Skip to content
Release

Release #68

Sign in to view logs

Release

Release #68

Workflow file for this run

.github/workflows/release.yml at 05d8094
name: Release
on:
push:
tags:
- 'v*'
permissions:
contents: write
packages: write
id-token: write
jobs:
goreleaser:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Fetch all tags
run: git fetch --force --tags
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.25.1'
cache: true
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
HOMEBREW_TAP_TOKEN: ${{ secrets.HOMEBREW_TAP_TOKEN }}
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '24'
registry-url: 'https://registry.npmjs.org'
- name: Update npm to latest
run: npm install -g npm@latest
- name: Build npm packages
run: |
npx -y goreleaser-npm-publisher build \
--builder seedfast \
--description "AI-powered PostgreSQL database seeding tool" \
--keywords "postgresql,database,seeding,testing,ai" \
--files README.md \
--files LICENSE
- name: Add repository URL to package.json files
run: |
for pkg_dir in dist/npm/*/; do
if [ -f "$pkg_dir/package.json" ]; then
# Add repository field for OIDC provenance verification
jq '. + {"repository": {"type": "git", "url": "https://github.com/argon-it/seedfast-cli"}}' \
"$pkg_dir/package.json" > "$pkg_dir/package.json.tmp" && \
mv "$pkg_dir/package.json.tmp" "$pkg_dir/package.json"
fi
done
- name: Publish npm packages with OIDC (token fallback)
env:
NPM_CONFIG_PROVENANCE: true
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
# Publish each package with OIDC, fallback to token for new packages
for pkg_dir in dist/npm/*/; do
if [ -f "$pkg_dir/package.json" ]; then
pkg_name=$(cat "$pkg_dir/package.json" | grep '"name"' | head -1 | sed 's/.*"name": *"\([^"]*\)".*/\1/')
echo "Publishing $pkg_name with OIDC..."
# Try OIDC first
if (cd "$pkg_dir" && npm publish --access public --provenance 2>&1); then
echo "✅ Published $pkg_name with OIDC"
else
echo "⚠️ OIDC failed for $pkg_name, trying with token..."
# Fallback to token for new packages
(cd "$pkg_dir" && npm publish --access public 2>&1) || echo "Note: $pkg_name may already exist or failed"
fi
echo "Waiting 15 seconds..."
sleep 15
fi
done