Merge pull request #1848 from finos/fix-release-workflow

kriswest · web-flow · commit cdc754e507e8 · 2026-04-14T17:18:19.000+01:00
Fix release workflow
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -24,7 +24,7 @@ jobs:
       - name: Configure Node
         uses: actions/setup-node@v4
         with:
-          node-version: 20
+          node-version: 22
 
       - name: Install dependencies
         run: npm ci
@@ -43,7 +43,7 @@ jobs:
         id: version
         run: |
           set -euo pipefail
-          VERSION="$(node -p 'require("./package.json").version')"
+          VERSION="$(node -p 'JSON.parse(require("fs").readFileSync("./package.json","utf8")).version')"
           echo "Detected version: $VERSION"
 
           # If version contains a hyphen, it's a prerelease (e.g., 1.2.3-alpha.1)
@@ -61,7 +61,15 @@ jobs:
       - name: Pack workspaces (skip private)
         run: |
           set -euo pipefail
-          for ws in $(npm query ':not(.private)' --workspaces | jq -r '.[].location'); do
+          for ws in $(node -e '
+            const fs = require("fs");
+            const read = (p) => JSON.parse(fs.readFileSync(p, "utf8"));
+            const root = read("./package.json");
+            for (const dir of root.workspaces || []) {
+              const pkg = read("./" + dir + "/package.json");
+              if (!pkg.private) console.log(dir);
+            }
+          '); do
             echo "Packing $ws ..."
             npm pack --workspace "$ws"
           done
@@ -82,6 +90,9 @@ jobs:
     runs-on: ubuntu-latest
     needs: build_and_pack
     steps:
+      - name: Checkout repo (required for npm provenance)
+        uses: actions/checkout@v4
+
       - name: Download packed artifacts
         uses: actions/download-artifact@v4
         with:
@@ -91,7 +102,7 @@ jobs:
       - name: Configure Node for npmjs.org
         uses: actions/setup-node@v4
         with:
-          node-version: 20
+          node-version: 22
           registry-url: https://registry.npmjs.org
           always-auth: true
 
@@ -102,7 +113,7 @@ jobs:
         run: |
           set -euo pipefail
           shopt -s nullglob
-          for tgz in dist-tarballs/*.tgz; do
+          for tgz in ./dist-tarballs/*.tgz; do
             echo "Publishing $tgz to npmjs.org with tag '${PUBLISH_TAG}' ..."
             # --access public needed for first publish of public packages
             npm publish "$tgz" --provenance --access public --tag "${PUBLISH_TAG}"
@@ -122,7 +133,7 @@ jobs:
       - name: Configure Node for GitHub Packages
         uses: actions/setup-node@v4
         with:
-          node-version: 20
+          node-version: 22
           registry-url: https://npm.pkg.github.com
           scope: '@finos'
           always-auth: true
@@ -134,7 +145,8 @@ jobs:
         run: |
           set -euo pipefail
           shopt -s nullglob
-          for tgz in dist-tarballs/*.tgz; do
+          for tgz in ./dist-tarballs/*.tgz; do
             echo "Publishing $tgz to GitHub Packages with tag '${PUBLISH_TAG}' ..."
             # GitHub Packages does not support npm provenance; omit --provenance and --access
             npm publish "$tgz" --tag "${PUBLISH_TAG}"
+          done
