search

usermaven / usermaven-js

Usermaven provides instant actionable analytics to grow your SaaS business.
MIT License
1 stars 2 forks source link

chore: Updated GitHub Workflow for RC Versioning #132

Closed seeratawan01 closed 1 week ago

seeratawan01 commented 1 week ago

PR Type

enhancement

Description

Changes walkthrough ๐Ÿ“

Relevant files
Enhancement
cd-develop.yml
Enhance GitHub Workflow for RC Versioning and Package Management
.github/workflows/cd-develop.yml
  • Updated the GitHub workflow to handle RC versioning for multiple
    packages.
  • Added logic to update SDK version separately before other packages.
  • Modified package versioning and dependency updates to include specific
    SDK version.
  • Improved the publishing process to ensure SDK is published first.
    		•  +40/-13 

    ๐Ÿ’ก PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

    github-actions[bot] commented 1 week ago

    PR Reviewer Guide ๐Ÿ”

    Here are some key observations to aid the review process:

    ๐Ÿ… Score: 82
    ๐Ÿงช No relevant tests
    ๐Ÿ”’ No security concerns identified
    โšก Recommended focus areas for review

    Hardcoded Sleep
    Using a hardcoded sleep to wait for the SDK package to be available might lead to unpredictable behavior if the package is not available within the expected time frame. Error Handling
    There is no error handling for npm publish commands which might fail silently.
    Code feedback:
    relevant file.github/workflows/cd-develop.yml
    suggestion       Consider replacing the hardcoded sleep with a more robust mechanism to check if the SDK package is available. For example, you can use a loop that checks the availability of the package every few seconds and breaks once it is available. [important]
    relevant linesleep 10
    relevant file.github/workflows/cd-develop.yml
    suggestion       Add error handling for npm publish commands. You can check the exit status of npm publish and handle any non-zero status by logging an error or retrying the publish command. [important]
    relevant linenpm publish --tag rc --access=public
    relevant file.github/workflows/cd-develop.yml
    suggestion       Consider using a more specific selector than 'packages/*' to avoid unintentional inclusion of non-package directories. You can use a pattern or a predefined list of directories to ensure only valid package directories are processed. [medium]
    relevant linefor package in packages/*; do
    relevant file.github/workflows/cd-develop.yml
    suggestion       To improve maintainability, consider extracting the repeated npmrc token setup into a separate reusable step or script. This can reduce duplication and centralize changes related to npm configuration. [medium]
    relevant lineecho "//registry.npmjs.org/:_authToken=${{ secrets.NODE_AUTH_TOKEN }}" > .npmrc
    github-actions[bot] commented 1 week ago

    PR Code Suggestions โœจ

    Explore these optional code suggestions:

    CategorySuggestion                                                                                                                                    Score
    Best practice
    Add error handling to critical npm commands to prevent continuation on failure ___ **Consider adding error handling for the npm version and npm publish commands to
    ensure the workflow does not continue if these commands fail.** [.github/workflows/cd-develop.yml [69-109]](https://github.com/usermaven/usermaven-js/pull/132/files#diff-4f501c9619899525498594b20a28ab29c8547673701f9285b403540c8c09762fR69-R109) ```diff -npm version $RC_VERSION --no-git-tag-version -npm publish --tag rc --access=public +npm version $RC_VERSION --no-git-tag-version || exit 1 +npm publish --tag rc --access=public || exit 1 ```
    Suggestion importance[1-10]: 9 Why: Adding error handling to the npm commands is crucial to prevent the workflow from continuing if a command fails, which could lead to inconsistent states or deployment failures. This suggestion significantly enhances the robustness of the workflow.
    		9
    Ensure successful navigation back to the root directory to prevent errors ___ **Ensure the directory change back to the root is successful before proceeding to
    avoid errors in subsequent commands.** [.github/workflows/cd-develop.yml [88-110]](https://github.com/usermaven/usermaven-js/pull/132/files#diff-4f501c9619899525498594b20a28ab29c8547673701f9285b403540c8c09762fR88-R110) ```diff -cd ../.. +cd ../.. || exit 1 ```
    Suggestion importance[1-10]: 8 Why: Adding error handling to the directory change command ensures that the script does not proceed if the navigation fails, which could prevent subsequent commands from executing in the wrong directory, thereby avoiding potential errors.
    		8
    Enhancement
    Replace sleep with a dynamic check for package availability ___ **Replace the hardcoded sleep time with a more robust check for package availability
    to avoid potential timing issues.** [.github/workflows/cd-develop.yml [100-101]](https://github.com/usermaven/usermaven-js/pull/132/files#diff-4f501c9619899525498594b20a28ab29c8547673701f9285b403540c8c09762fR100-R101) ```diff -sleep 10 +while ! npm view @usermaven/sdk-js version; do sleep 5; done ```
    Suggestion importance[1-10]: 8 Why: Replacing a fixed sleep duration with a dynamic check ensures that the workflow only proceeds when the package is actually available, reducing the risk of timing issues and improving efficiency.
    		8
    Improve the sed pattern match to target the dependency version more accurately ___ **Use a more specific pattern match in sed to ensure only the intended dependency
    version is updated, avoiding unintended replacements.** [.github/workflows/cd-develop.yml [84]](https://github.com/usermaven/usermaven-js/pull/132/files#diff-4f501c9619899525498594b20a28ab29c8547673701f9285b403540c8c09762fR84-R84) ```diff -sed -i.bak "s|\"@usermaven/sdk-js\": \"workspace:\\*\"|\"@usermaven/sdk-js\": \"$SDK_VERSION\"|" package.json +sed -i.bak "s|\"@usermaven/sdk-js\": \"workspace:[^"]*\"|\"@usermaven/sdk-js\": \"$SDK_VERSION\"|" package.json ```
    Suggestion importance[1-10]: 7 Why: Enhancing the sed pattern to be more specific reduces the risk of unintended replacements, ensuring that only the correct dependency version is updated. This improves the accuracy and reliability of the version update process.
    		7