ci: pr permissions #83
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 🦋 Changesets Release | |
| on: | |
| push: | |
| branches: | |
| - release | |
| - "release-*" | |
| - "!release-experimental" | |
| - "!release-experimental-*" | |
| - "!release-manual" | |
| - "!release-manual-*" | |
| permissions: | |
| id-token: write | |
| pull-requests: write | |
| contents: write | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| release: | |
| name: 🦋 Changesets Release | |
| if: github.repository == 'mcansh/remix-fastify' | |
| runs-on: ubuntu-latest | |
| outputs: | |
| published: ${{ steps.changesets.outputs.published }} | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: ⎔ Setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version-file: ".nvmrc" | |
| - name: 🟧 Setup pnpm | |
| uses: pnpm/action-setup@v2 | |
| with: | |
| version: 8 | |
| run_install: | | |
| - recursive: true | |
| args: [--frozen-lockfile, --strict-peer-dependencies] | |
| - name: 🔐 Setup npm auth | |
| run: | | |
| echo "registry=https://registry.npmjs.org" >> ~/.npmrc | |
| echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" >> ~/.npmrc | |
| # This action has two responsibilities. The first time the workflow runs | |
| # (initial push to a `release-*` branch) it will create a new branch and | |
| # then open a PR with the related changes for the new version. After the | |
| # PR is merged, the workflow will run again and this action will build + | |
| # publish to npm & github packages. | |
| - name: 🚀 PR / Publish | |
| id: changesets | |
| uses: changesets/action@v1 | |
| with: | |
| version: pnpm run changeset:version | |
| commit: "chore: Update version for release" | |
| title: "chore: Update version for release" | |
| publish: pnpm run changeset:release | |
| createGithubReleases: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| comment: | |
| name: 📝 Comment on issues and pull requests | |
| if: github.repository == 'mcansh/remix-fastify' && needs.release.outputs.published == 'true' | |
| needs: [release] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: 📝 Comment on issues | |
| uses: remix-run/release-comment-action@v0.4.1 | |
| with: | |
| DIRECTORY_TO_CHECK: "./packages" | |
| PACKAGE_NAME: "@mcansh/remix-fastify" |