Publish Package #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Package | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| dry_run: | |
| description: "Dry run (list package contents and release notes without publishing)" | |
| required: false | |
| default: true | |
| type: boolean | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write # to be able to publish a GitHub release | |
| issues: write # to be able to comment on released issues | |
| pull-requests: write # to be able to comment on released pull requests | |
| id-token: write # to enable use of OIDC for npm provenance | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| registry-url: "https://registry.npmjs.org" | |
| cache: pnpm | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Run linting and type checking | |
| run: | | |
| pnpm run lint:biome | |
| pnpm run lint:types | |
| - name: Build package | |
| run: pnpm run build:ts | |
| - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies | |
| run: npm audit signatures | |
| - name: Semantic Release (dry-run) | |
| if: ${{ inputs.dry_run }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: true | |
| run: | | |
| echo "## Semantic Release Dry Run" | |
| echo "This shows what would be released without making any changes:" | |
| echo "" | |
| npx semantic-release --dry-run | |
| echo "" | |
| echo "## Package Contents Preview" | |
| echo "The following files would be included in the npm package:" | |
| echo "" | |
| pnpm pack | |
| - name: Semantic Release | |
| if: ${{ !inputs.dry_run }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: true | |
| run: npx semantic-release | |
| - name: Summary | |
| run: | | |
| if [ "${{ inputs.dry_run }}" == "true" ]; then | |
| echo "## Dry Run Complete" >> $GITHUB_STEP_SUMMARY | |
| echo "Semantic release dry run has been completed. Check the logs above for details on what would be released." >> $GITHUB_STEP_SUMMARY | |
| else | |
| echo "## Release Complete" >> $GITHUB_STEP_SUMMARY | |
| echo "Semantic release has completed successfully! Check the logs above for details." >> $GITHUB_STEP_SUMMARY | |
| echo "Visit the [releases page](https://github.com/${{ github.repository }}/releases) to see the new release." >> $GITHUB_STEP_SUMMARY | |
| fi |