build: add githook #18
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Triggered by: python scripts/release.py --push | |
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - 'v*.*.*' | |
| permissions: | |
| contents: write | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: npm | |
| - run: npm ci | |
| - run: npm test | |
| - run: npm run build | |
| - name: Check dist is up to date | |
| run: git diff --exit-code -- dist/ ':!dist/**/*.d.ts.map' | |
| # Dogfood: sign dist/index.js using auths-dev/sign@v1 (ephemeral, no secrets) | |
| - name: Sign dist/index.js | |
| uses: auths-dev/sign@v1 | |
| with: | |
| files: 'dist/index.js' | |
| note: 'GitHub Actions release — ${{ github.ref_name }}' | |
| - name: Generate SHA256 checksums | |
| run: | | |
| cd dist | |
| sha256sum index.js > index.js.sha256 | |
| if [ -f index.js.auths.json ]; then | |
| sha256sum index.js.auths.json >> index.js.sha256 | |
| fi | |
| cat index.js.sha256 | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| generate_release_notes: true | |
| make_latest: true | |
| files: | | |
| dist/index.js.auths.json | |
| dist/index.js.sha256 | |
| body: | | |
| ## Auths Verify GitHub Action | |
| Verify commit signatures and artifact attestations in CI. | |
| ### Usage | |
| ```yaml | |
| - uses: auths-dev/verify@v1 | |
| ``` | |
| See the [README](https://github.com/auths-dev/verify#readme) for full configuration options. | |
| - name: Update floating major tag | |
| run: | | |
| TAG="${GITHUB_REF_NAME}" | |
| MAJOR="${TAG%%.*}" | |
| git tag -f "$MAJOR" "$TAG" | |
| git push origin "$MAJOR" --force |