From c2ddc937df32cc3873f99b5201f7d6b13757bcfb Mon Sep 17 00:00:00 2001 From: Patrick Fulton Date: Tue, 28 Oct 2025 15:13:00 -0400 Subject: [PATCH 1/3] feat: enable trusted publishing --- .github/workflows/release.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5b0f1fe..fb3decf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -5,6 +5,10 @@ on: branches: - main +permissions: + id-token: write + contents: read + concurrency: ${{ github.workflow }}-${{ github.ref }} defaults: @@ -23,6 +27,7 @@ jobs: uses: actions/setup-node@v4 with: node-version: 20 + registry-url: 'https://registry.npmjs.org' cache: yarn - name: Install dependencies @@ -37,4 +42,3 @@ jobs: publish: yarn release env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - NPM_TOKEN: ${{ secrets.ADOBE_BOT_NPM_TOKEN }} From 9ed7661e5e763699115cd56e5dec3fc551cf2b5f Mon Sep 17 00:00:00 2001 From: Patrick Fulton Date: Thu, 30 Oct 2025 13:57:06 -0400 Subject: [PATCH 2/3] chore: update permissions, add workflow_dispatch event trigger --- .github/workflows/release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fb3decf..69f89a3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,13 +1,14 @@ name: Release on: + workflow_dispatch: push: branches: - main permissions: id-token: write - contents: read + contents: write concurrency: ${{ github.workflow }}-${{ github.ref }} From e0e92daaeb103058fdbd5e9c787abb777fe7f7de Mon Sep 17 00:00:00 2001 From: Patrick Fulton Date: Thu, 30 Oct 2025 14:14:59 -0400 Subject: [PATCH 3/3] chore: remove publish workflow Netlify is automatically handling our PR deploys without needing this specific workflow. --- .github/workflows/publish.yml | 65 ----------------------------------- 1 file changed, 65 deletions(-) delete mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml deleted file mode 100644 index e1b5b73..0000000 --- a/.github/workflows/publish.yml +++ /dev/null @@ -1,65 +0,0 @@ -name: Verify - # ------------------------------------------------------------- - # This workflow will build and verify pull requests. It will: - # - Build the base branch and the PR branch - # - Compare the compiled output of the two branches - # - Run visual regression tests on the PR branch - # - Publish the PR branch for review - # ------------------------------------------------------------- - -on: - push: - branches: - - main - pull_request: - branches: - - main - types: - - opened - - synchronize - - reopened - - auto_merge_enabled - -defaults: - run: - shell: bash - -jobs: - # ------------------------------------------------------------- - # PUBLISH PR PREVIEW --- # - # ------------------------------------------------------------- - publish_site: - name: Publish preview - runs-on: ubuntu-latest - steps: - - name: Check out code - uses: actions/checkout@v4 - - - name: Use Node LTS version - uses: actions/setup-node@v4 - with: - node-version: 20 - cache: yarn - - - name: Install dependencies - shell: bash - run: yarn install --frozen-lockfile - - - name: Build site - shell: bash - run: yarn site - - ## --- DEPLOY WEBSITE TO NETLIFY --- ## - - name: Deploy - uses: nwtgck/actions-netlify@v3 - with: - publish-dir: dist - production-branch: main - production-deploy: false - netlify-config-path: ./netlify.toml - github-token: ${{ secrets.GITHUB_TOKEN }} - deploy-message: ${{ github.event.pull_request.title }} - env: - NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN_GH_ACTIONS_DEPLOY }} - NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} - timeout-minutes: 10