NoBey/openzeppelin-contracts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add missing id-token: write permission in release pipeline (#5645)

Browse Source 
Signed-off-by: Pascal Marco Caversaccio <pascal.caversaccio@hotmail.ch>
This commit is contained in:
sudo rm -rf --no-preserve-root /
2025-04-22 23:24:43 +02:00
committed by GitHub
parent 3a14bcc783
commit da32fb3bd8
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/release-cycle.yml vendored
View File

@ -131,6 +131,7 @@ jobs:
environment: npm environment: npm
permissions: permissions:
contents: write contents: write
id-token: write
if: needs.state.outputs.publish == 'true' if: needs.state.outputs.publish == 'true'
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
@ -153,6 +154,7 @@ jobs:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
TARBALL: ${{ steps.pack.outputs.tarball }} TARBALL: ${{ steps.pack.outputs.tarball }}
TAG: ${{ steps.pack.outputs.tag }} TAG: ${{ steps.pack.outputs.tag }}
NPM_CONFIG_PROVENANCE: true
- name: Create Github Release - name: Create Github Release
uses: actions/github-script@v7 uses: actions/github-script@v7
env: env:

2
scripts/release/workflow/publish.sh
View File

@ -9,7 +9,7 @@ PACKAGE_JSON_VERSION="$(tar xfO "$TARBALL" package/package.json | jq -r .version
echo "//registry.npmjs.org/:_authToken=\${NPM_TOKEN}" > .npmrc echo "//registry.npmjs.org/:_authToken=\${NPM_TOKEN}" > .npmrc
# Actual publish # Actual publish
npm publish --provenance "$TARBALL" --tag "$TAG" npm publish "$TARBALL" --tag "$TAG"
# Clean up tags # Clean up tags
delete_tag() { delete_tag() {