Uses reusable workflow to set up a OIDC backed npm publishing github action#155
Uses reusable workflow to set up a OIDC backed npm publishing github action#155timothychiao merged 2 commits intomainfrom
Conversation
|
do we want to do anything special regarding the deployment? i.e have it blocked behind some of the other actions? |
| on: | ||
| push: | ||
| tags: | ||
| - "*" |
There was a problem hiding this comment.
This will publish to NPM whenever we push a commit with any tag, right?
Would we prefer to more narrowly define with only v* tags? I know that's the only tags we have right now, but would prefer to exercise caution.
There was a problem hiding this comment.
Any thoughts as well on if we should allow manual runs of this workflow or not?
There was a problem hiding this comment.
sure, v tag makes sense.
added workflow_dispatch, if just to make it easier for testing.
I think the existing actions should be blocking the pull requests accordingly, so I don't think there's additional action needed. |
|
talked to search, they said they forked the repos into personal github and published locally to push a new tag. they also mentioned that in the actual repo, they published a beta version first before the stable version. imo, the latter seems sufficient, unless you have a strong opinion here. |
…action Change-Id: Ie13b04d548d7cb7ae127e2bbe5257f6b0ff7ce95
similar to search, upping the minor version, since we are now publishing with oidc and thus have a provenance badge in npm Change-Id: I2b0fbd05b8e4caf733b0aa760bc0ad377025ac9b
2 participants
Change-Id: Ic744b089333b05bd783cf91439b6732d6318dd27