name: 'Release: Publish' on: pull_request: types: - closed branches: - 'release/*' jobs: publish-to-npm: name: Publish to NPM runs-on: ubuntu-latest if: github.event.pull_request.merged == true timeout-minutes: 10 permissions: id-token: write env: NPM_CONFIG_PROVENANCE: true outputs: release: ${{ steps.set-release.outputs.release }} steps: - name: Checkout uses: actions/checkout@v4.1.1 with: fetch-depth: 0 - run: corepack enable - uses: actions/setup-node@v4.0.2 with: node-version: 20.x cache: 'pnpm' - run: pnpm install --frozen-lockfile - name: Set release version in env run: echo "RELEASE=$(node -e 'console.log(require("./package.json").version)')" >> $GITHUB_ENV - name: Build run: pnpm build - name: Dry-run publishing run: pnpm publish -r --no-git-checks --dry-run - name: Publish to NPM run: | echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc node .github/scripts/trim-fe-packageJson.js node .github/scripts/ensure-provenance-fields.mjs sed -i "s/default: 'dev'/default: 'stable'/g" packages/cli/dist/config/schema.js pnpm publish -r --publish-branch ${{github.event.pull_request.base.ref}} --access public --tag rc --no-git-checks npm dist-tag rm n8n rc - id: set-release run: echo "release=${{ env.RELEASE }}" >> $GITHUB_OUTPUT publish-to-docker-hub: name: Publish to DockerHub needs: [publish-to-npm] runs-on: ubuntu-latest if: github.event.pull_request.merged == true timeout-minutes: 10 steps: - name: Checkout uses: actions/checkout@v4.1.1 with: fetch-depth: 0 - name: Set up QEMU uses: docker/setup-qemu-action@v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3.0.0 - name: Login to GitHub Container Registry uses: docker/login-action@v3.0.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login to DockerHub uses: docker/login-action@v3.0.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Build uses: docker/build-push-action@v5.1.0 with: context: ./docker/images/n8n build-args: | N8N_VERSION=${{ needs.publish-to-npm.outputs.release }} platforms: linux/amd64,linux/arm64 provenance: false push: true tags: | ${{ secrets.DOCKER_USERNAME }}/n8n:${{ needs.publish-to-npm.outputs.release }} ghcr.io/${{ github.repository_owner }}/n8n:${{ needs.publish-to-npm.outputs.release }} create-github-release: name: Create a GitHub Release needs: [publish-to-npm, publish-to-docker-hub] runs-on: ubuntu-latest if: github.event.pull_request.merged == true timeout-minutes: 5 permissions: contents: write id-token: write steps: - name: Create a Release on GitHub uses: ncipollo/release-action@v1 with: commit: ${{github.event.pull_request.base.ref}} tag: 'n8n@${{ needs.publish-to-npm.outputs.release }}' prerelease: true makeLatest: false body: ${{github.event.pull_request.body}} trigger-release-note: name: Trigger a release note needs: [publish-to-npm, create-github-release] if: github.event.pull_request.merged == true runs-on: ubuntu-latest steps: - name: Trigger a release note run: curl -u docsWorkflows:${{ secrets.N8N_WEBHOOK_DOCS_PASSWORD }} --request GET 'https://internal.users.n8n.cloud/webhook/trigger-release-note' --header 'Content-Type:application/json' --data '{"version":"${{ needs.publish-to-npm.outputs.release }}"}' merge-back-into-master: name: Merge back into master needs: [publish-to-npm, create-github-release] if: ${{ github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'release:patch') }} runs-on: ubuntu-latest steps: - uses: actions/checkout@v4.1.1 with: fetch-depth: 0 - run: | git checkout --track origin/master git config user.name "github-actions[bot]" git config user.email 41898282+github-actions[bot]@users.noreply.github.com git merge --ff n8n@${{ needs.publish-to-npm.outputs.release }} git push origin master git push origin :${{github.event.pull_request.base.ref}}