Skip to content
release

fix(ci): expand permissions #9

Sign in to view logs

fix(ci): expand permissions

fix(ci): expand permissions #9

Workflow file for this run

.github/workflows/release.yml at c52a3ad
name: release
on:
push:
pull_request:
branches:
- main
permissions:
contents: write # to be able to publish a GitHub release
issues: write # to be able to comment on released issues
pull-requests: write # to be able to comment on released pull requests
id-token: write # to enable use of OIDC for npm provenance
jobs:
test-build:
runs-on: ubuntu-latest
strategy:
matrix:
# Run the steps below with the following versions of Node.js
node-version: [16.x, 18.x, 20.x]
env:
NODE_ENV: dev
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: npm install
- name: Build
run: npm run build
release-dry:
if: github.ref != 'refs/heads/main'
runs-on: ubuntu-latest
needs: [test-build]
env:
NODE_ENV: dev
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Node.js
uses: actions/setup-node@v1
with:
node-version: 20.x
- name: Install dependencies
run: npm install
- name: Build
run: npm run build
- name: Release (dry)
run: npm run release:dry
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
release:
# Only release on push to mastmainer
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
# Waits for test jobs for each Node.js version to complete
needs: [test-build]
env:
NODE_ENV: dev
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Node.js
uses: actions/setup-node@v1
with:
node-version: 20.x
- name: Install
run: npm install
- name: Release
run: npm run release
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}