These workflows are intended for use in the public repositories managed the Fastly Developer Experience Engineering team. Since the repository is public anyone is free to use if them if they wish, but the team does not make any guarantees about maintaining compatibility when changes are made.
TODO: Add description
TODO: Add description
TODO: Add description
Processes a provided string or the tag name as a SemVer.
-
version- (optional) The version string to process, with or without a leading v, e.g.1.2.3orv1.2.3-rc.1. If not provided, then the current tag name is used. -
tag_prefix- Tag prefix, when triggered by a tag. This prefix is strict and must fully match the tag format (e.g.'v'→v1.2.3,'release/v'→release/v1.2.3).
If the string is successfully processed as a SemVer, the workflow succeeds and produces two outputs:
-
version- the SemVer string, such as1.2.3or1.2.3-beta.0 -
dist_tag- the "tag" part of the semver (such asbeta,rc, orlatestif not provided)
If the string is not process as a SemVer, the workflow fails.
Publishes a package to GitHub Packages, using the provided dist tag. Optionally checks the package's name and version.
-
expected_pkg_name- (optional) Expected package name. If provided, must match thenamefield in thepackage.jsonfile, or the workflow fails. -
expected_pkg_version- (optional) Expected package version. If provided, must match theversionfield in thepackage.jsonfile, or the workflow fails. -
dist_tag- Dist tag to release, e.g.,latest,alpha,beta,rc. If not provided, defaults tolatest. -
node_auth_token- Token used to authenticate to GitHub Packages. If not provided, defaults tosecrets.GITHUB_TOKEN. -
dry_run- If set to"true", passes--dry-runtonpm publish. If not provided, defaults to"false". -
cwd- Path to directory containingpackage.json, relative to the repo root. If not provided, defaults to the repo root.
If all the following steps are successful, the workflow succeeds.
- there is a
package.jsonfile in thecwddirectory - if
expected_*checks are provided, they pass - the
npm publishcommand successfully publishes the package to npmjs.org
Otherwise, the workflow fails.
If node_auth_token is provided, the token must have permissions to publish the package.
If node_auth_token is not provided, then the calling workflow must have permissions
to publish the package. A workflow can be given permissions by adding the permission:
permissions:
contents: read
packages: writePublishes a package to npmjs.org, using the provided dist tag. Optionally checks the package's name and version.
-
expected_pkg_name- (optional) Expected package name. If provided, must match thenamefield in thepackage.jsonfile, or the workflow fails. -
expected_pkg_version- (optional) Expected package version. If provided, must match theversionfield in thepackage.jsonfile, or the workflow fails. -
dist_tag- Dist tag to release, e.g.,latest,alpha,beta,rc. If not provided, defaults tolatest. -
dry_run- If set to"true", passes--dry-runtonpm publish. If not provided, defaults to"false". -
cwd- Path to directory containingpackage.json, relative to the repo root. If not provided, defaults to the repo root.
If all the following steps are successful, the workflow succeeds.
- there is a
package.jsonfile in thecwddirectory - if
expected_*checks are provided, they pass - the
npm publishcommand successfully publishes the package to npmjs.org
Otherwise, the workflow fails.
Authentication for publishing the package to npmjs.org is performed using trusted publishing.
-
The package must be set up for trusted publishing. See the npm docs for detailed instructions on adding the calling workflow as a trusted publisher under the settings tab of the package page on npmjs.org.
-
The calling workflow must have permissions to generate OIDC tokens. A workflow can be given permissions by adding the permission:
permissions: id-token: write contents: read
TODO: Add description
TODO: Add description
TODO: Add description
Please see SECURITY.md for guidance on reporting security-related issues.