Fixing release build (#220)

* actions/checkout v2->v3

* CI bump task versions

* release-publish

.github/workflows/ci.yml

@@ -21,22 +21,22 @@ jobs:
         node-version: [20.x]
     steps:
       - name: Checkout non PR
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.1
         # Do not trigger a checkout when opening PRs from a fork (helps avoid
         # "pwn request". See https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target )
         if: github.event_name != 'pull_request_target'
         with:
           fetch-depth: '0'
 
       - name: Checkout PR
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4.1.1
         if: github.event_name == 'pull_request_target'
         with:
           ref: "refs/pull/${{ github.event.number }}/merge"
           fetch-depth: '0'
 
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4.0.1
         with:
           node-version: ${{ matrix.node-version }}
       - run: yarn install --frozen-lockfile

.github/workflows/dependency-review.yml

@@ -18,6 +18,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.1
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@v3

.github/workflows/release-prepare.yml

@@ -13,10 +13,10 @@ jobs:
         node-version: [20.x]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4.1.1
 
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4.0.1
         with:
           node-version: ${{ matrix.node-version }}
 

.github/workflows/release-publish.yml

@@ -37,16 +37,16 @@ jobs:
         run: if [ '${{ github.event.before }}' = '0000000000000000000000000000000000000000' ]; then echo "::warning title=Missing github.event.before::You are running this CD workflow on a newly created branch. Release won't be created..."; fi
 
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.1
 
-      - name: Set up Node.js
-        uses: actions/setup-node@v3
+      - name: use node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4.0.1
         with:
           node-version: ${{ matrix.node-version }}
           registry-url: https://registry.npmjs.org/ # Needed for auth
 
       - name: yarn install --frozen-lockfile
-        uses: backstage/actions/yarn-install@v0.5.13
+        uses: backstage/actions/yarn-install@v0.6.5
         with:
           cache-prefix: ${{ runner.os }}-v${{ matrix.node-version }}
 
@@ -76,9 +76,6 @@ jobs:
       - name: verify type dependencies
         run: yarn lint:type-deps
 
-      - name: test
-        run: |
-          yarn lerna -- run test -- --coverage --runInBand
 
   # A separate release build that is only run for commits that are the result of merging the "Version Packages" PR
   # We can't re-use the output from the above step, but we'll have a guaranteed node_modules cache and
@@ -100,16 +97,16 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.1
 
-      - name: Set up Node.js
-        uses: actions/setup-node@v3
+      - name: use node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4.0.1
         with:
           node-version: ${{ matrix.node-version }}
           registry-url: https://registry.npmjs.org/ # Needed for auth
 
       - name: yarn install --frozen-lockfile
-        uses: backstage/actions/yarn-install@v0.5.13
+        uses: backstage/actions/yarn-install@v0.6.5
         with:
           cache-prefix: ${{ runner.os }}-v${{ matrix.node-version }}
 
@@ -123,10 +120,11 @@ jobs:
       - name: publish
         if: needs.build.outputs.needs_release == 'true' || github.event.inputs.publish_packages
         run: |
+          yarn config set -H 'npmAuthToken' "${{secrets.NPM_TOKEN}}"
           if [ -f ".changeset/pre.json" ]; then
-              yarn lerna -- publish from-package --yes --dist-tag next
+              yarn workspaces foreach -v --no-private npm publish --access public --tolerate-republish --tag next
           else
-              yarn lerna -- publish from-package --yes
+              yarn workspaces foreach -v --no-private npm publish --access public --tolerate-republish
           fi
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/renovate-changesets.yml

@@ -14,7 +14,7 @@ jobs:
     if: github.actor == 'renovate[bot]'
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.1
         with:
           fetch-depth: 2
           ref: ${{ github.head_ref }}

.github/workflows/renovate-validation.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.1
       - name: Validate
         uses: rinchsan/renovate-config-validator@v0.0.12
         with:

.github/workflows/weekly-check-versions.yml

@@ -8,7 +8,7 @@ jobs:
   create-pull-request:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4.1.1
         with:
           fetch-depth: '0'