Skip to content

πŸ’š (release): Release DMK #225

πŸ’š (release): Release DMK

πŸ’š (release): Release DMK #225

Workflow file for this run

name: Publish npm packages
on:
push:
branches:
- main
env:
FORCE_COLOR: "1"
NPM_REGISTRY: jfrog.ledgerlabs.net/artifactory/api/npm/ldk-npm-prod-public
permissions: write-all
jobs:
publish:
environment: Production
runs-on: ledgerhq-device-sdk
steps:
- uses: actions/checkout@v4
- uses: LedgerHQ/device-sdk-ts/.github/actions/setup-toolchain-composite@develop
- name: build libraries
run: pnpm build:libs
- name: Login to internal JFrog registry
id: jfrog-login
uses: LedgerHQ/actions-security/actions/jfrog-login@actions/jfrog-login-1
- name: Setup npm config for JFrog
env:
NPM_REGISTRY_TOKEN: ${{ steps.jfrog-login.outputs.oidc-token }}
run: |
cat << EOF | tee .npmrc
enable-pre-post-scripts=true
registry=https://${NPM_REGISTRY}/
//${NPM_REGISTRY}/:_authToken=${NPM_REGISTRY_TOKEN}
EOF
- name: Create dist directory to store tarball
run: mkdir -p dist
- name: Publish
id: changesets
uses: changesets/action@v1
with:
version: echo "not running version"
publish: pnpm release
env:
GITHUB_TOKEN: ${{ secrets.CI_BOT_TOKEN }}
- name: Attest tarball
if: steps.changesets.outputs.published == 'true'
uses: LedgerHQ/actions-security/actions/attest@actions/attest-1
with:
subject-path: ./dist
# The action currently doesn't support pushing the blob to the registry
- name: Sign tarball
if: steps.changesets.outputs.published == 'true'
uses: LedgerHQ/actions-security/actions/sign-blob@actions/sign-blob-1
with:
path: ./dist