66 tags :
77 - ' *'
88
9+ permissions :
10+ id-token : write
11+ contents : read
12+
913jobs :
1014 release :
1115 runs-on : ubuntu-latest
16+ environment : release
1217 env :
1318 AWS_ACCESS_KEY_ID : ${{ secrets.GIST_WEB_AWS_KEY_ID }}
1419 AWS_SECRET_ACCESS_KEY : ${{ secrets.GIST_WEB_AWS_SECRET_ACCESS_KEY }}
1520 AWS_BUCKET : ' gist-code'
1621 CLOUDFLARE_ACCESS_TOKEN : ${{ secrets.CLOUDFLARE_ACCESS_TOKEN }}
1722 CLOUDFLARE_ZONE_ID : 3310bc68d22035edbc12d5d4a4fd278c
1823 steps :
19- - uses : actions/checkout@v3
24+ - uses : actions/checkout@v4
2025 - name : Use Node.js ${{ matrix.node-version }}
21- uses : actions/setup-node@v2
26+ uses : actions/setup-node@v4
2227 with :
2328 node-version : 20
29+ registry-url : ' https://registry.npmjs.org'
30+
31+ - name : Install npm 11.5.1+ for OIDC support
32+ run : npm install -g npm@latest
33+
2434 - name : Build
2535 shell : bash
2636 run : |
@@ -41,13 +51,12 @@ jobs:
4151 aws_key_id : ${{ env.AWS_ACCESS_KEY_ID }}
4252 aws_secret_access_key : ${{ env.AWS_SECRET_ACCESS_KEY }}
4353 aws_bucket : ${{ env.AWS_BUCKET }}
44- source_dir : ' dist'
54+ source_dir : ' dist'
4555 destination_dir : ${{ env.AWS_DEST }}
4656 endpoint : ' ams3.digitaloceanspaces.com'
4757 - name : Publish to NPM
48- uses : JS-DevTools/npm-publish@9ff4ebfbe48473265867fb9608c047e7995edfa3 # v3.1.1
49- with :
50- token : ${{ secrets.NPM_TOKEN }}
58+ run : npm publish
59+
5160 - name : Update Cloudflare rules
5261 shell : bash
5362 run : |
7584 --arg version "$RELEASE_VERSION" \
7685 '(.actions[] | select(.id == "forwarding_url") | .value.url) = "https://code.gist.build/web/" + $version + "/gist.min.js"')
7786
78-
7987 echo "Sending updated rule back to Cloudflare..."
8088 curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/pagerules/$RULE_ID" \
8189 -H "Authorization: Bearer $CLOUDFLARE_ACCESS_TOKEN" \
8290 -H "Content-Type: application/json" \
8391 --data "$UPDATED_RULE"
84- done
92+ done
0 commit comments