Skip to content

Commit 0cbafc3

Browse files
committed
ci: update release.yml to be consistent with sidebase
1 parent eb8cd3b commit 0cbafc3

1 file changed

Lines changed: 54 additions & 26 deletions

File tree

.github/workflows/release.yml

Lines changed: 54 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1,49 +1,77 @@
1-
name: Release
1+
name: Release on NPM
22

33
on:
4-
push:
5-
branches:
6-
- "main"
7-
- "beta"
8-
- "next"
9-
- "3.x"
10-
- "v4"
11-
pull_request:
12-
workflow_dispatch:
4+
release:
5+
types: [published] # runs when a GitHub Release is published
6+
7+
permissions:
8+
contents: read
9+
id-token: write # required for npm provenance
1310

1411
env:
1512
NODE_VER: 24.14
16-
WORKING_DIR: packages/next-auth
13+
CI: true
1714

1815
defaults:
1916
run:
2017
working-directory: packages/next-auth
2118

2219
jobs:
23-
test:
24-
name: Test
20+
publish:
21+
name: Publish package from release tag
22+
# Run only when tag is in the format `vX.Y.Z` produced by `npm version`
23+
if: startsWith(github.event.release.tag_name, 'v')
2524
runs-on: ubuntu-latest
25+
2626
steps:
27-
- name: Init
28-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
27+
- name: Check out the tag referenced by this release
28+
uses: actions/checkout@v5
2929
with:
30-
fetch-depth: 2
30+
ref: ${{ github.event.release.tag_name }}
31+
fetch-depth: 0
3132

3233
- name: Install pnpm
33-
uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320
34+
uses: pnpm/action-setup@v4
3435
with:
3536
run_install: false
36-
cache_dependency_path: ${{ env.WORKING_DIR }}/pnpm-lock.yaml
3737

38-
- name: Setup Node
39-
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f
38+
- name: Setup Node.js and pnpm
39+
uses: actions/setup-node@v4
4040
with:
4141
node-version: ${{ env.NODE_VER }}
42-
cache: pnpm
43-
cache-dependency-path: ${{ env.WORKING_DIR }}/pnpm-lock.yaml
42+
cache: 'pnpm'
43+
# This is required for `setup-node` to generate the registry URL into .npmrc
44+
# See https://github.com/actions/setup-node/blob/5e2628c959b9ade56971c0afcebbe5332d44b398/action.yml#L17-L18
45+
registry-url: 'https://registry.npmjs.org/'
46+
47+
- name: Verify tag matches package.json version
48+
run: |
49+
TAG="${{ github.event.release.tag_name }}"
50+
PKG_VERSION=$(node -p "require('./package.json').version")
51+
if [ "v$PKG_VERSION" != "$TAG" ]; then
52+
echo "::error ::Tag ($TAG) does not match package.json version (v$PKG_VERSION)"
53+
exit 1
54+
fi
55+
56+
- name: Install deps
57+
run: |
58+
pnpm --version
59+
pnpm install --frozen-lockfile
60+
61+
# Note: no build step because npm publish would run `prepublishOnly` script which builds the package
62+
63+
- name: Publish to npm with provenance
64+
run: |
65+
TAG="${{ github.event.release.tag_name }}"
66+
67+
# Stable release (vX.Y.Z)
68+
if echo "$TAG" | grep -Eq '^v[0-9]+\.[0-9]+\.[0-9]+$'; then
69+
npm publish --provenance --access public
4470
45-
- name: Install dependencies
46-
run: pnpm i --frozen-lockfile
71+
# Pre-release (vX.Y.Z-*)
72+
elif echo "$TAG" | grep -Eq '^v[0-9]+\.[0-9]+\.[0-9]+-'; then
73+
npm publish --provenance --access public --tag next
4774
48-
- name: Build
49-
run: pnpm build
75+
else
76+
echo "Not a valid release tag ($TAG), skipping publish."
77+
fi

0 commit comments

Comments
 (0)