significa · tofran · Dec 7, 2022 · Dec 7, 2022 · Dec 7, 2022 · Dec 7, 2022
diff --git a/.github/workflows/ci-cd.yaml b/.github/workflows/ci-cd.yaml
@@ -0,0 +1,120 @@
+name: CI/CD
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  release:
+    types:
+      - published
+  workflow_dispatch:
+  repository_dispatch:
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    permissions:
+      contents: read
+      packages: read
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          registry-url: 'https://npm.pkg.github.com'
+          scope: '@significa'
+
+      - name: Cache node modules
+        id: cache-npm
+        uses: actions/cache@v3
+        env:
+          cache-name: cache-node-modules
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-build-${{ env.cache-name }}-
+            ${{ runner.os }}-build-
+            ${{ runner.os }}-
+
+      - run: npm ci
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - run: npm run lint
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    if: github.event_name != 'release'
+    permissions:
+      contents: read
+      packages: read
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          registry-url: 'https://npm.pkg.github.com'
+          scope: '@significa'
+
+      - name: Cache node modules
+        id: cache-npm
+        uses: actions/cache@v3
+        env:
+          cache-name: cache-node-modules
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-build-${{ env.cache-name }}-
+            ${{ runner.os }}-build-
+            ${{ runner.os }}-
+
+      - run: npm ci
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - run: npm run build
+
+  publish:
+    name: Publish
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    needs:
+      - lint
+    if: github.event_name == 'release'
+    concurrency: publish_package
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          registry-url: 'https://npm.pkg.github.com'
+          scope: '@significa'
+
+      - run: npm ci
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set package.json version
+        run: npm version --no-git-tag-version "${{ github.ref_name }}"
+
+      - run: npm run build
+
+      - name: Publish to GitHub registry
+        run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
diff --git a/.gitignore b/.gitignore
@@ -3,7 +3,7 @@
 /.nyc_output
 /dist
 /tmp
-/yarn.lock
 node_modules
+lib
 
 .DS_Store
diff --git a/.husky/pre-push b/.husky/pre-push
@@ -2,4 +2,4 @@
 . "$(dirname "$0")/_/husky.sh"
 
 # Run commands here
-yarn build
+npm run build
diff --git a/README.md b/README.md
@@ -2,6 +2,7 @@
 
 This is work in progress and only suitable for internal use.
 
+
 ## Description
 
 This package solves JWT-based authentication by saving the refresh token in an http-only cookie (accessible only server-side) and the access-token + a session indicator with the expiration date in client-acessible cookies.
@@ -12,19 +13,19 @@ This package solves JWT-based authentication by saving the refresh token in an h
 - client-side token refresh (interval + window focus)
 - client-side access token access (e.g.: for client-side API calls)
 
-## Install
 
-Currently this is only available to install directly via GitHub:
+## Using the package
 
-```bash
-yarn add significa/significa-auth-next#TAG_HERE
-```
+1. Generate a new github PAT (Classic Personal Access Token).
+   Grant `read:packages` _Download packages from GitHub Package Registry_.
 
-For example:
+2. Run `npm login --scope=@significa --registry=https://npm.pkg.github.com`.
+   In the interactive CLI set your GitHub handle as the username and the newly generated PAT as the password (email can be anything).
+
+3. `npm install @significa/auth-next`
+
+More info: [Working with the GitHub npm registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry).
 
-```bash
-yarn add significa/significa-auth-next#v1.0.0
-```
 
 ## Configuration