Release #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| - workflow_dispatch | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write # needed for provenance data generation | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup | |
| uses: ./.github/actions/setup | |
| with: | |
| git_bot_token: ${{ secrets.GIT_BOT_TOKEN }} | |
| - name: Release | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: true | |
| # Use npx instead of yarn because yarn automagically sets NPM_* environment variables | |
| # like NPM_CONFIG_REGISTRY so npm publish ends up ignoring the .npmrc file | |
| # which is set up by `setup-node` action. | |
| shell: bash | |
| run: npx nx affected --base=last-release --target=version | |
| - name: Tag last-release | |
| shell: bash | |
| run: git tag -f last-release | |
| - name: Push changes | |
| uses: ad-m/github-push-action@master | |
| with: | |
| github_token: ${{ secrets.GH_TOKEN }} | |
| branch: ${{ github.ref }} | |
| force: true | |
| tags: true |