From 16a3ea498c12e666b83708db0e9d250b82df91c3 Mon Sep 17 00:00:00 2001
From: David Dal Busco <david.dalbusco@dfinity.org>
Date: Mon, 2 Oct 2023 12:12:51 +0200
Subject: [PATCH] build: publish to npm only if needed (#432)

# Motivation

So far, we've been incrementing the version of all libraries when we publish, even if some of them received no improvements or fixes. I find this approach a bit cumbersome. Since I propose to commit to semantic versioning (#431), a better approach would be most welcomed. That's why this PR introduces a publication script that handles the publishing of libraries only if they were actually modified.

# Changes

- use `shasum` to compare local library with npm and publish only upon differences
---
 .github/workflows/publish.yml | 32 ++------------------------------
 scripts/publish-npm.sh        | 25 +++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 30 deletions(-)
 create mode 100755 scripts/publish-npm.sh

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index a2cba4726..8effd7008 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -20,35 +20,7 @@ jobs:
         run: npm run build --workspaces
       - name: Set up npm
         run: printf '%s\n' '//registry.npmjs.org/:_authToken=${NODE_AUTH_TOKEN}' registry=https://registry.npmjs.org/ always-auth=true >> .npmrc
-      - name: Publish utils
-        run: npm publish --workspace=packages/utils --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-      - name: Publish Ledger
-        run: npm publish --workspace=packages/ledger --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-      - name: Publish NNS-proto
-        run: npm publish --workspace=packages/nns-proto --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-      - name: Publish NNS
-        run: npm publish --workspace=packages/nns --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-      - name: Publish SNS
-        run: npm publish --workspace=packages/sns --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-      - name: Publish CMC
-        run: npm publish --workspace=packages/cmc --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-      - name: Publish ckBTC
-        run: npm publish --workspace=packages/ckbtc --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-      - name: Publish ic-management
-        run: npm publish --workspace=packages/ic-management --provenance --access public
+      - name: Publish
+        run: ./scripts/publish-npm.sh
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
diff --git a/scripts/publish-npm.sh b/scripts/publish-npm.sh
new file mode 100755
index 000000000..48e98d575
--- /dev/null
+++ b/scripts/publish-npm.sh
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+# Reference: NPM RRFC --if-needed https://github.com/npm/rfcs/issues/466
+
+function publish_npm() {
+  local lib=$1
+
+  LOCAL_SHASUM=$(npm pack -w packages/"$lib" --json | jq '.[] | .shasum' | sed -r 's/^"|"$//g')
+
+  NPM_TARBALL=$(npm show @dfinity/"$lib" dist.tarball)
+  NPM_SHASUM=$(curl -s "$NPM_TARBALL" 2>&1 | shasum | cut -f1 -d' ')
+
+  if [ "$LOCAL_SHASUM" == "$NPM_SHASUM" ]; then
+    echo "No changes in @dfinity/$lib need to be published to NPM."
+  else
+    npm publish --workspace=packages/"$lib" --provenance --access public
+  fi
+}
+
+# Tips: libs use by other libs first
+LIBS=utils,ledger,nns-proto,nns,sns,cmc,ckbtc,ic-management
+
+for lib in $(echo $LIBS | sed "s/,/ /g"); do
+  publish_npm "$lib"
+done