You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Merge npm publishing jobs into a single file (Trusted Publishing - OICD) (#2999)
## Summary:
This PR co-locates the two jobs that publish to npm (release and snapshot). This is a necessity for enabling Trusted Publishing (https://docs.npmjs.com/trusted-publishers#how-trusted-publishing-works).
Once this PR has landed, we'll be able to go into each npm package's settings on npmjs.com and enable Trusted Publishing. Once that's enabled, we no longer need a npm token (stored in `NPM_TOKEN`) in this repo at all and will no longer have to manage an auth token for publishing to npm.
Issue: LEMS-3681
## Test plan:
😅 This will be tricky.
* I plan to land this PR and then enable trusted publishing for all perseus packages.
* Once that's enabled, I'll try a snapshot publish by invoking it manually using workflow_dispatch
* If that succeeds, I'll create a tiny release that touches _all_ packages (I'll update/add a comment in each package's code) and then cut a release to test the release flow works also.
* Finally, I'll work through the workflow files and remove references to `NPM_TOKEN` and remove that secret from this repo.
Author: jeremywiebe
Reviewers: jeremywiebe, handeyeco, somewhatabstract, jandrade, nishasy, mark-fitzgerald, ivyolamit, Myranae, catandthemachines
Required Reviewers:
Approved By: handeyeco, somewhatabstract
Checks: ✅ 10 checks were successful, ⏭️ 1 check has been skipped
Pull Request URL: #2999
0 commit comments