chore: flow-up for trusted publishing (#217) #528
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| # default semantic-release branches | |
| - +([0-9])?(.{+([0-9]),x}).x | |
| - main | |
| - next | |
| - next-major | |
| - beta | |
| - alpha | |
| pull_request: | |
| schedule: | |
| - cron: 0 0 * * 0 | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: write # to be able to publish a GitHub release | |
| id-token: write # to enable use of OIDC for npm provenance | |
| issues: write # to be able to comment on released issues | |
| pull-requests: write # to be able to comment on released pull requests | |
| jobs: | |
| lint: | |
| name: ⬣ Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: ⎔ Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 18 | |
| - name: 📥 Install dependencies | |
| run: npm install | |
| - name: ▶️ Run lint script | |
| run: npm run lint | |
| test: | |
| name: 🧪 Test (Node@${{ matrix.node }}) | |
| strategy: | |
| matrix: | |
| node: [12.0.0, 12, 14.0.0, 14, 16.0.0, 16, 17.0.0, 17, 18.0.0, 18, 19, 20] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: ⎔ Setup Node v${{ matrix.node }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node }} | |
| - name: 📥 Install dependencies | |
| run: npm install | |
| - name: ▶️ Run test script | |
| run: npm run test | |
| - name: ⬆️ Upload coverage report | |
| uses: codecov/codecov-action@v3 | |
| release: | |
| name: 🚀 Release | |
| needs: [lint, test] | |
| runs-on: ubuntu-latest | |
| if: github.repository == 'eslint-community/regexpp' && | |
| contains('refs/heads/main,refs/heads/next,refs/heads/beta,refs/heads/alpha', | |
| github.ref) && github.event_name == 'push' | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: ⎔ Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| # node 24 is required for semantic-release@v25. | |
| # However, `lts/*` may point to v24 in the near future, so it's better to use `lts/*`. | |
| node-version: 24 | |
| # npm 11.5.1 or later is required so update to latest to be sure | |
| - name: Update npm | |
| run: npm install -g npm@latest | |
| - name: 📥 Install dependencies | |
| run: npm install | |
| - name: 🚀 Release | |
| uses: cycjimmy/semantic-release-action@v5 | |
| with: | |
| # semantic-release@v25 is required for trusted publishing. | |
| # https://github.com/semantic-release/semantic-release/releases/tag/v25.0.1 | |
| semantic_version: 25 | |
| branches: | | |
| [ | |
| '+([0-9])?(.{+([0-9]),x}).x', | |
| 'main', | |
| 'next', | |
| 'next-major', | |
| {name: 'beta', prerelease: true}, | |
| {name: 'alpha', prerelease: true} | |
| ] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: true |