chore: release automation #130
Conversation
| - uses: actions/setup-node@v3 | ||
| with: | ||
| node-version-file: .nvmrc | ||
| cache: pnpm |
There was a problem hiding this comment.
the simplification overall boils down to this. setup-node natively supports caching pnpm, so there's no need for a custom setup
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: |
There was a problem hiding this comment.
this is the recommended setup to avoid running this workflow too many times.
| npm-token: ${{ secrets[format('NPM_TOKEN_{0}', github.actor)] || secrets.NPM_TOKEN }} | ||
| optic-token: ${{ secrets[format('OPTIC_TOKEN_{0}', github.actor)] || secrets.OPTIC_TOKEN }} |
There was a problem hiding this comment.
these secrets need to be set up in the repo and a decision needs to be made about who can release.
There was a problem hiding this comment.
The OPTIC_TOKEN is not required if I use an npm publish token right?
There was a problem hiding this comment.
correct. the npm automation token allows you to bypass 2FA. if you want to go that way the release process is simpler (though less secure of course). you would still need to decide whether to have a single NPM token or one per person who can release. the second option allows to restrict who can release to only the people who have a NPM_TOKEN_{username} configured in the repo secrets
There was a problem hiding this comment.
Perfect, I already set up an NPM_TOKEN for the next release. Next week we'll catch up to decide who has the rights to make a release, thanks a lot for this PR
simoneb
force-pushed
the
chore/release-automation
branch
from
016f73d to
b3d299e
Compare
Adds https://github.com/nearform/optic-release-automation-action and takes the chance to refactor the existing CI script, which was unnecessarily complex.