Skip to content

security

security #6

Workflow file for this run

name: npm-publish
on:
push:
branches:
- main
jobs:
publish-npm:
runs-on: ubuntu-latest
# Add "id-token" with the intended permissions.
permissions:
contents: 'read'
id-token: 'write'
steps:
- uses: actions/checkout@v3
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v0'
with:
workload_identity_provider: 'projects/753698311885/locations/global/workloadIdentityPools/github-pool/providers/github-provider'
service_account: 'github-service-account@nitraai.iam.gserviceaccount.com'
- id: secrets
uses: google-github-actions/get-secretmanager-secrets@main
with:
secrets: |-
npm-token:nitraai/npm-token
- name: publish
working-directory: npm
run: npx @jsdevtools/npm-publish --token=${{ steps.secrets.outputs.npm-token }} --access=public