From 33f86439ce275c0a57c31395695618e9e26de0ae Mon Sep 17 00:00:00 2001
From: trevor-anderson <trevor@nerdware.cloud>
Date: Wed, 5 Jun 2024 13:25:06 -0400
Subject: [PATCH] ci: mv npm publish functionality to semantic-release

---
 .github/workflows/cicd.yaml | 44 ++++++-------------------------------
 .npmignore                  |  5 -----
 package.json                |  8 +++++++
 3 files changed, 15 insertions(+), 42 deletions(-)
 delete mode 100644 .npmignore

diff --git a/.github/workflows/cicd.yaml b/.github/workflows/cicd.yaml
index 5517d83..cfdd341 100644
--- a/.github/workflows/cicd.yaml
+++ b/.github/workflows/cicd.yaml
@@ -10,7 +10,8 @@ on:
 permissions:
   attestations: write #  to generate artifact attestations for dist assets
   contents: write #      to checkout the code and create a release
-  id-token: write #      to publish to npm using OIDC
+  id-token: write #      to enable use of OIDC for npm provenance
+  issues: write #        to be able to comment on released issues
   pull-requests: write # to add coverage reports to a PR
   statuses: write #      to update commit status
 
@@ -31,10 +32,10 @@ jobs:
     if: needs.test.outputs.success == 'true'
     runs-on: ubuntu-latest
     permissions:
-      contents: write # to create a release
-    outputs:
-      new_release_published: ${{ steps.semantic-release.outputs.new_release_published }}
-      new_release_git_tag: ${{ steps.semantic-release.outputs.new_release_git_tag }}
+      attestations: write # to generate artifact attestations for dist assets
+      contents: write #     to create a release
+      id-token: write #     to enable use of OIDC for npm provenance
+      issues: write #       to be able to comment on released issues
     steps:
       - uses: actions/checkout@v4
         with:
@@ -48,36 +49,5 @@ jobs:
             @semantic-release/changelog@6.0.3
             @semantic-release/git@10.0.1
         env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN_PUBLISH_PUBLIC_ORG_SCOPE }}
           GITHUB_TOKEN: ${{ secrets.SEMANTIC_RELEASE_TOKEN }}
-
-  publish:
-    name: Publish
-    needs: release # only publish if a release was created
-    if: needs.release.outputs.new_release_published == 'true'
-    runs-on: ubuntu-latest
-    permissions:
-      attestations: write # to generate artifact attestations for dist assets
-      contents: read #      to checkout the code
-      id-token: write #     to publish to npm using OIDC
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version-file: ".nvmrc"
-          registry-url: "https://registry.npmjs.org"
-      - name: Publish to npm
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN_PUBLISH_PUBLIC_ORG_SCOPE }}
-        run: |
-          npm ci --include=dev
-          npm run build
-
-          latest_or_next_tag=$(
-              [[ ${{ needs.release.outputs.new_release_git_tag }} =~ next ]] &&
-                  echo 'next' ||
-                  echo 'latest'
-          )
-
-          npm publish --provenance --access public \
-              --tag ${{ github.ref }} \
-              --tag $latest_or_next_tag
diff --git a/.npmignore b/.npmignore
deleted file mode 100644
index 1970936..0000000
--- a/.npmignore
+++ /dev/null
@@ -1,5 +0,0 @@
-*
-!dist/**/*
-!LICENSE
-!README.md
-!package.json
diff --git a/package.json b/package.json
index 83c7a36..c9a7710 100644
--- a/package.json
+++ b/package.json
@@ -20,6 +20,9 @@
     "npm": ">=8.0.0"
   },
   "type": "module",
+  "files": [
+    "dist"
+  ],
   "module": "dist/esm/index.js",
   "types": "./dist/esm/index.d.ts",
   "main": "dist/cjs/index.js",
@@ -34,6 +37,11 @@
     }
   },
   "private": false,
+  "publishConfig": {
+    "access": "public",
+    "provenance": true,
+    "registry": "https://registry.npmjs.org/"
+  },
   "repository": {
     "type": "git",
     "url": "https://github.com/Nerdware-LLC/ts-string-helpers.git"