1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
# This file is automatically added by @npmcli/template-oss. Do not edit.
name: Release Integration
on:
workflow_dispatch:
inputs:
releases:
required: true
type: string
description: 'A json array of releases. Required fields: publish: tagName, publishTag. publish check: pkgName, version'
workflow_call:
inputs:
releases:
required: true
type: string
description: 'A json array of releases. Required fields: publish: tagName, publishTag. publish check: pkgName, version'
secrets:
PUBLISH_TOKEN:
required: true
permissions:
contents: read
id-token: write
jobs:
publish:
name: Publish
runs-on: ubuntu-latest
defaults:
run:
shell: bash
permissions:
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ fromJSON(inputs.releases)[0].tagName }}
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
uses: actions/setup-node@v4
id: node
with:
node-version: 22.x
check-latest: contains('22.x', '.x')
- name: Install Latest npm
uses: ./.github/actions/install-latest-npm
with:
node: ${{ steps.node.outputs.node-version }}
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund
- name: Set npm authToken
run: npm config set '//registry.npmjs.org/:_authToken'=\${PUBLISH_TOKEN}
- name: Publish
env:
PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }}
RELEASES: ${{ inputs.releases }}
run: |
EXIT_CODE=0
for release in $(echo $RELEASES | jq -r '.[] | @base64'); do
PUBLISH_TAG=$(echo "$release" | base64 --decode | jq -r .publishTag)
npm publish --provenance --tag="$PUBLISH_TAG"
STATUS=$?
if [[ "$STATUS" -eq 1 ]]; then
EXIT_CODE=$STATUS
fi
done
exit $EXIT_CODE
|
