Skip to content

v0.2.0

v0.2.0 #4

Workflow file for this run

name: Publish Gem
on:
workflow_dispatch:
release:
types: [published]
permissions:
contents: read
jobs:
build:
name: Build gem
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- uses: actions/setup-node@v4
with:
node-version: 20
cache: "yarn"
- name: Yarn install
run: yarn install --frozen-lockfile
- name: Build JavaScript
run: yarn build
- name: Run tests
run: bundle exec rake
- name: Build gem
run: bundle exec rake build
- name: Upload gem artifacts
if: github.event_name == 'release'
uses: actions/upload-artifact@v4
with:
name: gem
path: pkg/*.gem
if-no-files-found: error
retention-days: 7
push:
name: Push gem with trusted publishing
if: github.event_name == 'release' && github.repository_owner == 'marcoroth'
needs: build
timeout-minutes: 10
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
# Vendor the attestation patch from rubygems/release-gem
- name: Vendor release-gem patch
uses: actions/checkout@v4
with:
repository: rubygems/release-gem
ref: a25424ba2ba8b387abc8ef40807c2c85b96cbe32 # v1.1.1
path: .github/_release-gem
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.4'
bundler-cache: false
- name: Download gem artifacts
uses: actions/download-artifact@v4
with:
name: gem
path: pkg/
- name: Configure trusted publishing credentials
uses: rubygems/configure-rubygems-credentials@v1.0.0
- name: Push gem with Sigstore attestation
env:
# Preload the attestation patch so `gem push` generates & attaches the bundle
RUBYOPT: "-r${{ github.workspace }}/.github/_release-gem/rubygems-attestation-patch.rb"
run: |
cd pkg
for gem_file in *.gem; do
if [ -f "$gem_file" ]; then
echo "Pushing $gem_file"
gem push "$gem_file"
fi
done