-
Notifications
You must be signed in to change notification settings - Fork 3
50 lines (41 loc) · 1.28 KB
/
Copy pathdeploy.yml
File metadata and controls
50 lines (41 loc) · 1.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
name: Deploy to npm
on:
workflow_dispatch:
push:
branches:
- master
paths:
- package.json
jobs:
deploy:
runs-on: ubuntu-latest
# Required for npm Trusted Publisher (OIDC)
permissions:
contents: read
id-token: write
steps:
- name: Checkout code
uses: actions/checkout@v4
# Node 24+ ships with npm 11.5.1+ which is required for OIDC trusted publishing
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '24'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Build (sanity check)
run: npm run build
# Guardrail: fail fast if version already exists on npm
- name: Ensure version not already published
run: |
PKG_NAME=$(node -p "require('./package.json').name")
PKG_VERSION=$(node -p "require('./package.json').version")
if npm view "$PKG_NAME@$PKG_VERSION" version >/dev/null 2>&1; then
echo "Version already published: $PKG_NAME@$PKG_VERSION"
exit 1
else
echo "Version not yet published — proceeding."
fi
- name: Publish to npm (Trusted Publisher via OIDC)
run: npm publish --provenance --access public