Skip to content

Commit 7bc3439

Browse files
ci: updated release workflow to use octo-sts for GH auth (#77)
* ci: updated release workflow to use octo-sts for GH auth * ci: optimized release workflow
1 parent a07b31b commit 7bc3439

File tree

2 files changed

+19
-2
lines changed

2 files changed

+19
-2
lines changed
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
---
2+
issuer: https://token.actions.githubusercontent.com
3+
subject_pattern: repo:liatrio/react-dora-charts:.*
4+
5+
permissions:
6+
contents: write
7+
packages: write

.github/workflows/release.yml

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,16 +26,26 @@ jobs:
2626
HUSKY: 0
2727

2828
steps:
29+
- name: Get Octo-sts token
30+
uses: octo-sts/action@6177b4481c00308b3839969c3eca88c96a91775f
31+
id: octo-sts
32+
with:
33+
scope: 'liatrio/react-dora-charts'
34+
identity: semantic-release
35+
2936
- uses: actions/checkout@v4
3037
with:
31-
persist-credentials: false
38+
fetch-tags: true
39+
fetch-depth: 0
40+
token: ${{ steps.octo-sts.outputs.token }}
3241

3342
- name: Setup node
3443
id: node
3544
uses: actions/setup-node@v4
3645
with:
3746
node-version-file: '.nvmrc'
3847
cache: 'npm'
48+
registry-url: 'https://registry.npmjs.org'
3949

4050
- name: Install dependencies
4151
run: yarn install
@@ -45,6 +55,6 @@ jobs:
4555

4656
- name: Bump and Release
4757
env:
48-
GITHUB_TOKEN: ${{ secrets.TAGGING_TOKEN }}
58+
GITHUB_TOKEN: ${{ steps.octo-sts.outputs.token }}
4959
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
5060
run: npx semantic-release

0 commit comments

Comments
 (0)