NEOS-1616: [MIGRATION] Adds RBAC engine (#2935) #968
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Artifact Release | |
on: | |
push: | |
tags: | |
- "v*.*.*" | |
branches: | |
- main | |
paths: # path filters are not evaluated for pushes of tags | |
- backend/** | |
- cli/** | |
- worker/** | |
- frontend/** | |
- charts/** | |
- docker/** | |
jobs: | |
docker-backend: | |
name: Backend Docker Image | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Calculate Next Pre-release version | |
id: next_pre_version | |
uses: paulhatch/[email protected] | |
with: | |
version_format: "${major}.${minor}.${patch}-pre.${increment}" | |
- name: Get current time | |
id: current-time | |
run: echo "CURRENT_TIME=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
ghcr.io/nucleuscloud/neosync/api | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=ref,event=branch | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
type=semver,pattern={{raw}} | |
type=sha | |
type=raw,value=${{ steps.next_pre_version.outputs.version }},enable=${{ github.ref == format('refs/heads/{0}', 'main') }} | |
- name: Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Depot CLI | |
uses: depot/setup-action@v1 | |
- name: Build and push | |
uses: depot/build-push-action@v1 | |
with: | |
context: . | |
file: docker/Dockerfile.backend | |
build-args: | | |
buildDate=${{ steps.current-time.outputs.CURRENT_TIME }} | |
gitCommit=${{ github.sha }} | |
gitVersion=${{ github.ref_name }} | |
platforms: linux/amd64,linux/arm64 | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
docker-frontend: | |
name: Frontend Docker Image | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Calculate Next Pre-release version | |
id: next_pre_version | |
uses: paulhatch/[email protected] | |
with: | |
version_format: "${major}.${minor}.${patch}-pre.${increment}" | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
ghcr.io/nucleuscloud/neosync/app | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=ref,event=branch | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
type=semver,pattern={{raw}} | |
type=sha | |
type=raw,value=${{ steps.next_pre_version.outputs.version }},enable=${{ github.ref == format('refs/heads/{0}', 'main') }} | |
- name: Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Depot CLI | |
uses: depot/setup-action@v1 | |
- name: Build and push | |
uses: depot/build-push-action@v1 | |
with: | |
file: docker/Dockerfile.frontend | |
context: frontend | |
platforms: linux/amd64,linux/arm64 | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
docker-worker: | |
name: Worker Docker Image | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Calculate Next Pre-release version | |
id: next_pre_version | |
uses: paulhatch/[email protected] | |
with: | |
version_format: "${major}.${minor}.${patch}-pre.${increment}" | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
ghcr.io/nucleuscloud/neosync/worker | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=ref,event=branch | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
type=semver,pattern={{raw}} | |
type=sha | |
type=raw,value=${{ steps.next_pre_version.outputs.version }},enable=${{ github.ref == format('refs/heads/{0}', 'main') }} | |
- name: Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Depot CLI | |
uses: depot/setup-action@v1 | |
- name: Build and push | |
uses: depot/build-push-action@v1 | |
with: | |
context: . | |
file: docker/Dockerfile.worker | |
platforms: linux/amd64,linux/arm64 | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
helm-backend: | |
name: Backend Helm Chart | |
runs-on: ubuntu-latest | |
needs: | |
- docker-backend | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Calculate Next Pre-release version | |
id: next_pre_version | |
uses: paulhatch/[email protected] | |
with: | |
version_format: "${major}.${minor}.${patch}-pre.${increment}" | |
- name: Setup Trimmed Helm Version | |
run: | | |
if [[ $GITHUB_REF == refs/tags/* ]]; then | |
V_PREFIX="v" | |
VERSION="${{ github.ref_name }}" | |
TRIMMED_VERSION="${VERSION/#$V_PREFIX}" | |
echo "$TRIMMED_VERSION" | |
echo "CHART_VERSION=$TRIMMED_VERSION" >> $GITHUB_ENV | |
echo "IS_PRERELEASE=false" >> $GITHUB_ENV | |
else | |
VERSION="${{ steps.next_pre_version.outputs.version }}" | |
echo "$VERSION" | |
echo "CHART_VERSION=$VERSION" >> $GITHUB_ENV | |
echo "IS_PRERELEASE=true" >> $GITHUB_ENV | |
fi | |
- name: Setup Chart.yaml | |
uses: mikefarah/[email protected] | |
with: | |
cmd: | | |
# Recursively finds all Chart.yaml files and sets their version and appVersion to the github ref | |
for filepath in $(find backend/charts/** -type f -name 'Chart.yaml') ; do | |
echo "$filepath" | |
yq -i '.version = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.appVersion = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.annotations."artifacthub.io/prerelease" = strenv(IS_PRERELEASE)' "$filepath" | |
done | |
for filepath in $(find backend/charts/*/Chart.yaml -type f -name 'Chart.yaml') ; do | |
has_deps=$(yq -r '.dependencies[0].version' "$filepath") | |
if [ $has_deps != null ]; then | |
yq -i '.dependencies[].version = strenv(CHART_VERSION)' "$filepath" | |
fi | |
done | |
- name: Install Helm | |
uses: azure/setup-helm@v4 | |
env: | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
- name: Login to Helm Registry | |
run: | | |
echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin | |
- name: Package Helm Charts | |
shell: bash | |
run: | | |
# Finds all root charts and packages up their dependencies | |
find backend/charts/*/Chart.yaml -type f -name 'Chart.yaml' | sed -r 's|/[^/]+$||' | sort | uniq | xargs -L 1 helm dep up | |
# Runs through root charts and packages them | |
for filedir in backend/charts/*/ ; do | |
echo "$filedir" | |
helm package "$filedir" | |
done | |
- name: Helm | Publish | |
shell: bash | |
run: | | |
OCI_URL="oci://ghcr.io/$GITHUB_REPOSITORY/helm" | |
for d in ./*.tgz ; do | |
helm push "$d" "$OCI_URL" | |
done | |
helm-frontend: | |
name: Frontend Helm Chart | |
runs-on: ubuntu-latest | |
needs: | |
- docker-frontend | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Calculate Next Pre-release version | |
id: next_pre_version | |
uses: paulhatch/[email protected] | |
with: | |
version_format: "${major}.${minor}.${patch}-pre.${increment}" | |
- name: Setup Trimmed Helm Version | |
run: | | |
if [[ $GITHUB_REF == refs/tags/* ]]; then | |
V_PREFIX="v" | |
VERSION="${{ github.ref_name }}" | |
TRIMMED_VERSION="${VERSION/#$V_PREFIX}" | |
echo "$TRIMMED_VERSION" | |
echo "CHART_VERSION=$TRIMMED_VERSION" >> $GITHUB_ENV | |
echo "IS_PRERELEASE=false" >> $GITHUB_ENV | |
else | |
VERSION="${{ steps.next_pre_version.outputs.version }}" | |
echo "$VERSION" | |
echo "CHART_VERSION=$VERSION" >> $GITHUB_ENV | |
echo "IS_PRERELEASE=true" >> $GITHUB_ENV | |
fi | |
- name: Setup Chart.yaml | |
uses: mikefarah/[email protected] | |
with: | |
cmd: | | |
# Recursively finds all Chart.yaml files and sets their version and appVersion to the github ref | |
for filepath in $(find frontend/apps/web/charts/** -type f -name 'Chart.yaml') ; do | |
echo "$filepath" | |
yq -i '.version = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.appVersion = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.annotations."artifacthub.io/prerelease" = strenv(IS_PRERELEASE)' "$filepath" | |
done | |
for filepath in $(find frontend/apps/web/charts/*/Chart.yaml -type f -name 'Chart.yaml') ; do | |
has_deps=$(yq -r '.dependencies[0].version' "$filepath") | |
if [ $has_deps != null ]; then | |
yq -i '.dependencies[].version = strenv(CHART_VERSION)' "$filepath" | |
fi | |
done | |
- name: Install Helm | |
uses: azure/setup-helm@v4 | |
env: | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
- name: Login to Helm Registry | |
run: | | |
echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin | |
- name: Package Helm Charts | |
shell: bash | |
run: | | |
# Finds all root charts and packages up their dependencies | |
find frontend/apps/web/charts/*/Chart.yaml -type f -name 'Chart.yaml' | sed -r 's|/[^/]+$||' | sort | uniq | xargs -L 1 helm dep up | |
# Runs through root charts and packages them | |
for filedir in frontend/apps/web/charts/*/ ; do | |
echo "$filedir" | |
helm package "$filedir" | |
done | |
- name: Helm | Publish | |
shell: bash | |
run: | | |
OCI_URL="oci://ghcr.io/$GITHUB_REPOSITORY/helm" | |
for d in ./*.tgz ; do | |
helm push "$d" "$OCI_URL" | |
done | |
helm-worker: | |
name: Worker Helm Chart | |
runs-on: ubuntu-latest | |
needs: | |
- docker-worker | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Calculate Next Pre-release version | |
id: next_pre_version | |
uses: paulhatch/[email protected] | |
with: | |
version_format: "${major}.${minor}.${patch}-pre.${increment}" | |
- name: Setup Trimmed Helm Version | |
run: | | |
if [[ $GITHUB_REF == refs/tags/* ]]; then | |
V_PREFIX="v" | |
VERSION="${{ github.ref_name }}" | |
TRIMMED_VERSION="${VERSION/#$V_PREFIX}" | |
echo "$TRIMMED_VERSION" | |
echo "CHART_VERSION=$TRIMMED_VERSION" >> $GITHUB_ENV | |
echo "IS_PRERELEASE=false" >> $GITHUB_ENV | |
else | |
VERSION="${{ steps.next_pre_version.outputs.version }}" | |
echo "$VERSION" | |
echo "CHART_VERSION=$VERSION" >> $GITHUB_ENV | |
echo "IS_PRERELEASE=true" >> $GITHUB_ENV | |
fi | |
- name: Setup Chart.yaml | |
uses: mikefarah/[email protected] | |
with: | |
cmd: | | |
# Recursively finds all Chart.yaml files and sets their version and appVersion to the github ref | |
for filepath in $(find worker/charts/** -type f -name 'Chart.yaml') ; do | |
echo "$filepath" | |
yq -i '.version = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.appVersion = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.annotations."artifacthub.io/prerelease" = strenv(IS_PRERELEASE)' "$filepath" | |
done | |
for filepath in $(find worker/charts/*/Chart.yaml -type f -name 'Chart.yaml') ; do | |
has_deps=$(yq -r '.dependencies[0].version' "$filepath") | |
if [ $has_deps != null ]; then | |
yq -i '.dependencies[].version = strenv(CHART_VERSION)' "$filepath" | |
fi | |
done | |
- name: Install Helm | |
uses: azure/setup-helm@v4 | |
env: | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
- name: Login to Helm Registry | |
run: | | |
echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin | |
- name: Package Helm Charts | |
shell: bash | |
run: | | |
# Finds all root charts and packages up their dependencies | |
find worker/charts/*/Chart.yaml -type f -name 'Chart.yaml' | sed -r 's|/[^/]+$||' | sort | uniq | xargs -L 1 helm dep up | |
# Runs through root charts and packages them | |
for filedir in worker/charts/*/ ; do | |
echo "$filedir" | |
helm package "$filedir" | |
done | |
- name: Helm | Publish | |
shell: bash | |
run: | | |
OCI_URL="oci://ghcr.io/$GITHUB_REPOSITORY/helm" | |
for d in ./*.tgz ; do | |
helm push "$d" "$OCI_URL" | |
done | |
helm-top: | |
name: Umbrella Helm Chart | |
runs-on: ubuntu-latest | |
needs: | |
- helm-backend | |
- helm-frontend | |
- helm-worker | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Calculate Next Pre-release version | |
id: next_pre_version | |
uses: paulhatch/[email protected] | |
with: | |
version_format: "${major}.${minor}.${patch}-pre.${increment}" | |
- name: Setup Trimmed Helm Version | |
run: | | |
if [[ $GITHUB_REF == refs/tags/* ]]; then | |
V_PREFIX="v" | |
VERSION="${{ github.ref_name }}" | |
TRIMMED_VERSION="${VERSION/#$V_PREFIX}" | |
echo "$TRIMMED_VERSION" | |
echo "CHART_VERSION=$TRIMMED_VERSION" >> $GITHUB_ENV | |
echo "IS_PRERELEASE=false" >> $GITHUB_ENV | |
else | |
VERSION="${{ steps.next_pre_version.outputs.version }}" | |
echo "$VERSION" | |
echo "CHART_VERSION=$VERSION" >> $GITHUB_ENV | |
echo "IS_PRERELEASE=true" >> $GITHUB_ENV | |
fi | |
- name: Setup Chart.yaml | |
uses: mikefarah/[email protected] | |
with: | |
cmd: | | |
# Recursively finds all Chart.yaml files and sets their version and appVersion to the github ref | |
for filepath in $(find charts/** -type f -name 'Chart.yaml') ; do | |
echo "$filepath" | |
yq -i '.version = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.appVersion = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.annotations."artifacthub.io/prerelease" = strenv(IS_PRERELEASE)' "$filepath" | |
done | |
for filepath in $(find charts/*/Chart.yaml -type f -name 'Chart.yaml') ; do | |
has_deps=$(yq -r '.dependencies[0].version' "$filepath") | |
if [ $has_deps != null ]; then | |
yq -i '.dependencies[].version = strenv(CHART_VERSION)' "$filepath" | |
yq -i '.dependencies[].repository = "oci://ghcr.io/"+strenv(GITHUB_REPOSITORY)+"/helm"' "$filepath" | |
fi | |
done | |
- name: Install Helm | |
uses: azure/setup-helm@v4 | |
env: | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
- name: Login to Helm Registry | |
run: | | |
echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin | |
- name: Package Helm Charts | |
shell: bash | |
run: | | |
# Finds all root charts and packages up their dependencies | |
find charts/*/Chart.yaml -type f -name 'Chart.yaml' | sed -r 's|/[^/]+$||' | sort | uniq | xargs -L 1 helm dep up | |
# Runs through root charts and packages them | |
for filedir in charts/*/ ; do | |
echo "$filedir" | |
helm package "$filedir" | |
done | |
- name: Helm | Publish | |
shell: bash | |
run: | | |
OCI_URL="oci://ghcr.io/$GITHUB_REPOSITORY/helm" | |
for d in ./*.tgz ; do | |
helm push "$d" "$OCI_URL" | |
done | |
cli: | |
name: CLI | |
runs-on: ubuntu-latest | |
# for now, only build when we cut a new tag | |
if: startsWith(github.ref, 'refs/tags/') | |
defaults: | |
run: | |
working-directory: cli | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
cache-dependency-path: go.sum | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: linux/arm64 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Fetch all tags | |
run: git fetch --force --tags | |
- name: Import GPG key | |
uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0 | |
id: import_gpg | |
with: | |
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }} | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v6 | |
with: | |
distribution: goreleaser | |
version: latest | |
args: release --clean | |
workdir: cli | |
env: | |
GITHUB_TOKEN: ${{ secrets.PUBLISH_PAT }} # needs to be a non-action token because this also pushes to the homebrew repo | |
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | |
AUR_KEY: ${{ secrets.AUR_PRIVATE_KEY }} | |
DISABLE_CHANGELOG: false | |
NEOSYNC_BASE_URL: ${{ vars.DEFAULT_NEOSYNC_ENDPOINT }} | |
py-sdk-build: | |
name: Python SDK Build | |
runs-on: ubuntu-latest | |
# for now, only build when we cut a new tag | |
if: startsWith(github.ref, 'refs/tags/') | |
defaults: | |
run: | |
working-directory: python | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Package Version | |
id: package_version | |
run: | | |
V_PREFIX="v" | |
VERSION="${{ github.ref_name }}" | |
TRIMMED_VERSION="${VERSION/#$V_PREFIX}" | |
echo "$TRIMMED_VERSION" | |
echo "PACKAGE_VERSION=$TRIMMED_VERSION" >> $GITHUB_OUTPUT | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.11" | |
- name: Build SDK | |
run: | | |
python -m pip install build | |
python -m build | |
env: | |
SETUPTOOLS_SCM_PRETEND_VERSION: ${{ steps.package_version.outputs.PACKAGE_VERSION }} | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: py-package | |
path: python/dist/ | |
py-sdk-publish: | |
name: Python SDK Publish | |
runs-on: ubuntu-latest | |
needs: | |
- py-sdk-build | |
permissions: | |
id-token: write | |
steps: | |
- name: Retrieve release distributions | |
uses: actions/download-artifact@v4 | |
with: | |
name: py-package | |
path: python/dist/ | |
- name: Publish release distributions to PyPi | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
packages-dir: python/dist/ | |
attestations: true | |
ts-sdk: | |
name: TypeScript SDK Release | |
runs-on: ubuntu-latest | |
# for now, only build when we cut a new tag | |
if: startsWith(github.ref, 'refs/tags/') | |
permissions: | |
contents: read | |
id-token: write | |
defaults: | |
run: | |
working-directory: frontend | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install jq | |
run: sudo apt-get install jq | |
- name: Set up Node | |
uses: actions/setup-node@v4 | |
with: | |
registry-url: "https://registry.npmjs.org" | |
scope: "@neosync" | |
- name: Cache node modules | |
id: cache-npm | |
uses: actions/cache@v4 | |
with: | |
# npm cache files are stored in `~/.npm` on Linux/macOS | |
path: | | |
~/.npm | |
${{ github.workspace }}/.next/cache | |
key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }} | |
restore-keys: | | |
${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}- | |
- run: npm install | |
- name: Build | |
run: npm run build | |
- name: Setup Trimmed package.json version | |
run: | | |
V_PREFIX="v" | |
VERSION="${{ github.ref_name }}" | |
TRIMMED_VERSION="${VERSION/#$V_PREFIX}" | |
echo "$TRIMMED_VERSION" | |
echo "NEW_PACKAGE_VERSION=$TRIMMED_VERSION" >> $GITHUB_ENV | |
- name: Update package.json version | |
working-directory: frontend/packages/sdk | |
run: | | |
jq '.version = "${{ env.NEW_PACKAGE_VERSION }}"' package.json > temp.json && mv temp.json package.json | |
- name: Publish SDK | |
working-directory: frontend/packages/sdk | |
run: npm publish --provenance | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_DEPLOY_KEY }} |