Publish on npm with public access (#161) #67
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish package to npmjs | |
# This workflow runs when code is pushed to `main` (i.e: when a pull request is merged) | |
on: | |
push: | |
branches: [main] | |
# Ensure that only once instance of this workflow executes at a time. | |
# If multiple PRs are merged in quick succession, there will only ever be one publish workflow running and one pending. | |
concurrency: ${{ github.workflow }} | |
jobs: | |
version: | |
runs-on: ubuntu-latest | |
# OSBotify will update the version on `main`, so this check is important to prevent an infinite loop | |
if: ${{ github.actor != 'OSBotify' }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: main | |
- name: Decrypt & Import OSBotify GPG key | |
run: | | |
cd .github | |
gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" --output OSBotify-private-key.asc OSBotify-private-key.asc.gpg | |
gpg --import OSBotify-private-key.asc | |
env: | |
LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} | |
- name: Set up git for OSBotify | |
run: | | |
git config --global user.signingkey 367811D53E34168C | |
git config --global commit.gpgsign true | |
git config --global user.name OSBotify | |
git config --global user.email [email protected] | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: '16.x' | |
registry-url: 'https://registry.npmjs.org' | |
- name: Generate branch name | |
run: echo "BRANCH_NAME=OSBotify-bump-version-$(uuidgen)" >> $GITHUB_ENV | |
- name: Create branch for version-bump pull request | |
run: git checkout -b ${{ env.BRANCH_NAME }} | |
- name: Install yarn packages | |
run: yarn install --immutable | |
- name: Update npm version | |
run: yarn version patch | |
- name: Set new version in GitHub ENV | |
run: echo "NEW_VERSION=$(jq '.version' package.json)" >> $GITHUB_ENV | |
- name: Commit version bump | |
run: git commit -am "Bump version to ${{ env.NEW_VERSION }}" | |
- name: Tag version bump | |
run: git tag ${{ env.NEW_VERSION }} | |
- name: Push branch and publish tags | |
run: git push --set-upstream origin ${{ env.BRANCH_NAME }} && git push --tags | |
- name: Create pull request | |
run: | | |
gh pr create \ | |
--title "Update version to ${{ env.NEW_VERSION }}" \ | |
--body "Update version to ${{ env.NEW_VERSION }}" | |
sleep 5 | |
env: | |
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} | |
- name: Auto-approve pull request | |
run: gh pr review --approve ${{ env.BRANCH_NAME }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Auto-merge pull request | |
run: gh pr merge --squash --delete-branch ${{ env.BRANCH_NAME }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build package | |
run: yarn pack | |
- name: Publish to npm | |
run: npm publish --access public | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} |