chore(ci): add publish workflows for monorepo W-19398854

[cristiand391]

What does this PR do?

Adds publishing workflows for the new monorepo structure (the current ones on main are disabled bc they only work on single repos).

Out of scope:

• no CTC integration (we didn't have it in the previous workflows anyway, should be added before GA)
• pre-releases are supported for the DX MCP server but not providers

General overview

We have yarn v1 monorepo with the following structure of packages:

➜  mcp git:(cd/fix-publish-workflows) tree packages -L 1
packages
├── EXAMPLE-MCP-PROVIDER
├── mcp
├── mcp-provider-api
├── mcp-provider-code-analyzer
└── mcp-provider-dx-core

where:

• mcp is the main DX MCP server
• mcp-provider-api is the lib that provider implementers consume
• mcp-provider-* are the DX MCP providers that live inside our monorepo
• EXAMPLE-MCP-PROVIDER: example code only, no need to publish it

The top-level package.json is just for the monorepo organization and doesn't get published.

Release strategy

mcp consumes providers as npm packages, so if you make a change in the dx-core provider and want to release that you need to:

1. publish the dx-core provider to npm with your change
2. bump it in the packages/mcp/package.json and do a server release.

NOTE: same applies to providers outside the monorepo (lwc, mobile, etc)

DX MCP Server

This is a manual process that you can trigger by running the publish-mcp-server workflow.
The workflow supports 3 params;

• update-providers(boolean): bumps all providers in packages/mcp/package.json
• providers-to-update(comma-separated values): list of providers to bump (to bump one or a specific set instead of all)
• prerelease(boolean): to trigger a prerelease

MCP provider modules

This is an automated process for specific modules (providers-api and dx-core) that triggers releases on each commit push.
For providers that don't want automated publishes and follow a specific release cadence they can trigger the workflow manually.

Either automated or manual, for each provider the workflow will:

1. detect which providers should be published based on files changed in the pushed commits

2. publish them to npm (matrix job)

3. push an additional commit that bumps them in packages/mcp/package.json.

4. is needed so that when you checkout main you ensure packages/mcp is pickup up the code inside packages/mcp-provider-<module> instead an old version on npm (same version matches make it resolve to local one).

What issues does this PR fix or reference?

@W-19398854@

[iowillhoit]

Could we change this to 'packages/mcp-provider-*/**? That way new teams do not need to add new paths here

[iowillhoit]

Ah, nevermind. Down below we have an array of packages. So instead we need to uncomment - 'packages/mcp-provider-code-analyzer/** here and then add some documentation on adding a new provider

[cristiand391]

So instead we need to uncomment - 'packages/mcp-provider-code-analyzer/** here and then add some documentation on adding a new provider

it's commented out on purpose, the automated release is only enabled for the provider-api and dx-core modules because we own them but code-analyzer might want to have their own release cadence (manual release).

For instance, CA folks might be working on features for 2 weeks and merging stuff into main but without releasing that package, so if we need to trigger a server release during that time they are safe because @salesforce/mcp will be referring to their last published npm pkg.

[iowillhoit]

Note for the future: We may want to use https://github.com/salesforcecli/github-workflows/blob/main/.github/actions/yarnInstallWithRetries/action.yml

We could add a --frozen-lockfile input

[iowillhoit]

Does this mv need a -f?

[cristiand391]

nope, I see the release commits are right after this file rename.
fwiw, this is just a workaround due to a dependency issue that blocks us from doing yarn add ... (it fails due to eslint v8 and v9 issues)

[iowillhoit]

Note for the future: We may want to add a npx yarn-deduplicate && yarn install here