Update npm publishing workflow to use OIDC instead of tokens #61
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will run tests using node | |
| # For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages | |
| name: Validate npm package | |
| on: | |
| pull_request: | |
| types: [opened, reopened, synchronize] | |
| jobs: | |
| validate: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Git Repository | |
| uses: actions/checkout@v3 | |
| - name: Setup Node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: '20.x' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Validate npm package | |
| run: | | |
| yarn install --frozen-lockfile | |
| yarn run test | |
| npm publish --dry-run | |
| echo "Validating if package version exists in registry. Job will fail if version in package.json already exists..." | |
| npm diff | grep version -q |