-
Notifications
You must be signed in to change notification settings - Fork 6
107 lines (93 loc) · 3.32 KB
/
publish-wasm-internal.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
name: Publish @bitwarden/sdk-internal
run-name: Publish @bitwarden/sdk-internal ${{ inputs.release_type }}
on:
workflow_dispatch:
inputs:
release_type:
description: "Release Options"
required: true
default: "Release"
type: choice
options:
- Release
- Dry Run
version:
description: "Release Version"
required: false
defaults:
run:
working-directory: crates/bitwarden-wasm-internal/npm
jobs:
setup:
name: Setup
runs-on: ubuntu-22.04
outputs:
release-version: ${{ steps.version-output.outputs.version }}
steps:
- name: Checkout repo
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
run: |
if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
echo "==================================="
echo "[!] Can only release from the 'main' branch"
echo "==================================="
exit 1
fi
- name: Version output
id: version-output
run: |
if [ -z ${{ inputs.version }} ]; then
BRANCH=${{ github.head_ref || github.ref_name }}
VERSION=0.2.0-${BRANCH/\//-}.${{ github.run_number }}
echo "version=$VERSION" >> $GITHUB_OUTPUT
else
echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
fi
npm:
name: Publish NPM
runs-on: ubuntu-22.04
needs: setup
steps:
- name: Checkout repo
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Setup Node
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: 20
- name: Login to Azure
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "npm-api-key"
- name: Download artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
workflow: build-wasm-internal.yml
workflow_conclusion: success
branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
artifacts: sdk-internal
path: crates/bitwarden-wasm-internal/npm
- name: Set version
run: |
npm version --no-git-tag-version $VERSION
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VERSION: ${{needs.setup.outputs.release-version}}
- name: Setup NPM
run: |
echo 'registry="https://registry.npmjs.org/"' > ./.npmrc
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc
echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
env:
NPM_TOKEN: ${{ steps.retrieve-secrets.outputs.npm-api-key }}
- name: Publish NPM
if: ${{ inputs.release_type != 'Dry Run' }}
run: npm publish --access public --registry=https://registry.npmjs.org/ --userconfig=./.npmrc