chore: add semantic release (#1)

calimero-network · Dec 3, 2024 · ec54cc8 · ec54cc8
1 parent 8c483a5
commit ec54cc8
Show file tree

Hide file tree

Showing 5 changed files with 2,320 additions and 46 deletions.
diff --git a/.github/workflows/calimero_sdk_publish.yml b/.github/workflows/calimero_sdk_publish.yml
@@ -6,47 +6,24 @@ on:
       - master
   workflow_dispatch:
 
-jobs:
-  metadata:
-    name: Get package metadata
-    runs-on: ubuntu-latest
-    outputs:
-      package_exists: ${{ steps.check_release.outputs.exists }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Use Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '18.x'
-          registry-url: 'https://registry.npmjs.org'
-          scope: '@calimero-is-near'
-
-      - name: Check if release exists
-        id: check_release
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          PACKAGE_VERSION=$(node -p "require('./package.json').version")
-          REGISTRY_VERSION=$(npm view @calimero-is-near/calimero-p2p-sdk@$VERSION version)
-          if [[ "$PACKAGE_VERSION" == "$REGISTRY_VERSION" ]]; then
-            echo "exists=true" >> $GITHUB_OUTPUT
-          else
-            echo "exists=false" >> $GITHUB_OUTPUT
-          fi
+permissions:
+  contents: read # for checkout
 
+jobs:
   publish:
     name: Build and release
     runs-on: ubuntu-latest
-    needs: metadata
-    if: needs.metadata.outputs.package_exists == 'false'
-    env:
-      NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
+      id-token: write # to enable use of OIDC for npm provenance
     steps:
       - uses: actions/checkout@v4
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '18.x'
+          node-version: '20.x'
           registry-url: 'https://registry.npmjs.org'
           scope: '@calimero-is-near'
 
@@ -72,6 +49,11 @@ jobs:
       - name: Build Calimero SDK
         run: pnpm buildSdk
 
-      - name: Publish Calimero SDK
-        run: pnpm publish --access public --no-git-checks
-        working-directory: ./
+      - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
+        run: pnpm audit signatures
+
+      - name: Release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: npx semantic-release
diff --git a/.nvmrc b/.nvmrc
@@ -0,0 +1 @@
+v20.13.1
diff --git a/.releaserc b/.releaserc
@@ -0,0 +1,5 @@
+{
+    "branches": [
+        "master"
+    ]
+}
diff --git a/package.json b/package.json
@@ -37,6 +37,7 @@
     "jest": "^26.0.1",
     "prettier": "3.3.2",
     "rimraf": "^3.0.0",
+    "semantic-release": "^24.2.0",
     "semver": "^7.6.1",
     "ts-jest": "^26.5.6",
     "typescript": "^4.9.5",