Migrate to NPM Trusted Publishers (OIDC authentication) (#283) #95
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Please | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: 'Git tag to publish (e.g., mcp-server-azure-devops-v0.1.44). Leave empty to run normal release-please process.' | |
| required: false | |
| type: string | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| issues: write | |
| id-token: write | |
| jobs: | |
| release-please: | |
| runs-on: ubuntu-latest | |
| # Only run release-please if no tag was specified (normal automated flow) | |
| if: ${{ github.event.inputs.tag == '' || github.event.inputs.tag == null }} | |
| steps: | |
| - uses: google-github-actions/release-please-action@v4 | |
| id: release | |
| with: | |
| config-file: .github/release-please-config.json | |
| manifest-file: .github/release-please-manifest.json | |
| # The following steps only run if a new release is created | |
| - name: Checkout code | |
| if: ${{ steps.release.outputs.release_created }} | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ steps.release.outputs.tag_name }} | |
| - name: Setup Node.js | |
| if: ${{ steps.release.outputs.release_created }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 'lts/*' | |
| registry-url: 'https://registry.npmjs.org/' | |
| - name: Install Dependencies | |
| if: ${{ steps.release.outputs.release_created }} | |
| run: npm ci | |
| - name: Build package | |
| if: ${{ steps.release.outputs.release_created }} | |
| run: npm run build | |
| - name: Publish to npm | |
| if: ${{ steps.release.outputs.release_created }} | |
| run: npm publish --provenance --access public | |
| # Manual publish job - runs when a tag is manually specified | |
| manual-publish: | |
| runs-on: ubuntu-latest | |
| # Only run if a tag was manually specified | |
| if: ${{ github.event.inputs.tag != '' && github.event.inputs.tag != null }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.inputs.tag }} | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 'lts/*' | |
| registry-url: 'https://registry.npmjs.org/' | |
| - name: Install Dependencies | |
| run: npm ci | |
| - name: Build package | |
| run: npm run build | |
| - name: Publish to npm | |
| run: npm publish --provenance --access public |