Problem

Currently the Docker image for the action is built ad-hoc for each execution. Given that it installs npm modules, it takes around a 45-60 seconds on average.

Suggestion

I would suggest building this image and pushing it to DockerHub (and also Quay.io given the restrictions DockerHub is about to enable) so that the image is just pulled. AFAIK GitHub caches some of the Docker images in their infra which would make it even faster.

Current behavior

Action always errors with:

Failed step "publish" of plugin "@semantic-release/github"
✖ An error occurred while running semantic-release: RequestError [HttpError]: Cookies must be enabled to use GitHub.

Expected behavior

GitHub publish should work

Notes

Seems to be related to: semantic-release/github#271

Environment

• semantic-release version: master (1.3.1)
• CI environment: GitHub actions
• Plugins used: /
• semantic-release configuration:

on:
  push:
    branches: [master]
jobs:
  version-bumb-and-tag:
    name: Version bumb and tag
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
      - uses: codfish/semantic-release-action@master
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}```

- CI logs:

```[10:49:42 AM] [semantic-release] › ✔  Completed step "publish" of plugin "@semantic-release/npm"
[10:49:42 AM] [semantic-release] › ℹ  Start step "publish" of plugin "@semantic-release/github"
[10:49:42 AM] [semantic-release] › ✖  Failed step "publish" of plugin "@semantic-release/github"
[10:49:42 AM] [semantic-release] › ✖  An error occurred while running semantic-release: RequestError [HttpError]: Cookies must be enabled to use GitHub.
    at /action/node_modules/@octokit/request/dist-node/index.js:66:23
    at processTicksAndRejections (internal/process/task_queues.js:97:5) {
  status: 403,```

This is a feature request to customize what directory to run semantic release in. This is useful when compiling a dist folding and wanting to only publish that.

Semantic-release/npm has a pkgRoot option available https://github.com/semantic-release/npm#options

And there is also a cwd accepted https://github.com/semantic-release/semantic-release/blob/master/index.js#L250

I'm not exactly sure which is needed for this though.

PENDING: Github actions update in second week of september actions/toolkit#96

steps:
  - uses: actions/checkout@master

  # you'll need to add an `id` in order to access output variables
  - uses: codfish/semantic-release-action@master
    id: semantic
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

  - name: docker push version
    if: steps.semantic.outputs.new-release-published == "true"
    run: |
      docker tag $DOCKER_REGISTRY/your-image $DOCKER_REGISTRY/your-image:$TAG
      docker push $DOCKER_REGISTRY/your-image:$TAG
    env:
      DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }}
      TAG: v$RELEASE_VERSION

As of today, v14 is in Maintenance mode and v16 is the active LTS version.

https://nodejs.org/en/about/releases/

Is there a reason you use v12 in the Docker image? Would you mind to bump to v16?

Hi, I am using the action in a couple of my repositories and the action started throwing the following error:

[10:08:30 AM] [semantic-release] › ✖  An error occurred while running semantic-release: RequestError [HttpError]: Cookies must be enabled to use GitHub.
    at /action/node_modules/@octokit/request/dist-node/index.js:66:23
    at processTicksAndRejections (internal/process/task_queues.js:97:5) {
  status: 403,
...

It looks like it's a bug in semantic-release/github. I have filed an issue in their repository. For others, just adding how to mitigate this:

      - name: "Determine release version"
        uses: codfish/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GITHUB_URL: "https://api.github.com" # This overrides the default value

When built/pulled the container ends up being 1.16GB which slows down our CI. By switching it to use node-alpine it can be reduced to 297MB and possibly further if the Dockerfile is modified more (However I haven't tried to optimise it further as it stands).

hello world

Does anyone knows the reason?

[3:10:00 PM] [semantic-release] › ℹ Running semantic-release version 17.0.7
[3:10:00 PM] [semantic-release] › ✖ An error occurred while running semantic-release: Error: Cannot find module '@semantic-release/changelog'

If I were to use an extra plugin that this action doesn't use, by default, it does not install it. Is this expected? Feels like this action could install all plugins defined.

I'm getting the following warning even after bumping up to v2:

Here's the link in the image, in case it's helpful: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

I have a workflow running on a GitHub Enterprise runner and need to override certain NPM directories/files like ~/.npm and ~/.npmrc.

The step below shows the environment variables I use in other actions. But for some reason the default ~/.npm location is being used instead of /home/github/npm_cache. If I exec into the container running this job, and set those environment variables manually, /home/github/npm_cache will be used correctly.

Does anyone know if these environment variables, NPM_CONFIG_PREFIX and NPM_CONFIG_GLOBALCONFIG, can be used with this action? Or another way to override them?

      - name: NPM configuration
        run: |
          echo '${{ secrets.NPMRC }}' | base64 -d > /home/github/.npmrc
          echo 'cache=/home/github/npm_cache' >> /home/github/.npmrc

      - name: Semantic Release
        id: semantic-release
        uses: codfish/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
          GIT_CONFIG_GLOBAL: /home/github/.gitconfig
          NPM_CONFIG_PREFIX: /home/github/node_modules
          NPM_CONFIG_GLOBALCONFIG: /home/github/.npmrc
        with:
          branches: |
            [
              "main"
            ]
          additional_packages: |
            [
              "@google/semantic-release-replace-plugin",
              "@semantic-release/git"
            ]
          plugins: |
            [
              "@semantic-release/commit-analyzer",
              "@semantic-release/release-notes-generator",
              ["@semantic-release/github", {
                "githubUrl": "https://test.github.example.com",
                "githubApiPathPrefix": "/api/v3"
              }],
              ["@google/semantic-release-replace-plugin", {
                "replacements": [
                  {
                    "files": ["Chart.yaml"],
                    "from": "version: .*",
                    "to": "version: ${nextRelease.version}",
                    "results": [
                      {
                        "file": "Chart.yaml",
                        "hasChanged": true,
                        "numMatches": 1,
                        "numReplacements": 1
                      }
                    ],
                    "countMatches": true
                  }
                ]
              }],
              ["@semantic-release/git", {
                  "assets": ["Chart.yaml"]
              }]
            ]

I get the following message in the CI:

[7:55:03 PM] [semantic-release] › ℹ  Running semantic-release version 22.0.5
...
...
...
[7:55:05 PM] [semantic-release] › ℹ  This test run was triggered on the branch develop, while semantic-release is configured to only publish from main, therefore a new version won’t be published.

I want to release in the develop branch therefore my release.config.js is:

/**
 * @type {import('semantic-release').GlobalConfig}
 */
module.exports = {
  branches: ["develop"],
  // ...
};

I'm trying to run a script in the NPM prepack lifecycle hook script, as recommended by the semantic release docs, to sign the artifacts right before they are packed for publishing.

It executes fine when running semantic-release locally, but not when running in this action. Here's an example of the error message being returned:
https://github.com/47ng/sceau/actions/runs/3685799334/jobs/6237204982#step:8:66

npm WARN lifecycle [email protected]~prepack: cannot run in wd [email protected] node ./dist/cli.js sign (wd=/github/workspace)

A possible lead could be user permissions when running in a Docker context:
https://stackoverflow.com/questions/57008653/why-does-npm-not-run-prepublishonly-in-docker

Error: The `set-env` command is deprecated and will be disabled on November 16th. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/

Do the maintainers of this project have plans to fix this before the deadline?

I was looking through this action and found myself confused by the branch input that it accepts. I couldn't find any documentation for it from semantic-release, just branches.

I think part of my confusion stems from the fact that I am new to semantic-release. I checked their release notes and noticed that in version 16 they dropped branch in favor of branches.

If I'm understanding correctly how GitHub Actions works, this action will always use ^17.x.x, according to its package.json. I think this all points to the branch input not doing anything and should be removed?

Possibly moot, but what was the use case for this? It seems likes it's just overriding .releaserc, so I think I'm still missing something.

Hey,

I've been using this action for a while now but today I'm encountering something weird:

Even though I have a bunch of commits that should trigger a new release, this happens on the analyze step and then nothing.

I've tried v2.0.0 to v3 (the latter broke in a different way) but nothing worked. This exact actions file has worked before with 2.2.0 which this log is for.
Any ideas?

I think it would be better if the release-version and other outputs would be set to the calculated version even if no new release is created.
Or at least it should be noted in the readme that this is not the case.

Helo Team,

Thanks for the useful action.

I'm trying to release major of my app. when I add "Breaking Change:" in my commit the major version is not getting updated. I tried all the below things.

BREAKING CHANGE:
BREAKING CHANES:
! BREAKING CHANGE:
Also tried adding commit analyzer plugin and rules

Nothing works. Please guide me on how to bump up major version using the codefish action

https://www.google.com/search?q=Alpine+image+DNS+issues&oq=Alpine+image+DNS+issues&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIKCAEQABiABBiiBDIKCAIQABiABBiiBNIBBzE1OWowajeoAgCwAgA&sourceid=chrome&ie=UTF-8#ip=1

Follow up to #202.

Should migrate to slim image to achieve close to same results with less risk.

CC @rdash99

When upgrading from v1 to v2, running this action on self-hosted runners causes the cloned repo on the runner to be owned by root, causing subsequent runs of the same workflow to fail, due to not having enough permissions to access the repo on the runner.

On initial runs of a workflow containing this action, the repo is checked out, owned by the user the runner is installed in. This action then modifies the repo to be owned by root. The next time the same workflow is ran, it is not able to checkout the repo, due to not having enough permission to modify the cloned repo on the runner.

This is confirmed by sshing into the runner itself, and checking the permissions of the cloned repo

hello

We have a use case where we need to evaluate the next version of a build for short-lived/feature branches and during PR.

It works for feature branches when setting dry_run: true but for PR, we also need to set noCI so semantic-release could evaluate the release and not throwing an error.

It would be nice if this action could support any core options.

Regards,