From acd66423bbbb2fdc3f7d73708e33234ad3aa11f3 Mon Sep 17 00:00:00 2001 From: tyler ford Date: Fri, 13 Feb 2026 09:39:58 -0500 Subject: [PATCH 1/6] fix(release): updates to release and preview release workflows for trusted publishing --- .github/workflows/preview-release.yml | 14 ++------------ .github/workflows/release.yml | 7 ++++--- 2 files changed, 6 insertions(+), 15 deletions(-) diff --git a/.github/workflows/preview-release.yml b/.github/workflows/preview-release.yml index 91fbc877d4..5d9706502e 100644 --- a/.github/workflows/preview-release.yml +++ b/.github/workflows/preview-release.yml @@ -53,6 +53,7 @@ jobs: uses: actions/setup-node@v6 with: node-version-file: '.nvmrc' + registry-url: 'https://registry.npmjs.org' - name: Get yarn cache id: yarn-cache @@ -68,16 +69,6 @@ jobs: - name: Install dependencies run: yarn install --immutable - - name: Creating .npmrc - run: | - cat << EOF > "$HOME/.npmrc" - provenance=true - email=npmjs@commercetools.com - //registry.npmjs.org/:_authToken=$NPM_TOKEN - EOF - env: - NPM_TOKEN: ${{ secrets.NPM_TOKEN }} - - name: Building packages run: yarn build @@ -91,7 +82,7 @@ jobs: run: | PREVIEW_TAG=$(echo "$BRANCH_NAME" | sed -e 's/^preview\///') yarn changeset version --snapshot ${PREVIEW_TAG} - yarn changeset publish --tag ${PREVIEW_TAG} + yarn changeset publish --tag ${PREVIEW_TAG} --provenance env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} @@ -103,4 +94,3 @@ jobs: --body "Release workflow ${{ job.status == 'success' && 'succeeded ✅' || 'failed ❌' }}\nSee details: [Workflow Run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})" env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} - diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 84388b782b..5a34e4c07d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -35,6 +35,7 @@ jobs: uses: actions/setup-node@v6 with: node-version-file: '.nvmrc' + registry-url: 'https://registry.npmjs.org' - name: Get yarn cache id: yarn-cache @@ -73,10 +74,10 @@ jobs: - name: Create Release Pull Request or Publish to npm id: changesets - uses: dotansimha/changesets-action@v1.5.2 + uses: changesets/action@v1.7.0 with: commit: 'ci(changesets): version packages' - publish: yarn changeset publish + publish: yarn changeset publish --provenance version: yarn changeset:version-and-format createGithubReleases: aggregate githubReleaseName: v${{ steps.release_version.outputs.VALUE }} @@ -91,6 +92,6 @@ jobs: run: | git checkout main yarn changeset version --snapshot canary - yarn changeset publish --tag canary + yarn changeset publish --tag canary --provenance env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} From b62f8632e1f196eb61b827abf20640503b1e049d Mon Sep 17 00:00:00 2001 From: tyler ford Date: Fri, 13 Feb 2026 11:40:18 -0500 Subject: [PATCH 2/6] fix(release): add caller for preview release --- .github/workflows/preview-release-caller.yml | 40 +++++++++++++++++ .github/workflows/preview-release.yml | 46 +++++++++----------- .github/workflows/release.yml | 13 ++++-- 3 files changed, 70 insertions(+), 29 deletions(-) create mode 100644 .github/workflows/preview-release-caller.yml diff --git a/.github/workflows/preview-release-caller.yml b/.github/workflows/preview-release-caller.yml new file mode 100644 index 0000000000..27b275e5d7 --- /dev/null +++ b/.github/workflows/preview-release-caller.yml @@ -0,0 +1,40 @@ +name: Preview Release (Caller) + +on: + issue_comment: + types: [created] + +permissions: + id-token: write + contents: read + pull-requests: write + issues: write + +jobs: + extract-context: + if: github.event.issue.pull_request && startsWith(github.event.comment.body, '[preview_deployment]') + runs-on: ubuntu-latest + outputs: + head_ref: ${{ steps.comment-branch.outputs.head_ref }} + issue_number: ${{ github.event.issue.number }} + steps: + - name: Get branch of PR + uses: xt0rted/pull-request-comment-branch@v1 + id: comment-branch + + - name: Validate branch name + run: | + if [[ ! "$BRANCH_NAME" =~ ^preview/[a-zA-Z0-9_-]+$ ]]; then + echo "Ignoring PR because of the branch name. Exiting workflow." + exit 1 + fi + env: + BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} + + call-preview-release: + needs: extract-context + uses: ./.github/workflows/preview-release.yml + with: + head_ref: ${{ needs.extract-context.outputs.head_ref }} + issue_number: ${{ needs.extract-context.outputs.issue_number }} + secrets: inherit diff --git a/.github/workflows/preview-release.yml b/.github/workflows/preview-release.yml index 5d9706502e..30283476ab 100644 --- a/.github/workflows/preview-release.yml +++ b/.github/workflows/preview-release.yml @@ -1,19 +1,28 @@ name: Preview Release on Comment -permissions: - id-token: write - contents: read - pull-requests: write - issues: write - on: - issue_comment: - types: [created] + workflow_call: + inputs: + head_ref: + required: true + type: string + issue_number: + required: true + type: string + secrets: + CT_CHANGESETS_APP_ID: + required: true + CT_CHANGESETS_APP_PEM: + required: true jobs: release-preview-on-comment: - if: github.event.issue.pull_request && startsWith(github.event.comment.body, '[preview_deployment]') runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + pull-requests: write + issues: write timeout-minutes: 15 @@ -26,19 +35,6 @@ jobs: app_id: ${{ secrets.CT_CHANGESETS_APP_ID }} private_key: ${{ secrets.CT_CHANGESETS_APP_PEM }} - - name: Get branch of PR - uses: xt0rted/pull-request-comment-branch@v1 - id: comment-branch - - - name: Validate branch name - run: | - if [[ ! "$BRANCH_NAME" =~ ^preview/[a-zA-Z0-9_-]+$ ]]; then - echo "Ignoring PR because of the branch name. Exiting workflow." - exit 1 - fi - env: - BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} - - name: Checkout code uses: actions/checkout@v6 with: @@ -46,7 +42,7 @@ jobs: # other workflows # https://help.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token # https://github.community/t/action-does-not-trigger-another-on-push-tag-action/17148/8 - ref: ${{ steps.comment-branch.outputs.head_ref }} + ref: ${{ inputs.head_ref }} token: ${{ steps.generate_github_token.outputs.token }} - name: Setup Node (uses version in .nvmrc) @@ -85,12 +81,12 @@ jobs: yarn changeset publish --tag ${PREVIEW_TAG} --provenance env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} - BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} + BRANCH_NAME: ${{ inputs.head_ref }} - name: Post workflow result on PR as a comment if: always() run: | - gh issue comment ${{ github.event.issue.number }} \ + gh issue comment ${{ inputs.issue_number }} \ --body "Release workflow ${{ job.status == 'success' && 'succeeded ✅' || 'failed ❌' }}\nSee details: [Workflow Run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})" env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5a34e4c07d..58d1a0c288 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,14 +4,19 @@ on: push: branches: - main - -permissions: - id-token: write - contents: read + workflow_call: + secrets: + CT_CHANGESETS_APP_ID: + required: true + CT_CHANGESETS_APP_PEM: + required: true jobs: release: runs-on: ubuntu-latest + permissions: + id-token: write + contents: read steps: # Get GitHub token via the CT Changesets App From 2b77a58b79d65788f4755ad386417336a224c082 Mon Sep 17 00:00:00 2001 From: tyler ford Date: Fri, 13 Feb 2026 12:38:35 -0500 Subject: [PATCH 3/6] fix(release): clarify release workflow as entry point --- .github/workflows/preview-release-caller.yml | 40 ------- ...ase.yml => preview-release-on-comment.yml} | 41 +++---- .github/workflows/publish-release.yml | 94 +++++++++++++++ .github/workflows/release.yml | 108 +++--------------- 4 files changed, 133 insertions(+), 150 deletions(-) delete mode 100644 .github/workflows/preview-release-caller.yml rename .github/workflows/{preview-release.yml => preview-release-on-comment.yml} (75%) create mode 100644 .github/workflows/publish-release.yml diff --git a/.github/workflows/preview-release-caller.yml b/.github/workflows/preview-release-caller.yml deleted file mode 100644 index 27b275e5d7..0000000000 --- a/.github/workflows/preview-release-caller.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Preview Release (Caller) - -on: - issue_comment: - types: [created] - -permissions: - id-token: write - contents: read - pull-requests: write - issues: write - -jobs: - extract-context: - if: github.event.issue.pull_request && startsWith(github.event.comment.body, '[preview_deployment]') - runs-on: ubuntu-latest - outputs: - head_ref: ${{ steps.comment-branch.outputs.head_ref }} - issue_number: ${{ github.event.issue.number }} - steps: - - name: Get branch of PR - uses: xt0rted/pull-request-comment-branch@v1 - id: comment-branch - - - name: Validate branch name - run: | - if [[ ! "$BRANCH_NAME" =~ ^preview/[a-zA-Z0-9_-]+$ ]]; then - echo "Ignoring PR because of the branch name. Exiting workflow." - exit 1 - fi - env: - BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} - - call-preview-release: - needs: extract-context - uses: ./.github/workflows/preview-release.yml - with: - head_ref: ${{ needs.extract-context.outputs.head_ref }} - issue_number: ${{ needs.extract-context.outputs.issue_number }} - secrets: inherit diff --git a/.github/workflows/preview-release.yml b/.github/workflows/preview-release-on-comment.yml similarity index 75% rename from .github/workflows/preview-release.yml rename to .github/workflows/preview-release-on-comment.yml index 30283476ab..37b49a109d 100644 --- a/.github/workflows/preview-release.yml +++ b/.github/workflows/preview-release-on-comment.yml @@ -1,28 +1,16 @@ name: Preview Release on Comment +# Reusable workflow that publishes preview releases from PR branches: +# - Validates the branch name starts with "preview/" +# - Checks out the PR branch +# - Publishes snapshot packages to npm with a preview tag +# - Posts workflow status as a comment on the PR on: workflow_call: - inputs: - head_ref: - required: true - type: string - issue_number: - required: true - type: string - secrets: - CT_CHANGESETS_APP_ID: - required: true - CT_CHANGESETS_APP_PEM: - required: true jobs: release-preview-on-comment: runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - pull-requests: write - issues: write timeout-minutes: 15 @@ -35,6 +23,19 @@ jobs: app_id: ${{ secrets.CT_CHANGESETS_APP_ID }} private_key: ${{ secrets.CT_CHANGESETS_APP_PEM }} + - name: Get branch of PR + uses: xt0rted/pull-request-comment-branch@v1 + id: comment-branch + + - name: Validate branch name + run: | + if [[ ! "$BRANCH_NAME" =~ ^preview/[a-zA-Z0-9_-]+$ ]]; then + echo "Ignoring PR because of the branch name. Exiting workflow." + exit 1 + fi + env: + BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} + - name: Checkout code uses: actions/checkout@v6 with: @@ -42,7 +43,7 @@ jobs: # other workflows # https://help.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token # https://github.community/t/action-does-not-trigger-another-on-push-tag-action/17148/8 - ref: ${{ inputs.head_ref }} + ref: ${{ steps.comment-branch.outputs.head_ref }} token: ${{ steps.generate_github_token.outputs.token }} - name: Setup Node (uses version in .nvmrc) @@ -81,12 +82,12 @@ jobs: yarn changeset publish --tag ${PREVIEW_TAG} --provenance env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} - BRANCH_NAME: ${{ inputs.head_ref }} + BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} - name: Post workflow result on PR as a comment if: always() run: | - gh issue comment ${{ inputs.issue_number }} \ + gh issue comment ${{ github.event.issue.number }} \ --body "Release workflow ${{ job.status == 'success' && 'succeeded ✅' || 'failed ❌' }}\nSee details: [Workflow Run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})" env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml new file mode 100644 index 0000000000..a4806f45a1 --- /dev/null +++ b/.github/workflows/publish-release.yml @@ -0,0 +1,94 @@ +name: Publish Release +# Reusable workflow that handles official releases: +# - Versions packages using changesets and publishes to npm +# - Creates GitHub releases +# - Publishes canary releases if no official release was created + +on: + workflow_call: + +jobs: + publish-release: + runs-on: ubuntu-latest + + steps: + # Get GitHub token via the CT Changesets App + - name: Generate GitHub token (via CT Changesets App) + id: generate_github_token + uses: tibdex/github-app-token@v2.1.0 + with: + app_id: ${{ secrets.CT_CHANGESETS_APP_ID }} + private_key: ${{ secrets.CT_CHANGESETS_APP_PEM }} + + - name: Checkout + uses: actions/checkout@v6 + with: + # Pass a personal access token (using our `ct-release-bot` account) to be able to trigger + # other workflows + # https://help.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token + # https://github.community/t/action-does-not-trigger-another-on-push-tag-action/17148/8 + token: ${{ steps.generate_github_token.outputs.token }} + + - name: Setup Node (uses version in .nvmrc) + uses: actions/setup-node@v6 + with: + node-version-file: '.nvmrc' + registry-url: 'https://registry.npmjs.org' + + - name: Get yarn cache + id: yarn-cache + run: echo "::set-output name=dir::$(yarn config get cacheFolder)" + + - name: Verify npm version + run: | + npm --version + # Ensure latest npm is installed for trusted publishing (OIDC) + + - uses: actions/cache@v5 + with: + path: ${{ steps.yarn-cache.outputs.dir }} + key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock', 'patches/*.patch') }} + restore-keys: | + ${{ runner.os }}-yarn- + + - name: Install dependencies + run: yarn install --immutable + + - name: Building packages + run: yarn build + + - name: Building package READMEs + run: yarn generate-readmes + env: + CI: true + + - name: Storing release version for changeset + id: release_version + run: echo "VALUE=$(./scripts/print_release_version.sh)" >> $GITHUB_OUTPUT + shell: bash + env: + GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} + + - name: Create Release Pull Request or Publish to npm + id: changesets + uses: changesets/action@v1.7.0 + with: + commit: 'ci(changesets): version packages' + publish: yarn changeset publish --provenance + version: yarn changeset:version-and-format + createGithubReleases: aggregate + githubReleaseName: v${{ steps.release_version.outputs.VALUE }} + githubTagName: v${{ steps.release_version.outputs.VALUE }} + env: + GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} + SKIP_POSTINSTALL_DEV_SETUP: true + + # Publish canary releases only if the packages weren't published already + - name: Publishing canary releases to npm registry + if: steps.changesets.outputs.published != 'true' + run: | + git checkout main + yarn changeset version --snapshot canary + yarn changeset publish --tag canary --provenance + env: + GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 58d1a0c288..61dc7b23f2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,102 +1,30 @@ name: Release +# Entry workflow that coordinates release processes: +# - Publishes official releases when code is pushed to main, adhering to the single workflow, npm trusted publishing/OIDC pattern +# - Publishes preview releases when triggered via PR comment with [preview_deployment] on: push: branches: - main - workflow_call: - secrets: - CT_CHANGESETS_APP_ID: - required: true - CT_CHANGESETS_APP_PEM: - required: true + issue_comment: + types: [created] jobs: - release: - runs-on: ubuntu-latest + publish-release: + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + uses: ./.github/workflows/publish-release.yml permissions: id-token: write contents: read + secrets: inherit - steps: - # Get GitHub token via the CT Changesets App - - name: Generate GitHub token (via CT Changesets App) - id: generate_github_token - uses: tibdex/github-app-token@v2.1.0 - with: - app_id: ${{ secrets.CT_CHANGESETS_APP_ID }} - private_key: ${{ secrets.CT_CHANGESETS_APP_PEM }} - - - name: Checkout - uses: actions/checkout@v6 - with: - # Pass a personal access token (using our `ct-release-bot` account) to be able to trigger - # other workflows - # https://help.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token - # https://github.community/t/action-does-not-trigger-another-on-push-tag-action/17148/8 - token: ${{ steps.generate_github_token.outputs.token }} - - - name: Setup Node (uses version in .nvmrc) - uses: actions/setup-node@v6 - with: - node-version-file: '.nvmrc' - registry-url: 'https://registry.npmjs.org' - - - name: Get yarn cache - id: yarn-cache - run: echo "::set-output name=dir::$(yarn config get cacheFolder)" - - - - name: Verify npm version - run: | - npm --version - # Ensure latest npm is installed for trusted publishing (OIDC) - - - uses: actions/cache@v5 - with: - path: ${{ steps.yarn-cache.outputs.dir }} - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock', 'patches/*.patch') }} - restore-keys: | - ${{ runner.os }}-yarn- - - - name: Install dependencies - run: yarn install --immutable - - - name: Building packages - run: yarn build - - - name: Building package READMEs - run: yarn generate-readmes - env: - CI: true - - - name: Storing release version for changeset - id: release_version - run: echo "VALUE=$(./scripts/print_release_version.sh)" >> $GITHUB_OUTPUT - shell: bash - env: - GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} - - - name: Create Release Pull Request or Publish to npm - id: changesets - uses: changesets/action@v1.7.0 - with: - commit: 'ci(changesets): version packages' - publish: yarn changeset publish --provenance - version: yarn changeset:version-and-format - createGithubReleases: aggregate - githubReleaseName: v${{ steps.release_version.outputs.VALUE }} - githubTagName: v${{ steps.release_version.outputs.VALUE }} - env: - GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} - SKIP_POSTINSTALL_DEV_SETUP: true - - # Publish canary releases only if the packages weren't published already - - name: Publishing canary releases to npm registry - if: steps.changesets.outputs.published != 'true' - run: | - git checkout main - yarn changeset version --snapshot canary - yarn changeset publish --tag canary --provenance - env: - GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} + publish-preview: + if: github.event_name == 'issue_comment' && github.event.issue.pull_request && startsWith(github.event.comment.body, '[preview_deployment]') + uses: ./.github/workflows/preview-release.yml + permissions: + id-token: write + contents: read + pull-requests: write + issues: write + secrets: inherit From e228f38397259839a2a13e80474ddcc9eb3dbe43 Mon Sep 17 00:00:00 2001 From: tyler ford Date: Fri, 13 Feb 2026 12:39:47 -0500 Subject: [PATCH 4/6] fix(release): update preview release filename --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 61dc7b23f2..69452b0093 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: publish-preview: if: github.event_name == 'issue_comment' && github.event.issue.pull_request && startsWith(github.event.comment.body, '[preview_deployment]') - uses: ./.github/workflows/preview-release.yml + uses: ./.github/workflows/preview-release-on-comment.yml permissions: id-token: write contents: read From 8c26e6f736ff783dfe71fb091030e810b18f6a4d Mon Sep 17 00:00:00 2001 From: tyler ford Date: Fri, 13 Feb 2026 12:43:21 -0500 Subject: [PATCH 5/6] fix(release): rm branch name requirement for previews --- .github/workflows/preview-release-on-comment.yml | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/.github/workflows/preview-release-on-comment.yml b/.github/workflows/preview-release-on-comment.yml index 37b49a109d..891178f805 100644 --- a/.github/workflows/preview-release-on-comment.yml +++ b/.github/workflows/preview-release-on-comment.yml @@ -1,6 +1,5 @@ name: Preview Release on Comment # Reusable workflow that publishes preview releases from PR branches: -# - Validates the branch name starts with "preview/" # - Checks out the PR branch # - Publishes snapshot packages to npm with a preview tag # - Posts workflow status as a comment on the PR @@ -27,15 +26,6 @@ jobs: uses: xt0rted/pull-request-comment-branch@v1 id: comment-branch - - name: Validate branch name - run: | - if [[ ! "$BRANCH_NAME" =~ ^preview/[a-zA-Z0-9_-]+$ ]]; then - echo "Ignoring PR because of the branch name. Exiting workflow." - exit 1 - fi - env: - BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} - - name: Checkout code uses: actions/checkout@v6 with: @@ -74,10 +64,9 @@ jobs: env: CI: true - # Publish preview releases only if the branch starts with "preview/" and the pr comment contains "[preview_deployment]" - name: Publishing preview releases to npm registry run: | - PREVIEW_TAG=$(echo "$BRANCH_NAME" | sed -e 's/^preview\///') + PREVIEW_TAG=$(echo "$BRANCH_NAME" | sed -e 's/[^a-zA-Z0-9-]/-/g') yarn changeset version --snapshot ${PREVIEW_TAG} yarn changeset publish --tag ${PREVIEW_TAG} --provenance env: From 760fb6191df44ac2970b77a3bc8078b5a20d8808 Mon Sep 17 00:00:00 2001 From: tyler ford Date: Fri, 13 Feb 2026 12:45:30 -0500 Subject: [PATCH 6/6] fix(release): rm provenance arg --- .github/workflows/preview-release-on-comment.yml | 2 +- .github/workflows/publish-release.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/preview-release-on-comment.yml b/.github/workflows/preview-release-on-comment.yml index 891178f805..5ee357ef3a 100644 --- a/.github/workflows/preview-release-on-comment.yml +++ b/.github/workflows/preview-release-on-comment.yml @@ -68,7 +68,7 @@ jobs: run: | PREVIEW_TAG=$(echo "$BRANCH_NAME" | sed -e 's/[^a-zA-Z0-9-]/-/g') yarn changeset version --snapshot ${PREVIEW_TAG} - yarn changeset publish --tag ${PREVIEW_TAG} --provenance + yarn changeset publish --tag ${PREVIEW_TAG} env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }} BRANCH_NAME: ${{ steps.comment-branch.outputs.head_ref }} diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index a4806f45a1..18f7b2fbe8 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -74,7 +74,7 @@ jobs: uses: changesets/action@v1.7.0 with: commit: 'ci(changesets): version packages' - publish: yarn changeset publish --provenance + publish: yarn changeset publish version: yarn changeset:version-and-format createGithubReleases: aggregate githubReleaseName: v${{ steps.release_version.outputs.VALUE }} @@ -89,6 +89,6 @@ jobs: run: | git checkout main yarn changeset version --snapshot canary - yarn changeset publish --tag canary --provenance + yarn changeset publish --tag canary env: GITHUB_TOKEN: ${{ steps.generate_github_token.outputs.token }}