fix(repo): vercel deploy with GH_NPM_REGISTRY_TOKEN secret #534
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - 'support/**' | |
| env: | |
| GH_NPM_REGISTRY_TOKEN: ${{ secrets.GH_NPM_REGISTRY_TOKEN }} | |
| NPM_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }} | |
| TURBO_TELEMETRY_DISABLED: 1 | |
| DO_NOT_TRACK: 1 | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: false | |
| jobs: | |
| release: | |
| if: "!contains(github.event.head_commit.message, '[skip ci]')" | |
| name: Release and Publish | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| packages: write | |
| steps: | |
| # zizmor: ignore[artipacked] | |
| # Credentials needed for semantic-release to push version bumps; no artifacts uploaded in this workflow | |
| - name: Checkout code | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.RELEASE_TOKEN }} | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 | |
| with: | |
| node-version: 22 | |
| cache: 'pnpm' | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Cache Turborepo | |
| uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 | |
| with: | |
| path: .turbo | |
| key: ${{ runner.os }}-turbo-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-turbo- | |
| - name: Build packages | |
| run: pnpm build | |
| - name: Run tests | |
| run: pnpm test | |
| - name: Setup git user | |
| run: | | |
| git config --global user.name "semantic-release-bot" | |
| git config --global user.email "semantic-release-bot@users.noreply.github.com" | |
| - name: Release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} | |
| NPM_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }} | |
| GH_NPM_REGISTRY_TOKEN: ${{ secrets.GH_NPM_REGISTRY_TOKEN }} | |
| HUSKY: 0 | |
| run: pnpm release | |
| - name: Commit changelogs and package updates | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} | |
| run: | | |
| if [ -n "$(git status --porcelain)" ]; then | |
| # Get list of changed packages | |
| CHANGED_PACKAGES=$(git diff --name-only | grep 'packages/\|web-packages/' | cut -d'/' -f2 | sort -u | tr '\n' ', ' | sed 's/,$//') | |
| git add --all | |
| git commit -m "chore(release): version bump [skip ci]" -m "Packages: $CHANGED_PACKAGES" | |
| if ! git push; then | |
| echo "::error::Failed to push version bump commit" | |
| echo "This may indicate a conflict or permission issue" | |
| exit 1 | |
| fi | |
| echo "✓ Pushed version bump commit" | |
| else | |
| echo "No changes to commit" | |
| fi |