ci: automate carpincho-wallet extension release packaging#73
Merged
Conversation
Build the carpincho-wallet Chrome extension and attach a ready-to-load zip to GitHub releases on publish. Rewrites the manifest version from the release tag so the asset is reproducible from the tagged commit. Closes #26
- pin checkout and setup-node actions to commit SHAs - derive version once from tag, reuse for manifest and artifact name - validate Chrome version rules (segments 0-65535, no leading zeros) - fail when build output is empty before zipping - add concurrency guard per release tag
gabitoesmiapodo
force-pushed
the
feat/carpincho-extension-release-ci
branch
from
020e81b to
b365b3f
Compare
Run root biome check in the release workflow instead of scoping lint to carpincho-wallet. Bump @types/node to v24 to match .nvmrc. Type the manifest-rewrite plugin's parsed JSON. Add a test asserting the runtime provider version resolves from the root package.json via __APP_VERSION__.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes #26
Releasing the carpincho-wallet Chrome extension was manual: a maintainer had to build locally, zip
dist-extension/, and upload the asset by hand after publishing a release, letting the published artifact drift from the tagged source. This adds a CI workflow that builds and attaches the extension zip automatically on release publish, and wires the extension version to a single source of truth so the manifest, runtime, and release tag can never disagree.Changes
.github/workflows/release.yml, a genericReleaseworkflow triggered onrelease: types: [published]withcontents: writepermission (defaultGITHUB_TOKEN, no PAT). Carpincho is one job (carpincho-extension) so future artifacts drop in as sibling jobs; concurrency is keyed per release tag..nvmrcwith npm caching, thennpm ciat the repo root withHUSKY=0.package.jsonversionthe single source of truth for the extension version:vite.config.tsreads it and injects it via adefine(__APP_VERSION__) and a build plugin that rewritesdist-extension/manifest.jsonversion, stripping any semver prerelease/build metadata to stay Chrome-valid.src/provider/status.tsreports__APP_VERSION__instead of a hardcoded literal.package.jsonintest/setup-dom.ts.npm run lintandnpm run test(reordered so the build runs before the tests that assert on its output), guard against an emptydist-extension/, zip its contents intocarpincho-wallet-<version>.zip, and upload it viagh release upload "$TAG" --clobber.v) matches the rootpackage.jsonversion and yields a Chrome-valid manifest version; fail the release otherwise.architecture.mdproject tree (.github/workflows/), andcarpincho-wallet/AGENTS.md(version source-of-truth rule).Acceptance criteria
.github/workflows/triggers onrelease: types: [published].permissions: contents: writefor asset upload via defaultGITHUB_TOKEN.actions/checkout@v4andactions/setup-node@v4withnode-version-file: .nvmrcand npm caching.npm ciandHUSKY=0.npm --prefix carpincho-wallet run build:extension.dist-extension/intocarpincho-wallet-<tag>.zip.github.event.release.tag_name.versionfrom the release (manifest no longer hard-codes a version).Note: the manifest version is now sourced from the root
package.json(which CI asserts equals the release tag) and injected at build time, rather than rewritten directly from the tag as the issue originally specified -- this gives one committed source of truth for manifest, runtime, and tag. Other adaptations to the npm-workspaces layout:npm ciand the cache key target the rootpackage-lock.json. Beyond the listed criteria: the workflow was generalized to a repo-wideReleasepipeline, the lint/test gate is included, and version validation, an empty-build guard, and pinned action SHAs were added.Test plan
Automated tests
npm --prefix carpincho-wallet run test(run in CI after the build). Adds a test asserting the builtdist-extension/manifest.jsonversion derives from the rootpackage.json(sanitized). Verified locally: 226 tests pass, lint clean. A temporary root bump to9.8.7-rc.2produced manifest9.8.7and runtime9.8.7-rc.2, then was reverted.Manual verification
package.jsonversion (e.g.v0.1.0) and confirm acarpincho-wallet-0.1.0.zipasset is attached.manifest.jsonversion matches the tag.package.json, or is not Chrome-valid, and confirm the workflow fails at the validation step.Breaking changes
None.
Checklist
Screenshots
None.