3535 - name : Update npm to latest
3636 run : npm install -g npm@latest
3737
38+ - name : Configure NPM for OIDC (run steps below)
39+ run : |
40+ echo "//registry.npmjs.org/:_authToken=" > "$HOME/.npmrc"
41+ echo "@shopify:registry=https://registry.npmjs.org/" >> "$HOME/.npmrc"
42+
3843id : changesets
3944 name : Create release Pull Request or publish to NPM
4045 uses : changesets/action@e0145edc7d9d8679003495b11f87bd8ef63c0cba # v1.5.3
@@ -49,32 +54,20 @@ jobs:
4954 - name : Temporary manual sync 'latest' tag # will be removed after sync
5055 if : github.event_name == 'workflow_dispatch' && github.ref_name == vars.LATEST_STABLE_VERSION
5156 run : |
52- # 1. Identify which .npmrc npm is actually using
53- NPM_RC=${NPM_CONFIG_USERCONFIG:-$HOME/.npmrc}
54- echo "Writing to: $NPM_RC"
55-
56- # 2. Configure for OIDC and map scope
57- # Forces OIDC authentication for raw run commands
58- echo "//registry.npmjs.org/:_authToken=" > "$NPM_RC"
59- echo "@shopify:registry=https://registry.npmjs.org/" >> "$NPM_RC"
60-
61- # 3. Debug info (contents from above)
62- echo "--- Contents of $NPM_RC ---"
63- cat "$NPM_RC"
57+ # Debug info (contents from above)
58+ echo "--- Contents of $HOME/.npmrc ---"
59+ cat "$HOME/.npmrc"
6460 echo "--- npm identity check ---"
6561 npm whoami --registry=https://registry.npmjs.org/ || echo "whoami failed (expected if OIDC not yet triggered)"
6662
67- # 4. Run with info logging
63+ # Run with info logging
6864 npm dist-tag add @shopify/[email protected] latest --loglevel=info 6965
7066name : Set 'latest' NPM dist tag
7167 if : steps.changesets.outputs.published == 'true' && github.ref_name == vars.LATEST_STABLE_VERSION
7268 env :
7369 PUBLISHED_PACKAGES : ${{ steps.changesets.outputs.publishedPackages }}
7470 run : |
75- # Forces OIDC authentication for raw run commands
76- echo "//registry.npmjs.org/:_authToken=" > "$HOME/.npmrc"
77-
7871 for pkg in $(echo "$PUBLISHED_PACKAGES" | jq -r '.[] | @base64'); do
7972 _jq() {
8073 echo ${pkg} | base64 --decode | jq -r ${1}
0 commit comments