From bb5ff8c3286ba07446f54af7f36c68230a9e531e Mon Sep 17 00:00:00 2001 From: Jason Garber Date: Fri, 22 Dec 2023 18:25:39 +0000 Subject: [PATCH] Add publish workflow This workflow will build and publish a new version of the gem to both RubyGems.org and GitHub packages when a new GitHub Release is created. Additionally, the RubyGems-pushed gem uses Trusted Publishing for added security. See: https://guides.rubygems.org/trusted-publishing/ This workflow is derived from my personal work and has served me well so far. An example: https://github.com/jgarber623/micromicro/blob/main/.github/workflows/publish.yml --- .github/workflows/publish.yml | 46 +++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..3e1e684 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,46 @@ +name: Publish + +on: + release: + types: [published] + +jobs: + ci: + name: CI + uses: ./.github/workflows/ci.yml + publish-to-rubygems: + name: Publish to RubyGems + permissions: + contents: write + id-token: write + needs: ci + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + ruby-version: "3.0" + - uses: rubygems/release-gem@v1 + publish-to-github-packages: + name: Publish to GitHub Packages + permissions: + contents: read + packages: write + needs: ci + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + ruby-version: "3.0" + - run: | + mkdir -p $HOME/.gem + touch $HOME/.gem/credentials + chmod 0600 $HOME/.gem/credentials + printf -- "---\n:github: Bearer ${{ secrets.GITHUB_TOKEN }}\n" > $HOME/.gem/credentials + - run: bundle exec rake release + env: + BUNDLE_GEM__PUSH_KEY: github + RUBYGEMS_HOST: "https://rubygems.pkg.github.com/${{ github.repository_owner }}"