmjs.org" | |
| gpr_registry="https://npm.pkg.github.com" | |
| if [[ -n "$INPUT_VERSION" ]]; then | |
| versions="$INPUT_VERSION" | |
| else | |
| versions=$(npm view "$pkg" versions --json --registry "$npm_registry" | jq -r '.[]') | |
| fi | |
| for v in $versions; do | |
| echo "::group::${pkg}@${v}" | |
| # npm pack writes the tarball filename to stdout and notices/errors to | |
| # stderr; keep stderr visible so pack failures (auth/404/network) show | |
| # in the logs. pipefail (set above) makes a failed pack abort the job. | |
| tarball=$(npm pack "${pkg}@${v}" --registry "$npm_registry" | tail -n1) | |
| scripts/publish.sh "$gpr_registry" "$tarball" | |
| rm -f "$tarball" | |
| echo "::endgroup::" | |
| done |