Skip to content

Commit 1a83033

Browse files
maximilianimaximiliani
authored
Merge pull request #328 from kit-data-manager/alert-autofix-21
Improved GitHub actions by refactoring and specifying token permissions
2 parents 9785d4a + 0809cdf commit 1a83033

File tree

4 files changed

+85
-58
lines changed

4 files changed

+85
-58
lines changed

.github/workflows/github-npm-publish.yml

Lines changed: 0 additions & 37 deletions
This file was deleted.

.github/workflows/npm-ci.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
name: NPM Clean Install
22

3+
permissions:
4+
contents: read
5+
36
on:
47
push:
58
branches: [ main, dev ]

.github/workflows/publish.yml

Lines changed: 82 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,82 @@
1+
# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
2+
# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
3+
4+
name: Node.js Package
5+
6+
on:
7+
release:
8+
types: [ published ]
9+
workflow_dispatch: # Added manual trigger option
10+
11+
permissions:
12+
contents: read
13+
packages: write
14+
15+
jobs:
16+
build:
17+
runs-on: ubuntu-latest
18+
permissions:
19+
contents: read
20+
steps:
21+
- uses: actions/checkout@v4
22+
- uses: actions/setup-node@v4
23+
with:
24+
node-version: 20
25+
cache: 'npm' # Added caching
26+
- run: npm ci
27+
- run: npx lerna run build
28+
# - run: npx lerna run test
29+
- name: Upload build artifacts
30+
uses: actions/upload-artifact@v4
31+
with:
32+
name: build-output
33+
path: packages/
34+
35+
publish-gpr:
36+
needs: build
37+
runs-on: ubuntu-latest
38+
permissions:
39+
contents: read
40+
packages: write
41+
steps:
42+
- uses: actions/checkout@v4
43+
- uses: actions/setup-node@v4
44+
with:
45+
node-version: 20
46+
cache: 'npm'
47+
registry-url: https://npm.pkg.github.com/
48+
- name: Download build artifacts
49+
uses: actions/download-artifact@v4
50+
with:
51+
name: build-output
52+
path: packages/
53+
- run: npm ci
54+
- run: cp README.md packages/stencil-library
55+
- name: Configure GitHub Packages scope
56+
run: echo "@$(echo '${{ github.repository }}' | cut -d '/' -f 1):registry=https://npm.pkg.github.com" >> .npmrc
57+
- run: npx lerna publish from-package --yes
58+
env:
59+
NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
60+
61+
publish-npm:
62+
needs: build
63+
runs-on: ubuntu-latest
64+
permissions:
65+
contents: read
66+
steps:
67+
- uses: actions/checkout@v4
68+
- uses: actions/setup-node@v4
69+
with:
70+
node-version: 20
71+
cache: 'npm'
72+
registry-url: https://registry.npmjs.org/
73+
- name: Download build artifacts
74+
uses: actions/download-artifact@v4
75+
with:
76+
name: build-output
77+
path: packages/
78+
- run: npm ci
79+
- run: cp README.md packages/stencil-library
80+
- run: npx lerna publish from-package --yes
81+
env:
82+
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}

.github/workflows/real-npm-publish.yml

Lines changed: 0 additions & 21 deletions
This file was deleted.

0 commit comments

Comments
 (0)