refactor(common,cli): kms deployer gets keyId from environment (#2760) #396
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release 🔖 | |
on: | |
push: | |
branches: | |
- "main" | |
paths-ignore: | |
- "docs/**" | |
# Ensure only one workflow/job is publishing to npm at a time | |
concurrency: publish-to-npm | |
jobs: | |
release: | |
name: Release | |
if: github.repository == 'latticexyz/mud' | |
runs-on: ubuntu-latest | |
# Permissions necessary for Changesets to push a new branch and open PRs | |
# (for automated Version Packages PRs), and request the JWT for provenance. | |
# More info: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings | |
permissions: | |
contents: write | |
pull-requests: write | |
id-token: write | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: "Setup" | |
uses: ./.github/actions/setup | |
- name: Set deployment token | |
run: npm config set '//registry.npmjs.org/:_authToken' "${NPM_TOKEN}" | |
env: | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Check for pre.json file existence | |
id: check_files | |
uses: andstor/[email protected] | |
with: | |
files: ".changeset/pre.json" | |
- name: Create version PR or publish 🚀 | |
if: steps.check_files.outputs.files_exists == 'false' | |
uses: changesets/action@v1 | |
with: | |
publish: pnpm release:publish | |
version: pnpm release:version | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
docker: | |
uses: ./.github/workflows/docker.yml | |
needs: release |