Skip to content

cd

cd #3

Workflow file for this run

name: cd
on:
release:
types: [published]
permissions:
contents: read
id-token: write
jobs:
publish:
name: Publish plugin-sdk-react package
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: "1.2.23"
- name: Cache Bun packages
uses: actions/cache@v4
with:
path: ~/.bun/install/cache
key: ${{ runner.os }}-bun-plugin-sdk-react-${{ hashFiles('bun.lock') }}
restore-keys: |
${{ runner.os }}-bun-plugin-sdk-react-
- name: Install dependencies
run: bun install --frozen-lockfile
# Strip the leading 'v' from the release tag (v1.2.3 → 1.2.3) so it
# matches npm's semver format, then stamp package.json without a git tag.
# Must run BEFORE build so the version is baked into build/package.json.
- name: Set package version
run: |
VERSION="${{ github.event.release.tag_name }}"
npm version "${VERSION#v}" --no-git-tag-version
- name: Build
run: bun run build
- name: Setup Node.js with npm registry
uses: actions/setup-node@v4
with:
node-version: "24"
registry-url: "https://registry.npmjs.org"
scope: "@paca-ai"
# npm 12.0.0 has a packaging bug: libnpmpublish still requires
# `sigstore`, but the published 12.0.0 tarball is missing that
# module, so `npm publish --provenance` crashes with "Cannot find
# module 'sigstore'". Pin to the 11.x line until a patched 12.x
# ships. See https://github.com/npm/cli/issues/9722.
- name: Pin npm to a working version
run: npm install -g npm@11
# For prerelease versions (e.g. 1.0.0-alpha.1), npm requires an explicit
# --tag to avoid accidentally tagging as "latest".
- name: Publish to npm
run: |
VERSION="${{ github.event.release.tag_name }}"
CLEAN_VERSION="${VERSION#v}"
if [[ "$CLEAN_VERSION" == *"-"* ]]; then
PRERELEASE_LABEL=$(echo "$CLEAN_VERSION" | sed 's/[^-]*-\([a-zA-Z]*\).*/\1/')
npm publish --provenance --access public --tag "${PRERELEASE_LABEL:-next}"
else
npm publish --provenance --access public
fi