diff --git a/.github/workflows/publish-common-trigger.yml.yml b/.github/workflows/publish-common-trigger.yml.yml new file mode 100644 index 0000000..57ddb74 --- /dev/null +++ b/.github/workflows/publish-common-trigger.yml.yml @@ -0,0 +1,36 @@ +name: 2. SDK publish RC manual or from master/support + +on: + workflow_dispatch: + pull_request: + types: [closed] + branches: + - 'master' + - 'support/*' + +jobs: + check-branch-for-manual: + if: github.event_name == 'workflow_dispatch' + runs-on: ubuntu-latest + steps: + - name: Check if branch matches pattern + run: | + if ! echo "${{ github.ref_name }}" | grep -q "release/.*-rc"; then + echo "Branch name must match pattern 'release/*-rc'" + exit 1 + fi + + publish-manual: + if: github.event_name == 'workflow_dispatch' + needs: check-branch-for-manual + uses: ./.github/workflows/publish-reusable.yml + with: + branch: ${{ github.ref_name }} + secrets: inherit + + publish-from-pr: + if: github.event_name == 'pull_request' && github.event.pull_request.merged == true + uses: ./.github/workflows/publish-reusable.yml + with: + branch: ${{ github.base_ref }} + secrets: inherit diff --git a/.github/workflows/publish-from-master-or-support.yml b/.github/workflows/publish-from-master-or-support.yml deleted file mode 100644 index 9f75a8f..0000000 --- a/.github/workflows/publish-from-master-or-support.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: SDK publish from master or support branch - -on: - pull_request: - types: [closed] - branches: - - 'master' - - 'support/*' - -jobs: - call-reusable: - if: ${{ github.event.pull_request.merged == true }} - uses: ./.github/workflows/publish-reusable.yml - with: - branch: ${{ github.base_ref }} - secrets: inherit diff --git a/.github/workflows/publish-manual.yml b/.github/workflows/publish-manual.yml deleted file mode 100644 index c4f2669..0000000 --- a/.github/workflows/publish-manual.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: SDK publish RC manual - -on: - workflow_dispatch: - -jobs: - check-branch: - runs-on: ubuntu-latest - steps: - - name: Check if branch matches pattern - run: | - if ! echo "${{ github.ref_name }}" | grep -q "release/.*-rc"; then - echo "Branch name must match pattern 'release/*-rc' (e.g. release/2.13.2-rc)" - exit 1 - fi - - call-publish-reusable: - needs: check-branch - uses: ./.github/workflows/publish-reusable.yml - with: - branch: ${{ github.ref_name }} - secrets: inherit diff --git a/.github/workflows/publish-reusable.yml b/.github/workflows/publish-reusable.yml index 37efa1a..5e0eb5b 100644 --- a/.github/workflows/publish-reusable.yml +++ b/.github/workflows/publish-reusable.yml @@ -6,6 +6,10 @@ on: branch: required: true type: string + +permissions: + id-token: write + contents: write jobs: checkingVersion: @@ -41,9 +45,9 @@ jobs: with: ref: ${{ inputs.branch }} - name: Setup node JS - uses: actions/setup-node@v2 + uses: actions/setup-node@v4 with: - node-version: 14 + node-version: 'lts/*' registry-url: https://registry.npmjs.org - name: Setup local environment run: yarn @@ -81,9 +85,9 @@ jobs: fi - name: Release env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_CICD_SECRET }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | + npm install -g npm@latest if [ ${{ steps.prerelease_check.outputs.is_prerelease }} == "true" ]; then yarn release ${{ needs.checkingVersion.outputs.newVersion }} --pre-release --no-plugins.@release-it/keep-a-changelog.strictLatest --ci else diff --git a/package.json b/package.json index a867cbf..c16e6d9 100644 --- a/package.json +++ b/package.json @@ -100,7 +100,8 @@ "after:bump": "npx auto-changelog -p" }, "npm": { - "publish": true + "publish": true, + "skipChecks": true }, "github": { "release": true