From acc15f2bf8681fac8c4e637eb77451234a8d9de8 Mon Sep 17 00:00:00 2001 From: Jason Karns Date: Wed, 29 May 2024 22:31:58 -0400 Subject: [PATCH] Release to npm registry --- .github/workflows/release.yml | 21 +++++++++++++++++++-- .github/workflows/test.yml | 10 ++-------- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a542031..483652e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,9 +7,13 @@ on: default: true required: false type: boolean + npm_scope: # FIXME until setup-node infers scope from package.json + description: 'Name of scope to publish package under.' + default: nodenv + required: false + type: string -permissions: - contents: write +permissions: {contents: write} jobs: github: @@ -39,3 +43,16 @@ jobs: steps: - uses: actions/checkout@v4 - run: git push -f origin "HEAD:${GITHUB_REF%%.*}" + + npm: + permissions: {id-token: write} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: # FIXME https://github.com/actions/setup-node/pull/129 + scope: ${{ inputs.npm_scope }} + registry-url: https://registry.npmjs.org + - run: npm publish --provenance + env: + NODE_AUTH_TOKEN: ${{ secrets.NPMJS_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e07327c..2799446 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,17 +10,11 @@ jobs: - run: npm cit super-linter: + permissions: {contents: read, packages: read, statuses: write} runs-on: ubuntu-latest - permissions: - contents: read - packages: read - statuses: write # to report status checks steps: - uses: actions/checkout@v4 - with: - # super-linter needs the full git history to get the - # list of files that changed across commits - fetch-depth: 0 + with: {fetch-depth: 0} - uses: super-linter/super-linter/slim@v6 env: GITHUB_TOKEN: ${{ github.token }}