Skip to content

ci: publish codemods as trusted publisher #314

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Xstoudi wants to merge 4 commits into
base: main
Choose a base branch
from
Open

ci: publish codemods as trusted publisher #314

Xstoudi wants to merge 4 commits into from
+18 −7

Conversation

@Xstoudi
Copy link

@Xstoudi Xstoudi commented Dec 22, 2025

Opening this PR as an implementation example of @AugustinMauroy proposal in #307.

If merged, you'll probably want to delete the CODEMOD_TOKEN secret.
No other configuration should be required as nodejs org on GitHub is also nodejs org on Codemod.

Fixes #307 if merged

@AugustinMauroy
Copy link
Member

AugustinMauroy commented Dec 23, 2025

FYI: the proposal from Codemod team

Fact:

  • first publish need to be done from local env like Jacob or me
  • then link the codemod on registry to the repo
  • end next version will be published by the CI

But now we don't have any problems with that just create a tags.

So idk what is the best world @nodejs/userland-migrations what do you think ?

@mohebifar
Copy link
Member

mohebifar commented Dec 24, 2025

first publish need to be done from local env like Jacob or me

That won't not needed if you use OIDC publishers. As long as the github actions is run in a repo in the nodejs org matching the @nodejs scope in codemod.

then link the codemod on registry to the repo

That again is not needed as long as the codemods are scoped @nodejs/.

JakobJingleheimer
JakobJingleheimer requested changes Dec 26, 2025
View reviewed changes
avivkeller
avivkeller reviewed Dec 26, 2025
View reviewed changes
Copy link
Member

@avivkeller avivkeller left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Define the permissions inside the job.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@avivkeller avivkeller avivkeller left review comments

@JakobJingleheimer JakobJingleheimer Awaiting requested review from JakobJingleheimer

@mohebifar mohebifar Awaiting requested review from mohebifar

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

setup(publish): use trusted published

5 participants

@Xstoudi @AugustinMauroy @mohebifar @JakobJingleheimer @avivkeller