This document describes how to deploy @procoders/astrology-api-client to NPM using GitHub Actions CI/CD.
Before deploying, ensure you have:
- Access to the GitHub repository with admin permissions
- An NPM account with publish access to
@procodersscope - NPM Access Token with publish permissions
- Log in to npmjs.com
- Go to Account Settings → Access Tokens
- Click Generate New Token → Granular Access Token
- Configure the token:
- Token name:
github-actions-astrology - Expiration: Choose appropriate duration (recommend 1 year)
- Packages and scopes: Select
@procoders/astrology-api-client - Permissions: Read and Write
- Token name:
- Copy the generated token (you won't see it again)
- Go to your GitHub repository
- Navigate to Settings → Secrets and variables → Actions
- Click New repository secret
- Add the secret:
- Name:
NPM_TOKEN - Value: Paste your NPM access token
- Name:
- Click Add secret
- Go to Settings → Branches
- Click Add branch protection rule
- Configure for
masterbranch:- Require a pull request before merging
- Require status checks to pass before merging
- Select:
build (18),build (20),build (22)
- Select:
- Require conversation resolution before merging
- Do not allow bypassing the above settings
- Click Create
Developer commits → Push to feature branch → Create PR → Merge to master → Auto release
- On every push/PR: CI workflow runs tests, linting, and build
- On merge to master: Release workflow triggers semantic-release
- Semantic-release:
- Analyzes commit messages
- Determines version bump (major/minor/patch)
- Updates
package.jsonandCHANGELOG.md - Creates GitHub release with auto-generated notes
- Publishes to NPM
Use Conventional Commits format:
| Type | Description | Version Bump |
|---|---|---|
feat: |
New feature | Minor (0.X.0) |
fix: |
Bug fix | Patch (0.0.X) |
docs: |
Documentation only | No release |
style: |
Code style changes | No release |
refactor: |
Code refactoring | No release |
perf: |
Performance improvement | Patch (0.0.X) |
test: |
Adding tests | No release |
build: |
Build system changes | No release |
ci: |
CI configuration | No release |
chore: |
Maintenance | No release |
Breaking changes: Add ! after type or include BREAKING CHANGE: in footer
# Examples
feat: add synastry calculation endpoint
fix: resolve timezone parsing issue
feat!: change API response format
perf: optimize chart rendering by 40%
# Breaking change with footer
feat: redesign client configuration
BREAKING CHANGE: `apiKey` is now required in constructorFor urgent releases without conventional commits:
- Go to Actions → Manual Release
- Click Run workflow
- Select:
- Release type:
patch,minor, ormajor - Dry run: Enable to test without publishing
- Release type:
- Click Run workflow
Triggers: Push to master, Pull requests to master
Jobs:
-
build: Runs on Node.js 22- Install dependencies
- Run ESLint
- Run tests with coverage
- Build package
- Upload coverage to Codecov
-
commitlint: Validates PR commit messages
Triggers: Push to master (after CI passes)
Steps:
- Checkout with full history
- Setup Node.js 20
- Install dependencies
- Build package
- Run tests
- Execute semantic-release
Triggers: Manual dispatch only
Inputs:
release_type: patch | minor | majordry_run: boolean (test mode)
Problem: Commits merged but no release created
Solutions:
- Check commit messages follow conventional format
- Ensure commits include releasable types (
feat:,fix:,perf:) - Verify
NPM_TOKENsecret is set correctly - Check workflow logs in Actions tab
Problem: Release created but NPM publish failed
Solutions:
- Verify NPM token hasn't expired
- Check token has write access to
@procodersscope - Ensure package name isn't already taken
- Check for NPM rate limiting
Problem: PR blocked by commitlint
Solutions:
- Amend commit message to follow convention:
git commit --amend -m "feat: proper message format" git push --force-with-lease - For multiple commits, use interactive rebase:
git rebase -i HEAD~3 # Change 'pick' to 'reword' for commits to fix
Problem: Tests pass on Node 22 but fail on 20 or 18
Solutions:
- Check for Node.js version-specific APIs
- Verify
enginesfield in package.json - Review test environment setup
- Rotate NPM token annually or after team changes
- Enable 2FA on NPM account
- Use granular tokens with minimal permissions
- Review GitHub Actions permissions regularly
- Monitor package for unauthorized publishes
- Check Actions tab for workflow status
- Enable email notifications for failed workflows
- Review security alerts in Security tab
- Monitor download statistics on npmjs.com
- Set up npm audit in CI
- Subscribe to security advisories
This package follows Semantic Versioning:
- MAJOR (X.0.0): Breaking API changes
- MINOR (0.X.0): New features, backward compatible
- PATCH (0.0.X): Bug fixes, backward compatible
For beta/alpha releases, use branches:
betabranch →1.0.0-beta.1alphabranch →1.0.0-alpha.1
To enable, update .releaserc.json:
{
"branches": [
"master",
{ "name": "beta", "prerelease": true },
{ "name": "alpha", "prerelease": true }
]
}# Local development
npm install # Install dependencies
npm run lint # Check code style
npm run test # Run tests
npm run build # Build package
# Before committing
npm run lint:fix # Auto-fix lint issues
npm run format # Format code
# Commit with conventional message
git commit -m "feat: add new endpoint"
# Create PR and merge to master for automatic release- Issues: GitHub Issues
- NPM Package: @procoders/astrology-api-client