mirror of
https://github.com/tenrok/axios.git
synced 2026-06-08 17:22:34 +03:00
Fabian Meyer
cb8bb2beb2
The release process in this repository is already automated via GitHub Actions, which is a great first step toward creating trust in the supply chain. Recently, NPM has started to support publishing with the `--provenance` flag. This flag creates a link between the GitHub Actions run that created the release and the final artifact on NPM. This linkage further ensures that package installs can be traced back to a specific code revision. For more information on publishing with provenance, please refer to: https://github.blog/2023-04-19-introducing-npm-package-provenance/ Co-authored-by: Jay <jasonsaayman@gmail.com> Co-authored-by: Dmitriy Mozgovoy <robotshara@gmail.com>
64 lines
2.3 KiB
YAML
64 lines
2.3 KiB
YAML
name: Publish
|
|
on:
|
|
pull_request:
|
|
types:
|
|
- closed
|
|
branches:
|
|
- main
|
|
- 'v**'
|
|
workflow_dispatch:
|
|
jobs:
|
|
publish:
|
|
if: github.event_name == 'workflow_dispatch' || (github.event.pull_request.merged == true && github.event.pull_request.head.label == 'axios:release')
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
steps:
|
|
- name: "Release PR info"
|
|
if: github.event_name != 'workflow_dispatch'
|
|
run: echo "PR ${{ github.event.number }}"
|
|
- uses: actions/checkout@v3
|
|
- name: git config
|
|
run: |
|
|
git config user.name "${GITHUB_ACTOR}"
|
|
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
|
|
- uses: actions/setup-node@v3
|
|
with:
|
|
node-version: 18
|
|
registry-url: https://registry.npmjs.org/
|
|
- run: npm ci
|
|
- name: get-npm-version
|
|
id: package-version
|
|
uses: martinbeentjes/npm-get-version-action@main
|
|
- name: Extract release notes
|
|
id: extract-release-notes
|
|
uses: ffurrer2/extract-release-notes@v1
|
|
- name: Check versions
|
|
run: node ./bin/check-build-version.js
|
|
############# TAG RELEASE ##############
|
|
- name: "Push tag v${{ steps.package-version.outputs.current-version }}"
|
|
uses: rickstaa/action-create-tag@v1
|
|
id: tag_version
|
|
with:
|
|
tag: "v${{ steps.package-version.outputs.current-version }}"
|
|
############# GITHUB RELEASE ##############
|
|
- name: "Create a GitHub release v${{ steps.package-version.outputs.current-version }}"
|
|
uses: ncipollo/release-action@v1
|
|
with:
|
|
tag: "v${{ steps.package-version.outputs.current-version }}"
|
|
name: "Release v${{ steps.package-version.outputs.current-version }}"
|
|
body: |
|
|
## Release notes:
|
|
${{ steps.extract-release-notes.outputs.release_notes }}
|
|
############# NPM RELEASE ##############
|
|
- name: Publish the release to NPM
|
|
run: npm publish --provenance --access public
|
|
env:
|
|
NODE_AUTH_TOKEN: ${{secrets.npm_token}}
|
|
###### NOTIFY & TAG published PRs ######
|
|
- name: Notify and tag published PRs
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: node ./bin/actions/notify_published.js --tag v${{ steps.package-version.outputs.current-version }}
|