-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathpublish-template.yml.ejs
48 lines (43 loc) · 1.29 KB
/
publish-template.yml.ejs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# For every push to the primary branch with .release-plan.json modified,
# runs release-plan.
name: Publish Stable
on:
workflow_dispatch:
push:
branches:
- main
- master
paths:
- '.release-plan.json'
concurrency:
group: publish-${{ github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
publish:
name: "NPM Publish"
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
id-token: write
attestations: write
steps:
- uses: actions/checkout@v4<% if (pnpm) { %>
- uses: pnpm/action-setup@v4<% if (!hasPackageManager) { %>
with:
version: 9<% } %><% } %>
- uses: actions/setup-node@v4
with:
node-version: 18
# This creates an .npmrc that reads the NODE_AUTH_TOKEN environment variable
registry-url: 'https://registry.npmjs.org'<% if (pnpm) { %>
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Publish to NPM
run: NPM_CONFIG_PROVENANCE=true pnpm release-plan publish<% } else { %>
- run: npm ci
- name: Publish to NPM
run: npx release-plan publish --provenance<% } %>
env:
GITHUB_AUTH: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}