Publish release #67
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| dry-run: | |
| type: boolean | |
| description: 'Run the release in dry run mode' | |
| required: false | |
| default: true | |
| projects: | |
| type: string | |
| description: 'Subset of projects to release' | |
| required: false | |
| default: '' | |
| version-override: | |
| type: string | |
| description: 'Override the release version' | |
| required: false | |
| schedule: | |
| - cron: '0 4 * * 1' # Every Monday at 4:00 UTC | |
| permissions: read-all | |
| # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. | |
| # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. | |
| concurrency: | |
| group: release | |
| cancel-in-progress: false | |
| jobs: | |
| main: | |
| permissions: | |
| pull-requests: write | |
| id-token: write | |
| environment: npm | |
| name: Release to NPM | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Create GitHub App Token | |
| uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 | |
| id: app-token | |
| with: | |
| app-id: ${{ vars.RELEASER_APP_ID }} | |
| private-key: ${{ secrets.RELEASER_PK }} | |
| - name: Get GitHub App User ID | |
| id: get-user-id | |
| run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" | |
| env: | |
| GH_TOKEN: ${{ steps.app-token.outputs.token }} | |
| - name: Configure Git | |
| run: | | |
| git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]' | |
| git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com' | |
| - name: Checkout code | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| fetch-depth: 0 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 | |
| with: | |
| node-version: 20 | |
| registry-url: https://registry.npmjs.org/ | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci --legacy-peer-deps | |
| - name: Build | |
| run: npx nx run-many -t build | |
| - name: Release to NPM | |
| run: npx nx release ${{ (github.event_name == 'workflow_dispatch' && github.event.inputs.version-override) && github.event.inputs.version-override || '' }} ${{ (github.event_name == 'workflow_dispatch' && github.event.inputs.dry-run == 'true') && '--dryRun' || '--yes' }} ${{ (github.event_name == 'workflow_dispatch' && github.event.inputs.projects) && '-p' || '' }} ${{ (github.event_name == 'workflow_dispatch' && github.event.inputs.projects) && github.event.inputs.projects || '' }} | |
| env: | |
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_ACCESS_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: true | |
| NPM_CONFIG_ACCESS: public |