From 3373f059e6ee74bfeb9b52f77edc541be86b717a Mon Sep 17 00:00:00 2001
From: Richard Hansen <rhansen@rhansen.org>
Date: Tue, 5 Jan 2021 16:11:29 -0500
Subject: [PATCH] Plugin publish workflow: Run `git push` before `npm publish`

---
 bin/plugins/lib/npmpublish.yml | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/bin/plugins/lib/npmpublish.yml b/bin/plugins/lib/npmpublish.yml
index 8d94ce88a..2e0cf2405 100644
--- a/bin/plugins/lib/npmpublish.yml
+++ b/bin/plugins/lib/npmpublish.yml
@@ -64,10 +64,20 @@ jobs:
       - run: git config user.email '41898282+github-actions[bot]@users.noreply.github.com'
       - run: npm ci
       - run: npm version patch
+      - run: git push --follow-tags
+      # `npm publish` must come after `git push` otherwise there is a race
+      # condition: If two PRs are merged back-to-back then master/main will be
+      # updated with the commits from the second PR before the first PR's
+      # workflow has a chance to push the commit generated by `npm version
+      # patch`. This causes the first PR's `git push` step to fail after the
+      # package has already been published, which in turn will cause all future
+      # workflow runs to fail because they will all attempt to use the same
+      # already-used version number. By running `npm publish` after `git push`,
+      # back-to-back merges will cause the first merge's workflow to fail but
+      # the second's will succeed.
       - run: npm publish
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-      - run: git push --follow-tags
 
-##ETHERPAD_NPM_V=1
+##ETHERPAD_NPM_V=2
 ## NPM configuration automatically created using bin/plugins/updateAllPluginsScript.sh