This is a composite action that publishes an NPM package when a PR is merged that updates the version. This action is deisgned to be used with skonves/npm-version.
The following workflow will be triggered when a PR is merged:
# .github/workflows/publish.yml
name: publish
on:
pull_request:
types:
- closed
jobs:
compare:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
outputs:
base_version: ${{ steps.base.outputs.version }}
current_version: ${{ steps.current.outputs.version }}
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.base.sha }}
- id: base
run: echo "version=$(jq -r .version < package.json)" >> "$GITHUB_OUTPUT"
- uses: actions/checkout@v3
- id: current
run: echo "version=$(jq -r .version < package.json)" >> "$GITHUB_OUTPUT"
publish:
needs: compare
if: needs.compare.outputs.base_version != needs.compare.outputs.current_version
runs-on: ubuntu-latest
steps:
- uses: skonves/npm-publish@main
with:
token: ${{ secrets.NPM_TOKEN }}To support NPM Provenance, use the @provenance tag and supply the following permissions:
publish:
# ...
permissions:
contents: write
discussions: write
id-token: write
pull-requests: write
steps:
- uses: skonves/npm-publish@provenance
# ...This action requires that a GitHub secret named NPM_TOKEN is configured that contains an NPM Automation token.
The following article on Medium describes the design philosophy behind this action: Publishing NPM packages without a local environment.