Skip to content

chore: fix permissions codeql (#532) #61

chore: fix permissions codeql (#532)

chore: fix permissions codeql (#532) #61

Workflow file for this run

name: "Release"
on:
push:
branches:
- main
workflow_dispatch:
permissions:
contents: write
packages: write
pull-requests: write
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
persist-credentials: false
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: 20
always-auth: true
registry-url: "https://registry.npmjs.org"
- name: Install dependencies
run: yarn --frozen-lockfile
- name: Run checks
run: yarn run test && yarn lint && yarn build
- name: Get app installation token
uses: npalm/action-app-token@dd4bb16d91ced5659bc618705c96b822c5a42136 # v1.1.0
id: app-token
with:
appId: ${{ secrets.APP_ID }}
appPrivateKeyBase64: ${{ secrets.APP_PRIVATE_KEY_BASE64 }}
appInstallationType: repo
appInstallationValue: ${{ github.repository }}
- uses: google-github-actions/release-please-action@cc61a07e2da466bebbc19b3a7dd01d6aecb20d1e # v4.0.2
id: release
with:
token: ${{ steps.app-token.outputs.token }}
release-type: node
package-name: action-docs
changelog-types: '[{"type":"feat","section":"Features","hidden":false},{"type":"fix","section":"Bug Fixes","hidden":false},{"type":"chore","section":"Miscellaneous","hidden":false},{"type":"build","section":"Miscellaneous","hidden":true}]'
- name: Publish to NPM
run: yarn publish
if: ${{ steps.release.outputs.release_created }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}