tas/Codewalkers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: Switch to OIDC trusted publishing for npm (no token needed)

Browse Source
This commit is contained in:
Lukas May
2026-03-06 17:04:20 +01:00
parent c0096503b2
commit 2b7660f019
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.gitlab-ci.yml
View File

@@ -4,14 +4,17 @@ stages:
semantic-release: semantic-release:
stage: release stage: release
image: node:lts-alpine image: node:lts-alpine
id_tokens:
NPM_ID_TOKEN:
aud: "npm:registry.npmjs.org"
SIGSTORE_ID_TOKEN:
aud: sigstore
before_script: before_script:
- apk add git openssh - apk add git openssh
- mkdir -p ~/.ssh - mkdir -p ~/.ssh
- echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519 - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519
- ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts - ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
- chmod 600 ~/.ssh/id_ed25519 - chmod 600 ~/.ssh/id_ed25519
- export NPM_TOKEN="${NODE_AUTH_TOKEN}"
- echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> .npmrc
- npm install - npm install
- npm run build - npm run build
script: script:

2
.npmrc Normal file
View File

@@ -0,0 +1,2 @@
registry=https://registry.npmjs.org/
@carealytix:registry=https://registry.npmjs.org/