From 758a4cf587587f17aef08ae43fd26df47695d2c8 Mon Sep 17 00:00:00 2001 From: Braden Simpson <727605+bradens@users.noreply.github.com> Date: Mon, 22 Jun 2026 11:51:11 -0700 Subject: [PATCH 1/2] ci: add patch-bump workflow and cut GitHub Release on tag --- .github/workflows/bump.yml | 34 ++++++++++++++++++++++++++++++++++ .github/workflows/release.yml | 5 +++++ 2 files changed, 39 insertions(+) create mode 100644 .github/workflows/bump.yml diff --git a/.github/workflows/bump.yml b/.github/workflows/bump.yml new file mode 100644 index 0000000..0519e92 --- /dev/null +++ b/.github/workflows/bump.yml @@ -0,0 +1,34 @@ +name: Bump version + +# Bumps the patch version, commits, and pushes a v* tag. +# Pushing the tag triggers release.yml, which builds, publishes to npm, +# and cuts a GitHub Release. +# +# Triggered manually or remotely (e.g. from company-z/supergraph production CI) +# via workflow_dispatch. The token used to push must be a PAT / GitHub App token +# so that the resulting tag push re-triggers release.yml (the default GITHUB_TOKEN +# does not trigger downstream workflows). + +on: + workflow_dispatch: + +jobs: + bump: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ secrets.SDK_RELEASE_TOKEN }} + - uses: actions/setup-node@v4 + with: + node-version: 20 + - uses: pnpm/action-setup@v4 + - name: Configure git + run: | + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + - name: Bump patch version and tag + run: pnpm version patch -m "chore(release): %s" + - name: Push commit and tag + run: git push --follow-tags diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bd6e732..8d3f3fd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,3 +22,8 @@ jobs: - run: pnpm publish --access public --no-git-checks env: NODE_AUTH_TOKEN: ${{secrets.CODEX_SDK_NPM_TOKEN}} + - name: Create GitHub Release + uses: softprops/action-gh-release@v2 + with: + tag_name: ${{ github.ref_name }} + generate_release_notes: true From 54662416c3f3eb20363c2c8acac196d4c42e5595 Mon Sep 17 00:00:00 2001 From: Braden Simpson <727605+bradens@users.noreply.github.com> Date: Mon, 22 Jun 2026 12:02:58 -0700 Subject: [PATCH 2/2] ci: drop comment block from bump.yml --- .github/workflows/bump.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/bump.yml b/.github/workflows/bump.yml index 0519e92..3b2920d 100644 --- a/.github/workflows/bump.yml +++ b/.github/workflows/bump.yml @@ -3,11 +3,6 @@ name: Bump version # Bumps the patch version, commits, and pushes a v* tag. # Pushing the tag triggers release.yml, which builds, publishes to npm, # and cuts a GitHub Release. -# -# Triggered manually or remotely (e.g. from company-z/supergraph production CI) -# via workflow_dispatch. The token used to push must be a PAT / GitHub App token -# so that the resulting tag push re-triggers release.yml (the default GITHUB_TOKEN -# does not trigger downstream workflows). on: workflow_dispatch: