mirror of
https://github.com/ivuorinen/base-configs.git
synced 2026-01-26 11:14:00 +00:00
82765078d3
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
62 lines
1.6 KiB
YAML
62 lines
1.6 KiB
YAML
name: Publish
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
permissions: read-all
|
|
|
|
jobs:
|
|
Linter:
|
|
name: Lint
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 15
|
|
permissions:
|
|
statuses: write
|
|
contents: write
|
|
packages: write
|
|
issues: write
|
|
pull-requests: write
|
|
|
|
steps:
|
|
- name: Run PR Lint
|
|
# https://github.com/ivuorinen/actions
|
|
uses: ivuorinen/actions/pr-lint@5cc7373a22402ee8985376bc713f00e09b5b2edb # v2025.11.23
|
|
|
|
publish:
|
|
name: Publish
|
|
runs-on: ubuntu-latest
|
|
needs:
|
|
- Linter
|
|
permissions:
|
|
contents: write # to be able to publish a GitHub release
|
|
issues: write # to be able to comment on released issues
|
|
pull-requests: write # to be able to comment on released pull requests
|
|
id-token: write # to enable use of OIDC for trusted publishing and npm provenance
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup Node.js Environment
|
|
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
registry-url: "https://registry.npmjs.org"
|
|
scope: "@ivuorinen"
|
|
|
|
- name: Install dependencies
|
|
run: yarn
|
|
|
|
- name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
|
|
run: yarn npm audit --environment production
|
|
|
|
- name: Release
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
|
|
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
run: yarn semantic-release
|