Update npm-release.yml

[hupling]

Reference

Issue: it-at-m/.github#109

Summary by CodeRabbit

• New Features
  • Introduced a configurable option in the deployment workflow that allows users to opt out of automated publishing.
  • Updated the package build and deployment process for improved tracking of artifact details.
  • Added a new input parameter to control deployment behavior.

[coderabbitai]

Walkthrough

This pull request updates the npm release workflow by introducing a new boolean input parameter skip-deployment (defaulting to true) to control whether the deployment step is executed. Additionally, the output variables in the release job are updated to reference outputs from newly added steps. A new step (with ID node) is introduced for building the npm package, and a conditional step executes the npm publish command if skip-deployment is set to false.

Changes

File	Change Summary
.github/workflows/npm-release.yml	- Added new input parameter skip-deployment (boolean, default true) - Updated output variable ARTIFACT_NAME to reference steps.node.outputs.artifact-name - Updated output variable ARTIFACT_VERSION (no change in reference, context provided) - Introduced new steps including the node step for building and a conditional step to trigger npm publish based on skip-deployment

Sequence Diagram(s)

sequenceDiagram
  participant U as User/Trigger
  participant R as Release Job
  participant N as Node Step (Build)
  participant NR as Node-Release Step
  participant P as Publish Step

  U->>R: Dispatch with skip-deployment input
  R->>N: Execute build step
  N-->>R: Return artifact name
  R->>NR: Execute version retrieval step
  NR-->>R: Return version info
  alt skip-deployment is false
      R->>P: Execute npm publish command
  else
      R->>R: Skip deployment step
  end

Loading

Poem

I'm a rabbit with hops so fine,
Through workflows I bound in a straight line.
A switch to skip or let deploy,
Brings npm magic, oh joy!
In code fields where revisions gleam,
I celebrate each commit like a dream!
🐇✨

---

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Free

📥 Commits

Reviewing files that changed from the base of the PR and between 15d10d9 and 8cc1fed.

📒 Files selected for processing (1)

• .github/workflows/npm-release.yml (2 hunks)

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 4

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4ccb387 and 554f7c4.

📒 Files selected for processing (1)

• .github/workflows/npm-release.yml (2 hunks)

🧰 Additional context used

🪛 YAMLlint (1.35.1)

.github/workflows/npm-release.yml

[error] 22-22: wrong indentation: expected 8 but found 7

(indentation)

---

[error] 24-24: trailing spaces

(trailing-spaces)

---

[warning] 40-40: too few spaces before comment

(comments)

---

[warning] 53-53: too few spaces before comment

(comments)

🪛 actionlint (1.7.4)

.github/workflows/npm-release.yml

37-37: property "node-release" is not defined in object type {node: {conclusion: string; outcome: string; outputs: {string => string}}; npm_release: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

---

53-53: property "npm-token" is not defined in object type {app-path: string; release-version: string; skip-deployment: bool}

(expression)

[coderabbitai]

🧹 Nitpick (assertive)

Improve Inline Comment Spacing.
For enhanced readability, consider adding an extra space before inline comments. For example, adjust the comment on the action reference on line 40.

🧰 Tools

🪛 YAMLlint (1.35.1)

[warning] 40-40: too few spaces before comment

(comments)

[coderabbitai]

💡 Verification agent

❓ Verification inconclusive

Verify Output Reference for Artifact Version.
The output variable ARTIFACT_VERSION is set using ${{ steps.node-release.outputs.VERSION }}, yet no step with the ID node-release exists in this job. Please verify whether the step ID should be updated (e.g., to node) or if a new step is intended to be added.

---

Action Required: Correct the Artifact Version Step Reference
The output for ARTIFACT_VERSION incorrectly points to ${{ steps.node-release.outputs.VERSION }}: no step with the ID node-release exists in this workflow. It appears the intent was to use the already defined node step (as done for ARTIFACT_NAME). Please update the reference to use steps.node.outputs.VERSION or add a missing step if that was the intent.

• File: .github/workflows/npm-release.yml
• Lines: 36-37
• Suggested Diff:

       ARTIFACT_NAME: ${{ steps.node.outputs.artifact-name }}
  -    ARTIFACT_VERSION: ${{steps.node-release.outputs.VERSION}}
  +    ARTIFACT_VERSION: ${{ steps.node.outputs.VERSION }}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	ARTIFACT_NAME: ${{ steps.node.outputs.artifact-name }}
	ARTIFACT_VERSION: ${{steps.node-release.outputs.VERSION}}
	ARTIFACT_NAME: ${{ steps.node.outputs.artifact-name }}
	ARTIFACT_VERSION: ${{ steps.node.outputs.VERSION }}

🧰 Tools

🪛 actionlint (1.7.4)

37-37: property "node-release" is not defined in object type {node: {conclusion: string; outcome: string; outputs: {string => string}}; npm_release: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

[coderabbitai]

🧹 Nitpick (assertive)

⚠️ Potential issue

Define the npm-token Input for Environment Variable.
The npm publish step is referencing ${{ inputs.npm-token }} to set NODE_AUTH_TOKEN, but no input parameter npm-token is defined in the workflow_dispatch inputs. This will cause a runtime error when the token is needed for publishing. In addition, consider adding proper spacing before inline comments for clarity.

Proposed fix: Add a new input parameter for npm-token in the inputs block, for example:

   inputs:
     release-version:
       type: choice
       description: "Select version increment type (follows Semantic Versioning)"
       required: true
       options:
         - patch
         - minor
         - major
     app-path:
       type: choice
       description: "Select the node service to release"
       required: true
       default: refarch-frontend
       options:
         - refarch-frontend # Add or modify frontend paths according to your project structure
+    npm-token:
+      type: string
+      description: "NPM authentication token required for publishing"
+      required: true
     skip-deployment:
       default: true
       type: boolean
       description: "skip deployment to npm registry"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	env:
	NODE_AUTH_TOKEN: ${{ inputs.npm-token }} # Centralized token in it-at-m GitHub organization
	inputs:
	release-version:
	type: choice
	description: "Select version increment type (follows Semantic Versioning)"
	required: true
	options:
	- patch
	- minor
	- major
	app-path:
	type: choice
	description: "Select the node service to release"
	required: true
	default: refarch-frontend
	options:
	- refarch-frontend # Add or modify frontend paths according to your project structure
	npm-token:
	type: string
	description: "NPM authentication token required for publishing"
	required: true
	skip-deployment:
	default: true
	type: boolean
	description: "skip deployment to npm registry"

🧰 Tools

🪛 actionlint (1.7.4)

53-53: property "npm-token" is not defined in object type {app-path: string; release-version: string; skip-deployment: bool}

(expression)

🪛 YAMLlint (1.35.1)

[warning] 53-53: too few spaces before comment

(comments)

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

.github/workflows/npm-release.yml (1)

1-20: 🛠️ Refactor suggestion

⚠️ Potential issue

Add Missing Input Parameter for npm-token
The workflow’s npm publish step (line 52) relies on ${{ inputs.npm-token }}, but there is no corresponding npm-token input defined. This will lead to a runtime error when trying to publish the package. Please add the npm-token input to the workflow_dispatch.inputs block.

       options:
         - refarch-frontend # Add or modify frontend paths according to your project structure
+      npm-token:
+        type: string
+        description: "NPM authentication token required for publishing"
+        required: true

(Place the new input ideally after app-path and before skip-deployment.)

♻️ Duplicate comments (2)

.github/workflows/npm-release.yml (2)

52-52: 🧹 Nitpick (assertive)

Improve Inline Comment Spacing
For better readability, consider adding an extra space before the inline comment on the NODE_AUTH_TOKEN environment variable.

-          NODE_AUTH_TOKEN: ${{ inputs.npm-token }} # Centralized token in it-at-m GitHub organization
+          NODE_AUTH_TOKEN: ${{ inputs.npm-token }}  # Centralized token in it-at-m GitHub organization

🧰 Tools

🪛 actionlint (1.7.4)

52-52: property "npm-token" is not defined in object type {app-path: string; release-version: string; skip-deployment: bool}

(expression)

---

35-36: 🛠️ Refactor suggestion

⚠️ Potential issue

Fix Output Reference for ARTIFACT_VERSION
The output variable ARTIFACT_VERSION still references steps.node-release.outputs.VERSION, but no step with the ID node-release exists. Update the reference to use the defined node step instead.

-      ARTIFACT_VERSION: ${{steps.node-release.outputs.VERSION}}
+      ARTIFACT_VERSION: ${{ steps.node.outputs.VERSION }}

🧰 Tools

🪛 actionlint (1.7.4)

36-36: property "node-release" is not defined in object type {node: {conclusion: string; outcome: string; outputs: {string => string}}; npm_release: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 554f7c4 and 02ccb97.

📒 Files selected for processing (1)

• .github/workflows/npm-release.yml (2 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/npm-release.yml

36-36: property "node-release" is not defined in object type {node: {conclusion: string; outcome: string; outputs: {string => string}}; npm_release: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

---

52-52: property "npm-token" is not defined in object type {app-path: string; release-version: string; skip-deployment: bool}

(expression)

[coderabbitai]

🧹 Nitpick (assertive)

Ensure Correct YAML Formatting for skip-deployment Input
The skip-deployment input is now introduced with the correct boolean type and default value. Please double-check that the indentation is consistent with other inputs and that there is no trailing whitespace (especially on the description line).