From 9774bef8a2683131c1293fc195d761fcc18af00f Mon Sep 17 00:00:00 2001 From: fengmk2 Date: Mon, 29 May 2023 16:57:04 +0800 Subject: [PATCH] feat: support npm publish --provenance (#1) https://github.com/pnpm/pnpm/issues/6435 --- .github/workflows/node-release.yml | 3 ++ LICENSE | 1 + README.md | 49 +++++++++++++++++++++--------- scripts/release/index.js | 2 +- 4 files changed, 39 insertions(+), 16 deletions(-) diff --git a/.github/workflows/node-release.yml b/.github/workflows/node-release.yml index 2c8597b..5dcd7e8 100644 --- a/.github/workflows/node-release.yml +++ b/.github/workflows/node-release.yml @@ -33,6 +33,8 @@ on: jobs: Release: + permissions: + id-token: write runs-on: ubuntu-latest defaults: run: @@ -83,6 +85,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }} DRYRUN: ${{ inputs.dryRun }} + NPM_CONFIG_PROVENANCE: true - name: Publish ${{ steps.release.outputs.name }}@${{ steps.release.outputs.release_version }} if: steps.release.outputs.release_version && !inputs.dryRun diff --git a/LICENSE b/LICENSE index 23ce342..fa05813 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,7 @@ MIT License Copyright (c) 2022 Artus.js Working Group +Copyright (c) 2023 - present node-modules and other contributors. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 26deb3b..924866e 100644 --- a/README.md +++ b/README.md @@ -12,8 +12,7 @@ 自动跑 Lint 和 Cov 单测 -> 参考示例:https://github.com/artus-cli/examples/actions - +> 参考示例: - 配置 `npm scripts`: @@ -40,21 +39,40 @@ on: pull_request: branches: [ master, main, next, beta, '*.x' ] - schedule: - - cron: '0 2 * * *' - workflow_dispatch: {} jobs: Job: name: Node.js - uses: artusjs/github-actions/.github/workflows/node-test.yml@v1 + uses: node-modules/github-actions/.github/workflows/node-test.yml@master # 支持以下自定义配置,一般用默认值即可 # with: # os: 'ubuntu-latest, macos-latest, windows-latest' # version: '16, 18' ``` +### 开启 MySQL 和 Redis 服务依赖 + +```yaml +name: CI + +on: + push: + branches: [ master ] + + pull_request: + branches: [ master ] + + workflow_dispatch: {} + +jobs: + Job: + name: Node.js + uses: node-modules/github-actions/.github/workflows/node-test-mysql.yml@master + with: + os: 'ubuntu-latest' +``` + ## 发布 NPM 包 使用 [semantic-release](https://semantic-release.gitbook.io/) 自动发布 NPM 包。 @@ -75,17 +93,18 @@ jobs: ### 版本号规则 根据 Commit Message 自动计算下一个版本号: - - major 大版本:`BREAKING CHANGE` - - minor 特性版本: `feat:` 等 - - patch 补丁版本:`fix:` 等 - - 不发布版本: `chore:` / `docs:` / `style:` 等 - - 详见:https://github.com/semantic-release/commit-analyzer + +- major 大版本:`BREAKING CHANGE` +- minor 特性版本: `feat:` 等 +- patch 补丁版本:`fix:` 等 +- 不发布版本: `chore:` / `docs:` / `style:` 等 +- 详见: **注意:** - - 不支持发布 0.x 版本,master 首次发布将是 1.0.0 版本 - - 如果你不期望直接发布,请在 beta 分支提交代码运行,将发布 `1.0.0-beta.1` 版本 - - 多版本发布实践参见 [semantic-release](https://semantic-release.gitbook.io/semantic-release/recipes/release-workflow/distribution-channels) 文档 +- 不支持发布 0.x 版本,master 首次发布将是 1.0.0 版本 +- 如果你不期望直接发布,请在 beta 分支提交代码运行,将发布 `1.0.0-beta.1` 版本 +- 多版本发布实践参见 [semantic-release](https://semantic-release.gitbook.io/semantic-release/recipes/release-workflow/distribution-channels) 文档 ### 配置方式 @@ -116,7 +135,7 @@ on: jobs: release: name: Node.js - uses: artusjs/github-actions/.github/workflows/node-release.yml@v1 + uses: node-modules/github-actions/.github/workflows/node-release.yml@master secrets: NPM_TOKEN: ${{ secrets.NPM_TOKEN }} GIT_TOKEN: ${{ secrets.GIT_TOKEN }} diff --git a/scripts/release/index.js b/scripts/release/index.js index 0410e58..f53f978 100644 --- a/scripts/release/index.js +++ b/scripts/release/index.js @@ -43,7 +43,7 @@ async function run() { core.setOutput('release_version', nextRelease.version); // cnpm sync - const res = await request(`https://registry-direct.npmmirror.com/-/package/${pkgInfo.name}/syncs`, { method: 'PUT' }); + const res = await request(`https://registry.npmmirror.com/-/package/${pkgInfo.name}/syncs`, { method: 'PUT' }); const { id } = await res.body.json(); const logUrl = `https://registry.npmmirror.com/-/package/${pkgInfo.name}/syncs/${id}/log`; core.setOutput('cnpm_sync_url', logUrl);