fix: add NODE_AUTH_TOKEN to npm publish workflow #2
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish CLI to npm | |
| on: | |
| push: | |
| tags: | |
| - "cli-v*" | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| id-token: write | |
| concurrency: | |
| group: publish-cli-${{ github.ref }} | |
| cancel-in-progress: false | |
| jobs: | |
| publish-cli: | |
| name: Publish clawdrive | |
| if: github.repository == 'Hyper3Labs/clawdrive' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 24 | |
| registry-url: https://registry.npmjs.org | |
| cache: npm | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Read CLI package metadata | |
| id: pkg | |
| run: | | |
| VERSION="$(node -p "require('./packages/cli/package.json').version")" | |
| NAME="$(node -p "require('./packages/cli/package.json').name")" | |
| echo "version=$VERSION" >> "$GITHUB_OUTPUT" | |
| echo "name=$NAME" >> "$GITHUB_OUTPUT" | |
| - name: Verify tag matches package version | |
| if: github.event_name == 'push' | |
| run: | | |
| EXPECTED_TAG="cli-v${{ steps.pkg.outputs.version }}" | |
| if [[ "$GITHUB_REF_NAME" != "$EXPECTED_TAG" ]]; then | |
| echo "Tag $GITHUB_REF_NAME does not match packages/cli version ${{ steps.pkg.outputs.version }}." | |
| echo "Expected tag: $EXPECTED_TAG" | |
| exit 1 | |
| fi | |
| - name: Check whether this version already exists on npm | |
| id: exists | |
| run: | | |
| if npm view "${{ steps.pkg.outputs.name }}@${{ steps.pkg.outputs.version }}" version >/dev/null 2>&1; then | |
| echo "publish=false" >> "$GITHUB_OUTPUT" | |
| echo "${{ steps.pkg.outputs.name }}@${{ steps.pkg.outputs.version }} already exists on npm." | |
| else | |
| echo "publish=true" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Build workspace | |
| if: github.event_name == 'workflow_dispatch' || steps.exists.outputs.publish == 'true' | |
| run: npm run build | |
| - name: Dry-run publish | |
| if: github.event_name == 'workflow_dispatch' | |
| run: npm publish --workspace packages/cli --access public --dry-run | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: Publish to npm | |
| if: github.event_name == 'push' && steps.exists.outputs.publish == 'true' | |
| run: npm publish --workspace packages/cli --access public --provenance | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: Report already-published version | |
| if: github.event_name == 'push' && steps.exists.outputs.publish != 'true' | |
| run: echo "Nothing to publish. ${{ steps.pkg.outputs.name }}@${{ steps.pkg.outputs.version }} is already on npm." |