.github/workflows/publish.yaml
name: Publish Package to npmjs
on:
# keeping it purely manual for now as to not accidentally trigger a release
#release:
# types: [published]
workflow_dispatch:
jobs:
publish:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20.x'
registry-url: 'https://registry.npmjs.org'
cache: 'yarn'
- run: yarn install --frozen-lockfile
- run: yarn test
- run: npm publish --access public --provenance
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}