Skip to content
Release Insiders

ci: add provenance to published packages (#1145) #68

Sign in to view logs

ci: add provenance to published packages (#1145)

ci: add provenance to published packages (#1145) #68

Workflow file for this run

.github/workflows/release-insiders.yml at 957ba2f
name: Release Insiders
on:
push:
branches: [master]
permissions:
contents: read
id-token: write
env:
CI: true
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18]
steps:
- uses: actions/checkout@v3
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
registry-url: 'https://registry.npmjs.org'
- name: Use cached node_modules
id: cache
uses: actions/cache@v3
with:
path: node_modules
key: nodeModules-${{ hashFiles('**/package-lock.json') }}-${{ matrix.node-version }}
restore-keys: |
nodeModules-
- name: Install dependencies
if: steps.cache.outputs.cache-hit != 'true'
run: npm install
- name: Calculate environment variables
run: |
echo "SHA_SHORT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- name: 'Version `heroicons` based on commit: 0.0.0-insiders.${{ env.SHA_SHORT }}'
run: npm version 0.0.0-insiders.${{ env.SHA_SHORT }} --force --no-git-tag-version
- name: 'Version `@heroicons/react` based on commit: 0.0.0-insiders.${{ env.SHA_SHORT }}'
run: npm version 0.0.0-insiders.${{ env.SHA_SHORT }} --force --no-git-tag-version --prefix react
- name: 'Version `@heroicons/vue` based on commit: 0.0.0-insiders.${{ env.SHA_SHORT }}'
run: npm version 0.0.0-insiders.${{ env.SHA_SHORT }} --force --no-git-tag-version --prefix vue
- name: Publish `heroicons`
run: npm publish --provenance --tag insiders
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Publish `@heroicons/react`
run: npm publish ./react --provenance --tag insiders
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Publish `@heroicons/vue`
run: npm publish ./vue --provenance --tag insiders
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}