Skip to content

Commit

Permalink
💚 (release): Push snapshot release to jfrog
Browse files Browse the repository at this point in the history
  • Loading branch information
valpinkman committed Oct 3, 2024
1 parent 5e224ba commit 4ee7572
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 12 deletions.
5 changes: 1 addition & 4 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,8 @@ jobs:

- uses: LedgerHQ/device-sdk-ts/.github/actions/setup-toolchain-composite@develop

- name: install dependencies
run: pnpm install

- name: build libraries
run: pnpm build
run: pnpm build:libs

- name: Login to internal JFrog registry
id: jfrog-login
Expand Down
44 changes: 36 additions & 8 deletions .github/workflows/snapshot_release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ env:
# if no inputs it's considered as a cron job
REF: ${{ inputs.ref || 'develop' }}
TAG: ${{ inputs.tag || 'develop' }}
NPM_TOKEN: ${{ secrets.NPMJS_TOKEN }}
NPM_REGISTRY: jfrog.ledgerlabs.net/artifactory/api/npm/ldk-npm-prod-public

jobs:
snapshot:
Expand All @@ -30,18 +30,46 @@ jobs:

- uses: LedgerHQ/device-sdk-ts/.github/actions/setup-toolchain-composite@develop

- name: install dependencies
run: pnpm install

- name: build libraries
run: pnpm build
run: pnpm build:libs

- name: Login to internal JFrog registry
id: jfrog-login
uses: LedgerHQ/actions-security/actions/jfrog-login@actions/jfrog-login-1

- name: Setup npm config for JFrog
env:
NPM_REGISTRY_TOKEN: ${{ steps.jfrog-login.outputs.oidc-token }}
run: |
cat << EOF | tee .npmrc
enable-pre-post-scripts=true
registry=https://${NPM_REGISTRY}/
//${NPM_REGISTRY}/:_authToken=${NPM_REGISTRY_TOKEN}
EOF
- name: create .npmrc
run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> .npmrc
- name: Create dist directory to store tarball
run: mkdir -p dist

# - name: create .npmrc
# run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> .npmrc

- name: create and publish snapshot release version
id: changesets
run: |
pnpm bump --snapshot ${{ env.TAG }}
pnpm release --snapshot --no-git-tag --tag ${{ env.TAG }}
env:
GITHUB_TOKEN: ${{ github.token }}
GITHUB_TOKEN: ${{ secrets.CI_BOT_TOKEN }}

- name: Attest tarball
if: steps.changesets.conclusion == 'success'
uses: LedgerHQ/actions-security/actions/attest@actions/attest-1
with:
subject-path: ./dist

# The action currently doesn't support pushing the blob to the registry
- name: Sign tarball
if: steps.changesets.conclusion == 'success'
uses: LedgerHQ/actions-security/actions/sign-blob@actions/sign-blob-1
with:
path: ./dist

0 comments on commit 4ee7572

Please sign in to comment.