release.yml

name: Release

on:
  push:
    branches:
      - main

# Sets permissions of the GITHUB_TOKEN
permissions:
  contents: write
  pages: write
  id-token: write
  pull-requests: write

jobs:
  release:
    # Prevents changesets action from creating a PR on forks
    if: github.repository == 'tokens-studio/types'
    environment:
      name: prod
    name: Release
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Repo
        uses: actions/checkout@master
        with:
          # This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits
          fetch-depth: 0

      - name: Setup Node.js 18.x
        uses: actions/setup-node@master
        with:
          node-version: 18.x
          registry-url: 'https://registry.npmjs.org'

      - name: Install Dependencies
        run: npm ci

      # FIXME: not working ....
      # - name: Import Secrets
      #   id: secrets
      #   uses: hashicorp/vault-action@v2
      #   with:
      #     url: ${{ vars.VAULT_URL }}
      #     role: ${{ vars.VAULT_ROLE }}
      #     method: jwt
      #     namespace: admin
      #     secrets: |
      #       ${{ vars.VAULT_PATH }} TOKEN | NPM_TOKEN;

      - name: Create Release Pull Request or Publish to npm
        id: changesets
        uses: changesets/action@v1
        with:
          # This expects you to have a script called release which does a build for your packages and calls changeset publish
          publish: npm run release
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          # NODE_AUTH_TOKEN: ${{ steps.secrets.outputs.NPM_TOKEN }}
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}