Skip to content

Merge pull request #191 from celo-org/renovate/npm-cross-fetch-vulner… #105

Merge pull request #191 from celo-org/renovate/npm-cross-fetch-vulner…

Merge pull request #191 from celo-org/renovate/npm-cross-fetch-vulner… #105

Workflow file for this run

name: Release
on:
push:
branches:
- main
- 'prerelease/*'
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
release:
name: Release
runs-on: ['self-hosted', 'org', 'npm-publish']
permissions:
id-token: write
steps:
- name: Get GitHub Token from Akeyless
id: get_github_token
uses:
docker://us-west1-docker.pkg.dev/devopsre/akeyless-public/akeyless-action:latest
with:
api-url: https://api.gateway.akeyless.celo-networks-dev.org
access-id: p-kf9vjzruht6l
dynamic-secrets: '{"/dynamic-secrets/keys/github/social-connect/contents=write,pull_requests=write":"PAT"}'
- name: Get NPM Token from Akeyless
id: get_npm_token
uses:
docker://us-west1-docker.pkg.dev/devopsre/akeyless-public/akeyless-action:latest
with:
api-url: https://api.gateway.akeyless.celo-networks-dev.org
access-id: p-kf9vjzruht6l
- name: Checkout Repo
uses: actions/checkout@v4
with:
token: ${{ env.PAT }}
- name: Setup Node.js 18.x
uses: actions/setup-node@v4
with:
node-version: 18.x
- name: 'Setup yarn'
shell: bash
run: |
npm install --global yarn
source ~/.bashrc
- name: Install Dependencies
shell: bash
run: yarn
- name: Create Release Pull Request or Publish to npm
id: changesets
uses: changesets/action@v1
if: false
env:
GITHUB_TOKEN: ${{ env.PAT }}
NPM_TOKEN: ${{ env.NPM_TOKEN }}
with:
# This expects you to have a script called release which does a build for your packages and calls changeset publish
publish: yarn release
version: yarn version_and_reinstall