Skip to content

Release ➤ Publish to NPM #21

Release ➤ Publish to NPM

Release ➤ Publish to NPM #21

Workflow file for this run

name: Release
# Workflow name based on selected inputs.
# Fallback to default GitHub naming when expression evaluates to empty string
run-name: >
${{ inputs.release && 'Release ➤ Publish to NPM' || inputs.dryrun && 'Release ➤ Dry-run' || '' }}
on:
pull_request:
push:
branches: [main]
workflow_dispatch:
inputs:
release:
description: 'Publish new release'
default: false
type: boolean
dryrun:
description: 'Dry run'
default: false
type: boolean
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
dryrun:
# only run if opt-in during workflow_dispatch
name: 'Release: Dry-run release process'
if: always() && github.event.inputs.dryrun == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# Need to fetch entire commit history to
# analyze every commit since last release
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: lts/*
cache: npm
- run: npm ci
- run: npx semantic-release --dry-run
if: always()
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}
release:
name: 'Release: Publish to NPM'
permissions:
issues: write # for release notes, comments…
contents: write # for checkout + push + release creation
id-token: write # to enable use of OIDC for npm provenanc
if: always() && github.event.inputs.release == 'true' && github.event.inputs.dryrun == 'false'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# Need to fetch entire commit history to
# analyze every commit since last release
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: lts/*
cache: npm
- run: npm ci
- run: npx semantic-release
# Don't allow interrupting the release step if the job is cancelled, as it can lead to an inconsistent state
# e.g. git tags were pushed but it exited before `npm publish`
if: always() && github.event.inputs.release == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}
NPM_CONFIG_PROVENANCE: true