⚙️ (jfrog): Add postpack step

LedgerHQ · Sep 23, 2024 · 8712575 · 8712575
1 parent b9c540c
commit 8712575
Showing 1 changed file with 22 additions and 46 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,12 +1,14 @@
 name: publish npm packages
 on:
-  push:
-    branches:
-      - main
+  pull_request:
+  # push:
+  #   branches:
+  #     - main
 
 env:
   FORCE_COLOR: "1"
-  NPM_REGISTRY: jfrog.ledgerlabs.net/artifactory/api/npm/ldk-npm-prod-public
+  # NPM_REGISTRY: jfrog.ledgerlabs.net/artifactory/api/npm/ldk-npm-prod-public
+  NPM_REGISTRY: jfrog.ledgerlabs.net/artifactory/api/npm/ldk-npm-sandbox-green
 
 permissions:
   id-token: write
@@ -22,26 +24,26 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - uses: ./.github/actions/setup-toolchain-composite
+      # - uses: ./.github/actions/setup-toolchain-composite
 
-      - name: install dependencies
-        run: pnpm install
+      # - name: install dependencies
+      #   run: pnpm install
 
-      - name: build libraries
-        run: pnpm build
+      # - name: build libraries
+      #   run: pnpm build
 
-      - name: Login to internal JFrog registry
-        id: jfrog-login
-        uses: LedgerHQ/actions-security/actions/jfrog-login@actions/jfrog-login-1
+      # - name: Login to internal JFrog registry
+      #   id: jfrog-login
+      #   uses: LedgerHQ/actions-security/actions/jfrog-login@actions/jfrog-login-1
 
-      - name: Setup npm config for JFrog
-        env:
-          NPM_REGISTRY_TOKEN: ${{ steps.jfrog-login.outputs.oidc-token }}
-        run: |
-          cat << EOF | tee .npmrc
-          registry=https://${NPM_REGISTRY}/
-          //${NPM_REGISTRY}/:_authToken=${NPM_REGISTRY_TOKEN}
-          EOF
+      # - name: Setup npm config for JFrog
+      #   env:
+      #     NPM_REGISTRY_TOKEN: ${{ steps.jfrog-login.outputs.oidc-token }}
+      #   run: |
+      #     cat << EOF | tee .npmrc
+      #     registry=https://${NPM_REGISTRY}/
+      #     //${NPM_REGISTRY}/:_authToken=${NPM_REGISTRY_TOKEN}
+      #     EOF
 
       - name: Publish
         id: changesets
@@ -51,32 +53,6 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.CI_BOT_TOKEN }}
 
-      - name: Download published packages to attest and sign
-        if: steps.changesets.outputs.published == 'true'
-        env:
-          PUBLISHED_PACKAGE_JSON: published-packages.json
-        run: |
-          # Extract packages name
-          # output will be in the form of: [{"name":"@ledgerhq/package-name","version":"X.X.X"}]
-          cat << EOF | tee $PUBLISHED_PACKAGE_JSON
-          ${{ steps.changesets.outputs.publishedPackages }}
-          EOF
-
-          # Create dist directory
-          mkdir -p dist
-
-          # Loop over package names and download the tarball into dist directory
-          for row in $(cat $PUBLISHED_PACKAGE_JSON | jq -r '.[] | @text'); do
-            PACKAGE_NAME=$(echo $row| jq -r '.name')
-            PACKAGE_VERSION=$(echo $row | jq -r '.version')
-            PACKAGE_NAME_BASENAME=$(basename ${PACKAGE_NAME})
-
-            echo -e "\033[0;32mDownload artifact from\033[0m https://${NPM_REGISTRY}/${PACKAGE_NAME}/-/${PACKAGE_NAME}-${PACKAGE_VERSION}.tgz"
-            curl -H "Authorization: Bearer ${{ steps.jfrog-login.outputs.oidc-token }}" \
-              -o dist/${PACKAGE_NAME_BASENAME}-${PACKAGE_VERSION}.tgz \
-              https://${NPM_REGISTRY}/${PACKAGE_NAME}/-/${PACKAGE_NAME}-${PACKAGE_VERSION}.tgz
-          done
-
       - name: Attest tarball
         if: steps.changesets.outputs.published == 'true'
         uses: LedgerHQ/actions-security/actions/attest@actions/attest-1