Skip to content

Commit cd46770

Browse files
author
Tanjeem Hossain
authored
Merge pull request #18 from BitGo/DX-2081-trusted-publishing
ci: migrate to OIDC Trusted Publishing
2 parents a6a473c + ba1cae3 commit cd46770

3 files changed

Lines changed: 6853 additions & 4424 deletions

File tree

.github/workflows/main_ci.yml

Lines changed: 32 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,11 @@
11
name: Run Tests
2+
permissions:
3+
# Needed for OIDC Trusted Publishing
4+
id-token: write
5+
# Needed for semantic-release
6+
contents: write
7+
pull-requests: write
8+
issues: write
29

310
on:
411
push:
@@ -11,66 +18,67 @@ jobs:
1118
audit:
1219
runs-on: ubuntu-latest
1320
steps:
14-
- uses: actions/checkout@v2
15-
- uses: actions/setup-node@v1
21+
- uses: actions/checkout@v4
22+
- uses: actions/setup-node@v4
1623
with:
17-
node-version: 12
24+
node-version: 22
1825
registry-url: https://registry.npmjs.org/
1926
- run: npm ci
2027
- run: npm audit --production
2128
unit:
2229
runs-on: ubuntu-latest
2330
steps:
24-
- uses: actions/checkout@v2
25-
- uses: actions/setup-node@v1
31+
- uses: actions/checkout@v4
32+
- uses: actions/setup-node@v4
2633
with:
27-
node-version: 12
34+
node-version: 22
2835
registry-url: https://registry.npmjs.org/
2936
- run: npm ci
3037
- run: npm run unit
3138
coverage:
3239
runs-on: ubuntu-latest
3340
steps:
34-
- uses: actions/checkout@v2
35-
- uses: actions/setup-node@v1
41+
- uses: actions/checkout@v4
42+
- uses: actions/setup-node@v4
3643
with:
37-
node-version: 12
44+
node-version: 22
3845
registry-url: https://registry.npmjs.org/
3946
- run: npm ci
4047
- run: npm run coverage
4148
format:
4249
runs-on: ubuntu-latest
4350
steps:
44-
- uses: actions/checkout@v2
45-
- uses: actions/setup-node@v1
51+
- uses: actions/checkout@v4
52+
- uses: actions/setup-node@v4
4653
with:
47-
node-version: 12
54+
node-version: 22
4855
registry-url: https://registry.npmjs.org/
4956
- run: npm ci
5057
- run: npm run format:ci
5158
gitdiff:
5259
runs-on: ubuntu-latest
5360
steps:
54-
- uses: actions/checkout@v2
55-
- uses: actions/setup-node@v1
61+
- uses: actions/checkout@v4
62+
- uses: actions/setup-node@v4
5663
with:
57-
node-version: 12
64+
node-version: 22
5865
registry-url: https://registry.npmjs.org/
5966
- run: npm ci
6067
- run: npm run gitdiff:ci
6168
lint:
6269
runs-on: ubuntu-latest
6370
steps:
64-
- uses: actions/checkout@v2
65-
- uses: actions/setup-node@v1
71+
- uses: actions/checkout@v4
72+
- uses: actions/setup-node@v4
6673
with:
67-
node-version: 12
74+
node-version: 22
6875
registry-url: https://registry.npmjs.org/
6976
- run: npm ci
7077
- run: npm run lint
7178
release:
7279
if: github.repository_owner == 'BitGo' && github.event_name == 'push' && github.ref_name == 'master'
7380
runs-on: ubuntu-latest
81+
environment: publish-bip174
7482
needs:
7583
- audit
7684
- unit
@@ -79,13 +87,15 @@ jobs:
7987
- gitdiff
8088
- lint
8189
steps:
82-
- uses: actions/checkout@v3
83-
- uses: actions/setup-node@v3
90+
- uses: actions/checkout@v4
91+
- uses: actions/setup-node@v4
8492
with:
85-
node-version: 14
93+
node-version: 22
8694
cache: 'npm'
95+
- name: Ensure npm 11.5.1
96+
run: |
97+
npm install -g npm@11.5.1
8798
- run: npm ci
8899
- run: ./node_modules/.bin/semantic-release
89100
env:
90-
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
91101
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

0 commit comments

Comments
 (0)