Skip to content
Release

6.3.1 #195

Sign in to view logs

6.3.1

6.3.1 #195

Workflow file for this run

.github/workflows/release.yml at 1917c50
name: Release
on:
pull_request:
types: [closed]
branches: [main]
env:
NODE_VERSION: 23.x
permissions:
contents: read
jobs:
build:
name: Build
if: ${{ github.event.pull_request.merged }}
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # actions/attest-build-provenance
attestations: write # actions/attest-build-provenance
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODE_VERSION }}
registry-url: https://registry.npmjs.org
- name: Cache npm
uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Set env
run: |
tag=$(npm pkg get version | xargs)
echo "tag=${tag}" >> "$GITHUB_ENV"
echo "prerelease=$([ ${tag##*-*} ] && echo false || echo true)" >> "$GITHUB_ENV"
- name: Install dependencies
run: |
npm ci
- name: Build
run: |
npm run build --if-present
- name: Pack
id: pack
run: |
{
echo "packages<<EOF"
npm pack --workspaces --json
echo EOF
} >> "$GITHUB_OUTPUT"
- name: Build Attestations
uses: actions/attest-build-provenance@db473fddc028af60658334401dc6fa3ffd8669fd # v2.3.0
with:
subject-path: |
**/*.tgz
- name: Upload artifact
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ env.tag }}
path: |
**/package.json
**/*.tgz
outputs:
tag: ${{ env.tag }}
prerelease: ${{ env.prerelease }}
release:
name: Release
needs: build
runs-on: ubuntu-latest
permissions:
contents: write # softprops/action-gh-release
steps:
- name: Setup Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODE_VERSION }}
registry-url: https://registry.npmjs.org
- name: Download artifact
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # 4.3.0
with:
name: ${{ needs.build.outputs.tag }}
- name: Release
# Replaces actions/create-release & actions/upload-release-asset (deprecated)
uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 # v2.2.2
with:
draft: true
prerelease: ${{ needs.build.outputs.prerelease }}
tag_name: ${{ needs.build.outputs.tag }}
generate_release_notes: true
# Disabled, covered by GitHub Attestations & npm
#files: |
# **/*.tgz
outputs:
tag: ${{ needs.build.outputs.tag }}
prerelease: ${{ needs.build.outputs.prerelease }}
publish:
name: Publish
needs: release
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # npm publish
steps:
- name: Setup Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODE_VERSION }}
registry-url: https://registry.npmjs.org
- name: Download artifact
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # 4.3.0
with:
name: ${{ needs.release.outputs.tag }}
- name: npm publish (next)
if: ${{ needs.release.outputs.prerelease == 'true' }}
run: |
find . -name '*.tgz' -exec npm publish --tag next --provenance --access public {} \;
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: npm publish (latest)
if: ${{ needs.release.outputs.prerelease == 'false' }}
run: |
find . -name '*.tgz' -exec npm publish --tag latest --provenance --access public {} \;
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}