name: Build & Publish NPM Package on: # Allows you to run this workflow manually from the Actions tab workflow_dispatch: inputs: version: description: "Version to publish" required: true type: string # Default to truncated commit hash default: "0.0.0" tag: description: "Tag to publish" required: true type: string default: "latest" package: description: "Package to publish" options: - federation - client type: choice required: true permissions: contents: read # For provenance generation id-token: write jobs: # Build job build: runs-on: ubuntu-latest environment: NPM Deploy steps: - name: Checkout uses: actions/checkout@v4 - uses: oven-sh/setup-bun@v1 - name: Create bunfig.toml with NPM token (GitHub Secrets) run: echo -e "[install]\nregistry = { url = \"https://registry.npmjs.org/\", token = \"${{ secrets.NPM_TOKEN }}\" }" > bunfig.toml - name: Copy bunfig.toml to package directory run: cd ${{ github.event.inputs.package }} && cp ../bunfig.toml . - name: Install dependencies run: bun install --frozen-lockfile # Code is not minified and bundled anymore #- name: Build # run: bun run build - name: Change version in package.json to ${{ github.event.inputs.version }}, defaulting to the truncated commit hash run: 'sed -i ''s/"version": ".*"/"version": "${{ github.event.inputs.version }}"/'' package.json ${{ github.event.inputs.package }}/package.json ${{ github.event.inputs.package }}/jsr.jsonc' - name: CD to package directory run: cd ${{ github.event.inputs.package }} && bun install --frozen-lockfile - name: Patch Bunpublish to not break run: sed -i --follow-symlinks 's/getHeapStatistics().heap_size_limit/99999999/g' "node_modules/@npmcli/arborist/lib/packument-cache.js" - name: Publish to NPM run: cd ${{ github.event.inputs.package }} && bunx @morlay/bunpublish --provenance --tag ${{ github.event.inputs.tag }} - name: Publish to JSR run: cd ${{ github.event.inputs.package }} && bunx jsr publish --allow-slow-types --allow-dirty