Show HN: AnglerCI – Validation for versions, changelogs, and releasing (NPM,Git)

3 points

3 years ago

I am spinning up a new monorepo at work. Our frontend code is in a sad state, so we’re working on progressively rewriting pages as micro-frontends and a design system in a GitHub Enterprise repo.

As part of this, I’m revisiting the tooling for JS-ish monorepos. I’ve used NPM, Yarn, PNPM, Rush, and Nx. I prefer NPM because it’s simple, and battle hardened. Its workspace features are great for everything except versioning and releasing. But that’s okay, I believe tools should have fairly constrained scopes, and that the best tools provide a foundation to build on top of. I’ve also used Lerna, and recently discovered Lerna-Lite which has exactly what I use in Lerna, and omits most of the things I don’t use. It seemed perfect. Let’s gooooo!

So, I setup the repo and the basic tooling, lerna-lite and commitizen to GitHub PR and Release actions, tested it out, and it works like a charm! Then I turn on branch protection. And… everything breaks.

It turns out that the `GITHUB_TOKEN` just cannot be configured to allow pushing (version bumps) to a protected branch. Okay, there has to be a solution for this. Well, kinda. You can create a service user with a PAT that can bypass protected branch restrictions, or define a custom GitHub app that can do the same. Those open up big security holes though. At that point, you might as well turn branch protection off (almost). How about some sort of tooling that doesn’t require pushing? There are a couple that _might_ work. But, they don’t support monorepos, or they want to take over the repo, or their solution using tags is fragile.

Back to the drawing board. What if you just updated versions and changelogs by hand? It’s not that much overhead, but it could be difficult to coordinate and/or educate people to do. So, maybe there’s tooling to make sure everyone does it right?

There wasn’t… but maybe now there is! Tada! Angler CI. It works with GitHub actions and protected branches.