diff --git a/.github/workflows/back-merge-pr.yml b/.github/workflows/back-merge-pr.yml new file mode 100644 index 0000000..cec0f26 --- /dev/null +++ b/.github/workflows/back-merge-pr.yml @@ -0,0 +1,59 @@ +# Opens a PR from master → development after changes land on master (back-merge). +# +# Org/repo Settings → Actions → General → Workflow permissions: read and write +# (so GITHUB_TOKEN can create pull requests). Or use a PAT in secret GH_TOKEN. + +name: Back-merge master to development + +on: + push: + branches: [master] + workflow_dispatch: + +permissions: + contents: read + pull-requests: write + +jobs: + open-back-merge-pr: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Open back-merge PR if needed + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + set -euo pipefail + git fetch origin development master + + MASTER_SHA=$(git rev-parse origin/master) + DEV_SHA=$(git rev-parse origin/development) + + if [ "$MASTER_SHA" = "$DEV_SHA" ]; then + echo "master and development are at the same commit; nothing to back-merge." + exit 0 + fi + + EXISTING=$(gh pr list --repo "${{ github.repository }}" \ + --base development \ + --head master \ + --state open \ + --json number \ + --jq 'length') + + if [ "$EXISTING" -gt 0 ]; then + echo "An open PR from master to development already exists; skipping." + exit 0 + fi + + gh pr create --repo "${{ github.repository }}" \ + --base development \ + --head master \ + --title "chore: back-merge master into development" \ + --body "Automated back-merge after changes landed on \`master\`. Review and merge to keep \`development\` in sync." + + echo "Created back-merge PR master → development." diff --git a/.github/workflows/check-branch.yml b/.github/workflows/check-branch.yml deleted file mode 100644 index c63e084..0000000 --- a/.github/workflows/check-branch.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: 'Check Branch' - -on: - pull_request: - -jobs: - check_branch: - runs-on: ubuntu-latest - steps: - - name: Comment PR - if: github.base_ref == 'staging' && github.head_ref != 'development' - uses: thollander/actions-comment-pull-request@v2 - with: - message: | - We regret to inform you that you are currently not able to merge your changes into the master branch due to restrictions applied by our SRE team. To proceed with merging your changes, we kindly request that you create a pull request from the development branch. Our team will then review the changes and work with you to ensure a successful merge into the master branch. - - name: Check branch - if: github.base_ref == 'staging' && github.head_ref != 'development' - run: | - echo "ERROR: We regret to inform you that you are currently not able to merge your changes into the master branch due to restrictions applied by our SRE team. To proceed with merging your changes, we kindly request that you create a pull request from the development branch. Our team will then review the changes and work with you to ensure a successful merge into the master branch." - exit 1 \ No newline at end of file diff --git a/.github/workflows/check-version-bump.yml b/.github/workflows/check-version-bump.yml new file mode 100644 index 0000000..51e052c --- /dev/null +++ b/.github/workflows/check-version-bump.yml @@ -0,0 +1,76 @@ +# Runs only when production code under src/ changes. Version must be > latest v* tag (not vs base branch). + +name: Check Version Bump + +on: + pull_request: + +jobs: + check-version-bump: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Validate version and changelog updates + shell: bash + run: | + set -euo pipefail + + VERSION_FILE="package.json" + CHANGELOG_FILE="CHANGELOG.md" + BASE_SHA="${{ github.event.pull_request.base.sha }}" + HEAD_SHA="${{ github.event.pull_request.head.sha }}" + + mapfile -t CHANGED_FILES < <(git diff --name-only "$BASE_SHA" "$HEAD_SHA") + if [ "${#CHANGED_FILES[@]}" -eq 0 ]; then + echo "No changed files detected." + exit 0 + fi + + is_production_source_change() { + local f="$1" + [[ "$f" == src/* ]] + } + + has_source_changes=false + for file in "${CHANGED_FILES[@]}"; do + if is_production_source_change "$file"; then + has_source_changes=true + break + fi + done + + if [ "$has_source_changes" = false ]; then + echo "Skipping: no src/ production code changes." + exit 0 + fi + + changed_file() { + local target="$1" + for file in "${CHANGED_FILES[@]}"; do + if [ "$file" = "$target" ]; then + return 0 + fi + done + return 1 + } + + changed_file "$VERSION_FILE" || { echo "Version bump required in $VERSION_FILE."; exit 1; } + changed_file "$CHANGELOG_FILE" || { echo "Matching changelog update required in $CHANGELOG_FILE."; exit 1; } + + head_version=$(node -e "console.log(require('./package.json').version)") + CHANGELOG_HEAD=$(sed -nE 's/^## v?([^[:space:]]+).*/\1/p' "$CHANGELOG_FILE" | head -1) + + [ -n "$CHANGELOG_HEAD" ] || { echo "::error::Could not find a top changelog heading like '## vX.Y.Z' in $CHANGELOG_FILE."; exit 1; } + [ "$CHANGELOG_HEAD" = "$head_version" ] || { echo "::error::$CHANGELOG_FILE top version ($CHANGELOG_HEAD) does not match project version ($head_version)."; exit 1; } + + latest_tag=$(git tag --list 'v*' --sort=-version:refname | sed -n '1p') + latest_version="${latest_tag#v}" + [ -n "$latest_version" ] || latest_version="0.0.0" + + version_gt() { + python3 -c 'import sys;v=lambda s:[int(x) if x.isdigit() else 0 for x in (s.strip().lstrip("v").split("-",1)[0].split("+",1)[0].split(".")+["0","0","0"])[:3]];print("true" if v(sys.argv[1])>v(sys.argv[2]) else "false")' "$1" "$2" + } + + [ "$(version_gt "$head_version" "$latest_version")" = "true" ] || { echo "Version must be greater than latest tag version ($latest_version). Found $head_version."; exit 1; } diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 33b9343..ac17520 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,9 +2,9 @@ name: Unit-Test-CI on: push: - branches: [ master, staging, development ] + branches: [ master, development ] pull_request: - branches: [ master, staging, development ] + branches: [ master, development ] jobs: build-test: diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index eab0907..3f8b11c 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -1,4 +1,4 @@ -# This workflow will publish a package to GitHub Packages when a release is created +# This workflow publishes packages when a GitHub Release is created for a version tag. # For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages name: Publish package to NPM repository @@ -8,9 +8,12 @@ on: jobs: publish-npm: + if: ${{ startsWith(github.event.release.tag_name, 'v') && !github.event.release.draft }} runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + ref: ${{ github.event.release.tag_name }} - uses: actions/setup-node@v4 with: node-version: '22.x' @@ -20,9 +23,12 @@ jobs: env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} publish-git: + if: ${{ startsWith(github.event.release.tag_name, 'v') && !github.event.release.draft }} runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + ref: ${{ github.event.release.tag_name }} - uses: actions/setup-node@v4 with: node-version: '22.x' diff --git a/AGENTS.md b/AGENTS.md index 2b82ff8..ee75585 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -29,7 +29,7 @@ npm run download-regions # regions.json only (also run as part of prebuild) `npm test` runs **`pretest` → `npm run build`**, then Jest with coverage; outputs under **`reports/`**. Use **`npm run test:debug`** for Jest watch mode (`--runInBand`). -**CI:** `.github/workflows/ci.yml` (unit tests / coverage on `development`, `staging`, `master`). Branch rules: `.github/workflows/check-branch.yml`. Publish: `.github/workflows/npm-publish.yml` (on GitHub release). +**CI:** `.github/workflows/ci.yml` (unit tests / coverage on `development`, `master`). Publish: `.github/workflows/npm-publish.yml` (GitHub **Release** created for tag `v*`; draft releases are skipped). Back-merge automation: `.github/workflows/back-merge-pr.yml`. Install: `npm i @contentstack/utils` — see root **`README.md`** and **`package.json`** for the current version. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 477c426..3364d13 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -6,7 +6,7 @@ Thank you for your interest in contributing to Contentstack Utils JavaScript. Th **All pull requests must be raised against the `development` branch.** -Do not open PRs against `master` or `staging`. Create your feature or fix branch from `development`, and open your PR to merge into `development`. Maintainers will handle promotion to other branches after review. +Feature/fix PRs should merge into `development`. Release PRs are raised by maintainers directly from `development` to `master`. ## Getting Started @@ -92,7 +92,7 @@ Husky is used for Git hooks. Before each commit, the pre-commit hook runs. Ensur git rebase upstream/development ``` -2. **Open a Pull Request** against the **`development`** branch (not `master` or `staging`). +2. **Open a Pull Request** against the **`development`** branch for feature/fix work. Maintainers handle release PRs from `development` to `master`. 3. **Fill out the PR template** (if one exists) and provide: - A clear title and description of the change diff --git a/skills/dev-workflow/SKILL.md b/skills/dev-workflow/SKILL.md index 184230b..93923d0 100644 --- a/skills/dev-workflow/SKILL.md +++ b/skills/dev-workflow/SKILL.md @@ -15,8 +15,8 @@ description: Branches, CI, build/test/lint commands, git hooks, PR expectations, ### Branches and PRs -- **CI** (`Unit-Test-CI`) runs on **push/PR** to `development`, `staging`, and `master` (`.github/workflows/ci.yml`). -- **Branch check:** PRs **into `staging`** from a head branch other than **`development`** fail (`.github/workflows/check-branch.yml`). Prefer **`development`** as the integration branch when aligning with upstream. +- **CI** (`Unit-Test-CI`) runs on **push/PR** to `development` and `master` (`.github/workflows/ci.yml`). +- Feature/fix PRs should target **`development`**. Release PRs are raised directly from **`development`** to **`master`**. - Confirm target branch with maintainers if unsure. ### Commands @@ -43,4 +43,4 @@ description: Branches, CI, build/test/lint commands, git hooks, PR expectations, - Version in **`package.json`** and **`CHANGELOG.md`**. - **`prepublishOnly`** runs **`npm test`**. -- **npm / GitHub Packages:** `.github/workflows/npm-publish.yml` on **release `created`**; secrets `NPM_TOKEN`, `GIT_TOKEN` (maintainers). +- **npm / GitHub Packages:** `.github/workflows/npm-publish.yml` on **`release: types: [created]`** for tag **`v*`** (draft releases skipped); secrets `NPM_TOKEN`, `GIT_TOKEN` (maintainers).