Conversation
Mrtenz
changed the title
Mrtenz
force-pushed
the
mrtenz/update-actions
branch
from
3e1402e to
a9983f8
Compare
Mrtenz
force-pushed
the
mrtenz/publish-github-after-npm
branch
2 times, most recently
from
0ecf2a2 to
f56060c
Compare
| with: | ||
| is-high-risk-environment: true | ||
| ref: ${{ github.sha }} | ||
| - uses: MetaMask/action-publish-release@v3 |
There was a problem hiding this comment.
I see that this now goes after the doc publishing steps. Does it make sense for the doc publishing to go afterward instead?
This action also creates a Git tag in addition to creating the GitHub release. Do you think that will create a problem if the tag gets created after the package is published to NPM? I don't think so but I wanted to raise it in case it was.
There was a problem hiding this comment.
I see that this now goes after the doc publishing steps. Does it make sense for the doc publishing to go afterward instead?
They run in parallel, publish-release only needs publish-npm (just like get-release-version, which is used for publishing the docs).
This action also creates a Git tag in addition to creating the GitHub release. Do you think that will create a problem if the tag gets created after the package is published to NPM? I don't think so but I wanted to raise it in case it was.
Git and NPM tags are completely separate, so I don't think this should be a problem.
There was a problem hiding this comment.
Gotcha, thanks, makes sense then.
Mrtenz
force-pushed
the
mrtenz/publish-github-after-npm
branch
from
42a7242 to
ff690d0
Compare
3 participants
This reorders the
publish-releaseworkflow to move the publish release to GitHub step after NPM publishing. NPM publish requires approval, and occasionally a release may be rejected and reverted, currently requiring manual removal of the Git tags and GitHub release, since those are always created before the approval.Note
Medium Risk
Moderate risk because it changes the sequencing of the release pipeline (artifact build/publish dependencies), which could affect release automation if any job ordering assumptions were relied on.
Overview
The
publish-releaseGitHub Actions workflow is restructured so the build happens first, then NPM dry-run and NPM publish run from the built artifacts, and only after NPM publish succeeds does it create the GitHub release.This avoids creating tags/releases before the
npm-publishenvironment approval, and adds clearer job naming while keeping the docs publish steps (gh-pagesandlatest) dependent on the post-publish version/output.Reviewed by Cursor Bugbot for commit ff690d0. Bugbot is set up for automated code reviews on this repo. Configure here.