fix(e2e): add docker login to e2e workflow
The e2e tests were failing due to an authentication error when pulling the sandbox docker image. This was because the docker login step was missing from the e2e workflow.
This change adds the docker login step to the e2e workflow and also adds "npm-run-all" to the dev dependencies, which was missing and caused the linting to fail.
Expanded the `get-vars` job in `orchestrator.yml` to output `npm-registry-scope` and `npm-registry-url` in addition to `cli-package-name`. The `build-and-publish` and `e2e` jobs now correctly depend on `get-vars` and consume all three outputs, ensuring proper plumbing of environment variables for the Docker build.
Restores the `get-vars` job to the `orchestrator` workflow. This job was accidentally removed and is necessary for passing the `CLI_PACKAGE_NAME` to the `e2e` tests, which is required for the Docker build.
Re-adds the `ci` job to the `orchestrator` workflow, which was
accidentally removed. The `e2e` job is also updated to correctly
depend on the `ci` job.
- Adds explicit inputs for variables required by the reusable
`build-and-publish` workflow.
- Updates the `orchestrator` workflow to pass these variables correctly.
- Removes a duplicated job from the `orchestrator` workflow.
- Replaces the `build_sandbox.js` script with a direct `docker build`
command in the `build-and-publish` workflow.
- Deletes the now-redundant `build_sandbox.js` and
`sandbox_command.js` scripts.
- This makes the sandbox build process more transparent and removes
unnecessary complexity.
Removes the unnecessary `npm install` step from the
`build-and-publish-sandbox` job. The Dockerfile is responsible
for installing the correct version of the package, so this step
was redundant.
- Moves the sandbox build and publish logic into the main
`build-and-publish` workflow.
- The sandbox image is now built *after* the NPM package is published,
and uses the published package.
- Removes the redundant `build-sandbox` and `release-sandbox` workflows.
- Updates the `orchestrator` workflow to reflect these changes.
Removes the sandbox image build step from the e2e workflow.
The e2e workflow will now consume a pre-built sandbox image,
separating the concerns of building and testing.
Updates the release-sandbox workflow to use the push-docker action,
which is configured to push to ghcr.io.
Also updates the push-docker action to use `github.repository_owner`
as the username for ghcr.io login, which is the recommended practice.
- Use reusable npmrc action in workflows
- Make package name dynamic in e2e tests
- Add rationale for configure-registry script
- Force orchestrator to run in dev environment
This change parallelizes the linting tasks in package.json and moves the lint job to a larger runner for a significant performance improvement. It also fixes an infinite loop that was introduced during the refactoring.
This change refactors the release process to support a new bundle-based publishing method while
maintaining backward compatibility for existing release and patch workflows.
Key changes:
- The composite action now includes a input (string, default 'false') to conditionally switch between the old source-based publishing
the new bundle-based method.
- The workflow is updated to use the new bundle-based process ().
- The workflow includes a new input (defaulting to false) to allow for manual testing of either release method.
- Existing and patch workflows remain unchanged, ensuring they continue to use the old, non-bundled process for backward compatibility.
Adds the 'Configure npm for GitHub Packages' step to the 'e2e_linux' job in 'e2e.yml'.
This was missing, causing the job to fail when trying to install the test package from the GitHub Packages registry.
Adds the 'packages: read' permission to the 'bundle-size.yml' workflow.
This is necessary to allow the job to download the package from the GitHub Packages registry to perform the size check.
Adds a debug step to the 'build-and-publish.yml' workflow to print the contents of the .npmrc file immediately after the 'prepare-github-release.js' script runs.
This will help determine if the 'prepare-github-release.js' script is inadvertently modifying or overwriting the .npmrc file, which could be causing the 'ENEEDAUTH' error during the publish step.
Adds a debug step to the 'build-and-publish.yml' workflow to print the contents of the .npmrc file immediately before the 'npm publish' step.
This will help diagnose the 'ENEEDAUTH' error by showing the exact state of the npm configuration at the time of failure.
Creates a new reusable workflow, 'bundle-size.yml', to handle the bundle size check.
This check is now run in a separate job in the main 'orchestrator.yml' workflow, parallel to the 'e2e' job. This optimizes the CI pipeline by allowing the E2E tests to start as soon as the bundle is published, without waiting for the size check to complete.
Updates the 'lint.yml' workflow to use 'npm ci --only=dev'.
This ensures that only 'devDependencies' are installed, making the linting job faster and more efficient as it doesn't need to download and install the main application dependencies.
Removes the 'smoke test bundle' steps from the 'test_linux', 'test_mac', and 'test_windows' jobs in 'ci.yml'.
This step is redundant as the e2e workflow is responsible for testing the final bundled artifact.
Reorders the steps in the 'publish-bundle' job to run the bundle creation and size check *before* modifying the package.json files for release.
This prevents the 'package-lock.json' from becoming out-of-sync, which was causing the 'npm ci' command in the bundle size action to fail.
Updates the 'test_linux', 'test_mac', and 'test_windows' jobs in 'ci.yml' to explicitly set 'strategy.fail-fast' to 'false'.
This ensures that all matrix variations for each job will run to completion, even if one of the variations fails. This provides a more complete picture of test status across all supported Node.js versions.
Moves the bundle size check from a separate job in 'ci.yml' to a step within the 'publish-bundle' job in 'build-and-publish.yml'.
This is a more logical location for the check and completely resolves the race condition where the '.npmrc' file created by the bundle size job could interfere with parallel unit test jobs.
Removes the redundant 'lint' job from 'build-and-publish.yml'.
This job was duplicating the linting efforts now handled by the dedicated 'lint.yml' workflow. The 'publish-bundle' job no longer declares an internal dependency on 'lint', as the orchestrator workflow ensures linting is completed before calling 'build-and-publish'.
Updates the checkout step in the 'lint.yml' workflow to use 'fetch-depth: 0'.
This is necessary to prevent intermittent failures in the sensitive keyword linter, which requires a full git history to reliably compare the current branch against 'origin/main'.
Explicitly sets 'fetch-depth: 1' in the checkout step of the 'lint.yml' workflow.
This makes the default behavior of fetching only the most recent commit explicit for clarity and consistency with other jobs that perform shallow clones.
Creates a new reusable workflow, 'lint.yml', to handle all linting operations.
The main 'orchestrator.yml' is updated to use this new workflow. The dependency chain is now explicitly defined: 'lint' runs first, followed by 'build-and-publish' and 'ci' in parallel. The 'e2e' job remains dependent on 'build-and-publish'.
This change also removes the now-unused 'version' input from 'ci.yml' and corrects the 'bundle_size' job to use 'npm ci'.
Replaces the explicit GitHub Packages configuration and published package installation with 'npm ci' in the 'test_linux', 'test_mac', and 'test_windows' jobs within 'ci.yml'.
This streamlines the unit testing process by focusing on the source code dependencies and avoids misleadingly installing the published package in the unit test phase. The 'bundle_size' job retains its specific install as it requires the published artifact.
Prefixes the concurrency group names in 'ci.yml' and 'e2e.yml' with 'ci-' and 'e2e-' respectively.
This prevents the workflows from canceling each other out when they are triggered by the same orchestrator workflow, as the 'github.workflow' context variable was resolving to the same value for both.
Consolidates all job-level permissions into a single workflow-level block in 'ci.yml'.
This simplifies the workflow configuration and makes it easier to manage permissions. The workflow-level permissions now include all necessary permissions for the 'test_linux', 'test_mac', 'codeql', and 'bundle_size' jobs.
Adds 'packages: read' permission to the 'ci.yml' and 'e2e.yml' workflows. This is necessary to allow the jobs to download packages from the GitHub Packages registry, fixing the 403 Forbidden error during 'npm install'.
Also renames the 'orchestrator.yml' workflow from 'PR Checks' to 'Checks' for brevity.
mkorwel