-
-
Notifications
You must be signed in to change notification settings - Fork 24
100 lines (82 loc) · 2.37 KB
/
Copy pathpublish.yml
File metadata and controls
100 lines (82 loc) · 2.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
name: Publish Gem
on:
workflow_dispatch:
release:
types: [published]
permissions:
contents: read
jobs:
build:
name: Build gem
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- uses: actions/setup-node@v4
with:
node-version: 20
cache: "yarn"
- name: Yarn install
run: yarn install --frozen-lockfile
- name: Build JavaScript
run: yarn build
- name: Run tests
run: bundle exec rake
- name: Build gem
run: bundle exec rake build
- name: Upload gem artifacts
if: github.event_name == 'release'
uses: actions/upload-artifact@v4
with:
name: gem
path: pkg/*.gem
if-no-files-found: error
retention-days: 7
push:
name: Push gem with trusted publishing
if: github.event_name == 'release' && github.repository_owner == 'marcoroth'
needs: build
timeout-minutes: 10
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
# Vendor the attestation patch from rubygems/release-gem
- name: Vendor release-gem patch
uses: actions/checkout@v4
with:
repository: rubygems/release-gem
ref: a25424ba2ba8b387abc8ef40807c2c85b96cbe32 # v1.1.1
path: .github/_release-gem
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.4'
bundler-cache: false
- name: Download gem artifacts
uses: actions/download-artifact@v4
with:
name: gem
path: pkg/
- name: Configure trusted publishing credentials
uses: rubygems/configure-rubygems-credentials@v1.0.0
- name: Push gem with Sigstore attestation
env:
# Preload the attestation patch so `gem push` generates & attaches the bundle
RUBYOPT: "-r${{ github.workspace }}/.github/_release-gem/rubygems-attestation-patch.rb"
run: |
cd pkg
for gem_file in *.gem; do
if [ -f "$gem_file" ]; then
echo "Pushing $gem_file"
gem push "$gem_file"
fi
done