-
Notifications
You must be signed in to change notification settings - Fork 38
80 lines (67 loc) · 2.45 KB
/
publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
name: Publish to NPM
run-name: Publish release ${{ github.event.release.tag_name }} to NPM
on:
release:
types: [released] # A release was published, or a pre-release was changed to a release. https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads?actionType=released#release
jobs:
publish:
name: Publish to NPM
runs-on: ubuntu-latest
permissions:
id-token: write # ! Required for GitHub Attestations, removing will create a Sev 0 incident !
attestations: write # ! Required for GitHub Attestations, removing will create a Sev 0 incident !
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Check Input
run: echo "Release Tag - ${{ github.event.release.tag_name }}"
- name: Validate Tag
run: |
if [[ "${{ github.event.release.tag_name }}" =~ ^v?[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Tag ${{ github.event.release.tag_name }} is valid"
else
echo "Tag is invalid"
exit 1
fi
- name: Clean Tag
id: clean-tag
run: |
echo "::set-output name=TAG::$(grep -Eo '[^v]?[0-9]+\.[0-9]+\.[0-9]+$' <<< '${{ github.event.release.tag_name }}')"
- name: Validated Tag
run: echo "package.json version - ${{ steps.clean-tag.outputs.TAG }}"
- name: Setup node
uses: actions/setup-node@v3
with:
node-version-file: ".nvmrc"
registry-url: https://registry.npmjs.org/
- name: Update package.json version
run: |
tmp=$(mktemp)
jq '.version = "${{ steps.clean-tag.outputs.TAG }}"' ./package.json > "$tmp" && mv "$tmp" ./package.json
- name: Install dependencies
run: |
yarn install --frozen-lockfile --network-concurrency 1
- name: Compile contracts
run: |
yarn compile
- name: Build dist files
run: |
rm -rf dist && yarn build
# ! Do NOT remove - this will cause a Sev 0 incident !
- name: Generate SDK attestation
uses: actions/attest-build-provenance@v1
with:
subject-path: |
dist
contracts
README.md
LICENSE.md
package.json
- name: Publish package
uses: JS-DevTools/npm-publish@v1
with:
token: ${{ secrets.CONTRACTS_NPM_TOKEN }}
access: public
tag: "latest"