Publish to npm #23
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to npm | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| mode: | |
| description: Release mode | |
| required: true | |
| default: dry-run | |
| type: choice | |
| options: | |
| - dry-run | |
| - publish | |
| permissions: | |
| contents: write | |
| id-token: write | |
| concurrency: | |
| group: publish-libs-${{ github.ref }} | |
| cancel-in-progress: false | |
| jobs: | |
| publish: | |
| name: Version and publish libraries | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Ensure publish runs from main | |
| if: github.event.inputs.mode == 'publish' && github.ref_name != 'main' | |
| run: | | |
| echo "Publishing must be dispatched from the main branch. Use dry-run mode to test from other branches." | |
| exit 1 | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| ssh-key: ${{ secrets.RELEASE_DEPLOY_KEY }} | |
| - name: Setup Bun | |
| uses: oven-sh/setup-bun@v2 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: "24" | |
| - name: Verify trusted publishing runtime requirements | |
| run: node .github/scripts/verify-trusted-publishing-runtime.mjs | |
| - name: Install dependencies | |
| run: bun install --frozen-lockfile | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@v1 | |
| with: | |
| toolchain: stable | |
| targets: wasm32-unknown-unknown | |
| - name: Install wasm-pack | |
| uses: jetli/wasm-pack-action@v0.4.0 | |
| with: | |
| version: v0.13.1 | |
| - name: Configure Git author | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| - name: Ensure release plans exist | |
| run: bash .github/scripts/ensure-release-plans-exist.sh | |
| - name: Create release commit and tags | |
| run: npx nx release --skip-publish --preid alpha | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Format package.json files and amend release commit | |
| run: bash .github/scripts/format-package-json-and-amend.sh | |
| - name: Push release commit and tags | |
| if: github.event.inputs.mode == 'publish' | |
| run: git push origin HEAD:main --follow-tags | |
| - name: Force Nx publish executor to npm for OIDC | |
| run: node .github/scripts/force-nx-publish-package-manager-npm.cjs | |
| - name: Dry-run Publish packages to npm | |
| if: github.event.inputs.mode == 'dry-run' | |
| run: npx nx release publish --dry-run | |
| - name: Publish packages to npm | |
| if: github.event.inputs.mode == 'publish' | |
| run: npx nx release publish |