Skip to content

Commit 07c362f

Browse files
authored
Merge pull request #291 from albe/copilot/add-npm-release-workflow
Add GitHub Actions workflow to publish npm package on GitHub release
2 parents 3ca0058 + 73c54f4 commit 07c362f

3 files changed

Lines changed: 91 additions & 0 deletions

File tree

.github/workflows/npm-publish.yml

Lines changed: 89 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,89 @@
1+
name: npm publish
2+
3+
on:
4+
release:
5+
types: [published]
6+
7+
permissions: {}
8+
9+
jobs:
10+
verify:
11+
runs-on: ubuntu-latest
12+
13+
permissions:
14+
contents: read
15+
16+
steps:
17+
- uses: actions/checkout@v6
18+
with:
19+
persist-credentials: false
20+
- uses: actions/setup-node@v6
21+
with:
22+
node-version: '22.x'
23+
- run: npm ci
24+
25+
- name: Pack
26+
run: npm pack
27+
28+
- name: Verify pack contents
29+
run: |
30+
TARBALL=$(ls event-storage-*.tgz)
31+
FILES=$(tar tzf "$TARBALL")
32+
echo "$FILES"
33+
34+
# Required files must be present
35+
REQUIRED=(
36+
"package/index.js"
37+
"package/src/EventStore.js"
38+
"package/src/Storage.js"
39+
"package/src/Partition.js"
40+
"package/src/Index.js"
41+
"package/src/metadataUtil.js"
42+
)
43+
for f in "${REQUIRED[@]}"; do
44+
echo "$FILES" | grep -qF "$f" || { echo "ERROR: required file '$f' is missing from the package"; exit 1; }
45+
done
46+
47+
# Sensitive / unwanted files must not be present
48+
FORBIDDEN=(
49+
"\.env"
50+
"node_modules/"
51+
"/data/"
52+
)
53+
for pattern in "${FORBIDDEN[@]}"; do
54+
if echo "$FILES" | grep -qE "$pattern"; then
55+
echo "ERROR: package contains files matching forbidden pattern '$pattern'"
56+
exit 1
57+
fi
58+
done
59+
60+
echo "Package contents verified successfully."
61+
62+
- name: Install pack into bench and run smoke test
63+
run: |
64+
TARBALL="$(pwd)/$(ls event-storage-*.tgz)"
65+
cd bench
66+
npm ci
67+
npm install --no-save "$TARBALL"
68+
npm run bench
69+
70+
publish:
71+
needs: verify
72+
runs-on: ubuntu-latest
73+
74+
permissions:
75+
contents: read
76+
id-token: write
77+
78+
steps:
79+
- uses: actions/checkout@v6
80+
with:
81+
persist-credentials: false
82+
- uses: actions/setup-node@v6
83+
with:
84+
node-version: '22.x'
85+
registry-url: 'https://registry.npmjs.org'
86+
- run: npm ci
87+
- run: npm publish --provenance --access public
88+
env:
89+
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,3 +12,4 @@ node_modules
1212
/stress-test/writer-stats.json
1313
/site
1414
/data
15+
*.tgz

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,7 @@
4040
"*/Storage/*.js",
4141
"src/WatchesFile.js",
4242
"src/util.js",
43+
"src/metadataUtil.js",
4344
"index.js"
4445
],
4546
"license": "MIT",

0 commit comments

Comments
 (0)