-
Notifications
You must be signed in to change notification settings - Fork 0
70 lines (57 loc) · 1.83 KB
/
publish.yml
File metadata and controls
70 lines (57 loc) · 1.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: Publish
on:
workflow_dispatch:
push:
tags:
- "v*"
concurrency:
group: publish-${{ github.ref }}
cancel-in-progress: false
jobs:
publish:
name: Publish npm package
runs-on: ubuntu-latest
environment: npm-publish
permissions:
contents: read
id-token: write
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
TURBO_TELEMETRY_DISABLED: "1"
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 22
registry-url: https://registry.npmjs.org
cache: npm
- name: Upgrade npm for trusted publishing
run: npm install --global npm@11.6.2
- name: Restore Turbo local cache
uses: actions/cache@v4
with:
path: .turbo
key: ${{ runner.os }}-turbo-publish-${{ hashFiles('package-lock.json', 'turbo.json', 'tsconfig*.json', 'biome.json', 'src/**', 'scripts/**', '.github/workflows/**') }}
restore-keys: |
${{ runner.os }}-turbo-publish-
${{ runner.os }}-turbo-
- name: Install dependencies
run: npm ci
- name: Verify tag matches package version
if: github.event_name == 'push'
run: |
set -euo pipefail
PACKAGE_VERSION="$(node -p "require('./package.json').version")"
TAG_VERSION="${GITHUB_REF_NAME#v}"
if [ "$PACKAGE_VERSION" != "$TAG_VERSION" ]; then
echo "Tag version $TAG_VERSION does not match package version $PACKAGE_VERSION"
exit 1
fi
- name: Lint, typecheck, and build
run: npx turbo run check:publish-safety lint typecheck build
- name: Pack dry run
run: npx turbo run pack:dry-run
- name: Publish to npm
run: npm publish