ci: adds workflows to release and publish new versions of packages

.github/labeler.yml

@@ -0,0 +1,14 @@
+contracts:
+  - ./contracts/**/*
+  - ./contracts/*
+  - ./.github/workflows/contracts-*.yml
+
+sdk:
+  - ./sdk/**/*
+  - ./sdk/*
+  - ./.github/workflows/sdk-*.yml
+
+subgraph:
+  - ./subgraph/**/*
+  - ./subgraph/*
+  - ./.github/workflows/subgraph-*.yml

.github/scripts/generate_release_matrix.py

@@ -0,0 +1,58 @@
+import json
+import os
+
+#
+# // PULL_LABELS = toJson(github.event.pull_request.labels)
+# 
+# [
+# 	{
+# 		"color": "FFFFF7",
+# 		"default": false,
+# 		"description": "Issue describes change in the development process",
+# 		"id": 1786730933,
+# 		"name": "label_pqr-xyz-release",
+# 		"node_id": "MDU6TGFiZWwxNzg2NzMwOTMz",
+# 		"url": "https://api.github.com/repos/parzh/parzh.github.io/labels/Domain:%20dev"
+# 	},
+# 	{
+# 		"color": "cc062a",
+# 		"default": false,
+# 		"description": "Issue must be addressed right now",
+# 		"id": 1786706637,
+# 		"name": "label_abc-release",
+# 		"node_id": "MDU6TGFiZWwxNzg2NzA2NjM3",
+# 		"url": "https://api.github.com/repos/parzh/parzh.github.io/labels/Priority:%20top"
+# 	},
+# 	{
+# 		"color": "00727C",
+# 		"default": false,
+# 		"description": "Issue describes lack of a functionality or an open possibility of enhancement",
+# 		"id": 1786726751,
+# 		"name": "label_123-improvement",
+# 		"node_id": "MDU6TGFiZWwxNzg2NzI2NzUx",
+# 		"url": "https://api.github.com/repos/parzh/parzh.github.io/labels/Type:%20improvement"
+# 	}
+# ]
+#
+# Test:
+# PULL_LABELS=$(cat labels.json) python3 generate_release_matrix.py
+#
+
+try:
+    labels = json.loads(os.getenv('PULL_LABELS'))
+except:
+    labels = []
+
+trigger_substring = "-release"
+matrix = []
+hasLabels = False
+for label in labels:
+    label_name = str(label['name'])
+    trigger_substring_index = label_name.find(trigger_substring)
+    if trigger_substring_index != -1:
+        matrix.append({
+            'package': label_name[:trigger_substring_index],
+        })
+        hasLabels = True
+
+print(json.dumps({'include': matrix}))

.github/scripts/generate_release_notes.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+PACKAGE=$1
+
+echo "RELEASE_NOTES<<EOF" >> $GITHUB_ENV
+echo "## All changes in $PACKAGE" >> $GITHUB_ENV
+echo "" >> $GITHUB_ENV
+
+PULL_REQUESTS=$(gh pr list --label $PACKAGE --state merged --json title,mergeCommit,number)
+
+# convert to base64 so we only have one line per pull request that we iterate over
+echo $PULL_REQUESTS | jq -r '.[] | @base64' | while read pull_request ; do
+    COMMIT=$(echo $pull_request | base64 -d | jq -r '.mergeCommit.oid')
+    NUMBER=$(echo $pull_request | base64 -d | jq -r '.number')
+    TITLE=$(echo $pull_request | base64 -d | jq -r '.title')
+
+    # if there is more than 1 tag, the pull request is already included in another release
+    if [ $(git tag --contain $COMMIT | grep -i $PACKAGE | wc -l) -le 1 ]; then
+        echo "- $TITLE in #$NUMBER" >> $GITHUB_ENV
+    fi
+done
+
+
+echo "EOF" >> $GITHUB_ENV

.github/workflows/contracts-publish.yml

@@ -0,0 +1,29 @@
+name: Contracts Publish
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  check_tag:
+    uses: ./.github/workflows/reusable-check-tag.yml
+    with:
+      ref: ${{ github.ref }}
+
+  tests:
+    needs: [check_tag]
+    if: ${{ needs.check_tag.outputs.package == 'contracts' }}
+    uses: ./.github/workflows/contracts-tests.yml
+    secrets:
+      INFURA_API_KEY: ${{ secrets.INFURA_API_KEY }}
+
+  publish:
+    needs: [check_tag, tests]
+    uses: ./.github/workflows/reusable-publish.yml
+    with:
+      package: ${{ needs.check_tag.outputs.package }}
+      version: ${{ needs.check_tag.outputs.version }}
+    secrets:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/contracts-tests.yml

@@ -2,6 +2,10 @@ name: 'contracts'
 
 on:
   workflow_dispatch:
+  workflow_call:
+    secrets:
+      INFURA_API_KEY:
+        required: true
   push:
     paths:
       - 'contracts/**'

.github/workflows/packages-release.yml

@@ -0,0 +1,66 @@
+name: Packages release
+
+on:
+  pull_request:
+    types:
+      - closed
+
+jobs:
+  prepare:
+    name: Prepare release generation
+    runs-on: ubuntu-latest
+    if: github.event.pull_request.merged
+    outputs:
+      PACKAGE_LIST: ${{ steps.matrix.outputs.pkg_list }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          ref: 'develop'
+      - name: Setup Python environment
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.x
+      - name: Get package-list from label-list
+        id: matrix
+        run: |
+          PKG_LIST=$(python ./.github/scripts/generate_release_matrix.py)
+          PR_LABEL_LIST="${{ toJson(github.event.pull_request.labels.*.name) }}"
+          echo "Pkg list: $PKG_LIST"
+          echo "Label list: $PR_LABEL_LIST"
+          echo "pkg_list=$PKG_LIST" >> $GITHUB_OUTPUT
+        env:
+          PULL_LABELS: ${{ toJson(github.event.pull_request.labels) }}
+
+  release:
+    name: Set Github Tag
+    runs-on: ubuntu-latest
+    needs: [prepare]
+    ## This condition gets TRUE if used in this way: ${{ contains(toJson(xyz), 'substr') }}
+    if: ${{ contains( toJson(github.event.pull_request.labels.*.name), '-release' ) }}
+    strategy:
+      fail-fast: true
+      matrix: ${{ fromJson(needs.prepare.outputs.PACKAGE_LIST) }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          ref: 'develop'
+      - name: Get version from '${{ matrix.package }}' package.json
+        id: getver
+        working-directory: './modules/${{ matrix.package }}'
+        run: |
+          VERSION=$(cat package.json | jq -r .version)
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+          echo "Version: $VERSION"
+      - name: Set Github Tag via API
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.ARABOT_PAT_TRIGGER_WORKFLOW }}
+          script: |
+            github.rest.git.createRef({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              ref: `refs/tags/${{ steps.getver.outputs.version }}-${{ matrix.package }}`,
+              sha: "${{ github.sha }}"
+            })

.github/workflows/pull_request_labeler.yml

@@ -0,0 +1,11 @@
+name: Pull Request Labeler
+on:
+  - pull_request_target
+
+jobs:
+  triage:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/labeler@v4
+        with:
+          sync-labels: true

.github/workflows/reusable-check-tag.yml

@@ -0,0 +1,34 @@
+name: Check Tag
+
+on:
+  workflow_call:
+    inputs:
+      ref:
+        required: true
+        type: string
+    outputs:
+      package:
+        description: 'the package this ref was created for'
+        value: ${{ jobs.check_tag.outputs.package }}
+      version:
+        description: 'the version included in the ref'
+        value: ${{ jobs.check_tag.outputs.version }}
+
+jobs:
+  check_tag:
+    runs-on: ubuntu-latest
+    outputs:
+      package: ${{ steps.tag-info.outputs.package }}
+      version: ${{ steps.tag-info.outputs.version }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Get version from Github Tag
+        id: tag-info
+        run: |
+          GITHUB_REF="${{ inputs.ref }}"
+          TAG=${GITHUB_REF##*/}
+          VERSION=$(echo "$TAG" | grep -woP "([0-9]+\.[0-9]+\.[0-9]+)-\w+" | sed 's/-sdk//')
+          PACKAGE=sdk
+          echo "package=$PACKAGE" >> $GITHUB_OUTPUT
+          echo "version=$VERSION" >> $GITHUB_OUTPUT

.github/workflows/reusable-publish.yml

@@ -0,0 +1,57 @@
+name: Publish
+
+on:
+  workflow_call:
+    inputs:
+      package:
+        required: true
+        type: string
+      version:
+        required: true
+        type: string
+    secrets:
+      NPM_TOKEN:
+        required: true
+      GITHUB_TOKEN:
+        required: true
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    if: ${{ inputs.package != '' && inputs.version != '' }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          ref: 'develop'
+      - name: Setup NodeJS
+        uses: actions/setup-node@v3
+        with:
+          cache: 'yarn'
+          node-version: 18.x
+          registry-url: https://registry.npmjs.org
+      - name: Publish NPM pkg (${{ inputs.package }} - ${{ inputs.version }})
+        run: yarn publish --no-git-tag-version --new-version ${{ inputs.version }}
+        working-directory: ./${{ inputs.package }}
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
+      - name: Setup Python environment
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.x
+      - name: Generate release notes
+        id: release_notes
+        run: ./.github/scripts/generate_release_notes.sh $PACKAGE
+        env:
+          PACKAGE: ${{ inputs.package }}
+      - name: Create release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          tag: ${{ github.ref_name }}
+          package: ${{ inputs.package }}
+          version: ${{ inputs.version }}
+        run: |
+          gh release create "$tag" \
+              --repo="$GITHUB_REPOSITORY" \
+              --title="$package - $version" \
+              --notes="$RELEASE_NOTES"

.github/workflows/sdk-publish.yml

@@ -0,0 +1,27 @@
+name: SDK Publish
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  check_tag:
+    uses: ./.github/workflows/reusable-check-tag.yml
+    with:
+      ref: ${{ github.ref }}
+
+  tests:
+    needs: [check_tag]
+    if: ${{ needs.check_tag.outputs.package == 'sdk' }}
+    uses: ./.github/workflows/sdk-tests.yml
+
+  publish:
+    needs: [check_tag, tests]
+    uses: ./.github/workflows/reusable-publish.yml
+    with:
+      package: ${{ needs.check_tag.outputs.package }}
+      version: ${{ needs.check_tag.outputs.version }}
+    secrets:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/sdk-tests.yml

@@ -2,6 +2,7 @@ name: 'sdk'
 
 on:
   workflow_dispatch:
+  workflow_call:
   push:
     paths:
       - 'sdk/**'

.github/workflows/subgraph-publish.yml

@@ -0,0 +1,27 @@
+name: Subgraph Publish
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  check_tag:
+    uses: ./.github/workflows/reusable-check-tag.yml
+    with:
+      ref: ${{ github.ref }}
+
+  tests:
+    needs: [check_tag]
+    if: ${{ needs.check_tag.outputs.package == 'subgraph' }}
+    uses: ./.github/workflows/subgraph-tests.yml
+
+  publish:
+    needs: [check_tag, tests]
+    uses: ./.github/workflows/reusable-publish.yml
+    with:
+      package: ${{ needs.check_tag.outputs.package }}
+      version: ${{ needs.check_tag.outputs.version }}
+    secrets:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/subgraph-tests.yml

@@ -2,6 +2,7 @@ name: 'subgraph'
 
 on:
   workflow_dispatch:
+  workflow_call:
   push:
     paths:
       - 'contracts/**'

subgraph/package.json

@@ -14,6 +14,10 @@
   "bugs": {
     "url": "https://github.com/aragon/osx-commons/issues"
   },
+  "files": [
+    "/src",
+    "tsconfig.json"
+  ],
   "homepage": "https://github.com/aragon/osx-commons#readme",
   "scripts": {
     "test:fast": "graph test",