Added publish yml file

.github/workflows/publish.yml

@@ -0,0 +1,52 @@
+name: CI
+
+# Controls when the workflow will run
+on:
+ # Triggers the workflow on push or pull request events but only for the master branch
+ push:
+ branches: [v3]
+ # pull_request:
+ # branches: [ master ]
+
+ # Allows you to run this workflow manually from the Actions tab
+ workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ - uses: actions/setup-node@v3
+ with:
+ node-version: 16
+ - run: npm ci
+
+ publish-fingerprintjs:
+ # The type of runner that the job will run on
+ needs: build
+ runs-on: ubuntu-latest
+ permissions:
+ packages: write
+ contents: read
+
+ # Steps represent a sequence of tasks that will be executed as part of the job
+ steps:
+ - uses: actions/checkout@v4
+ - uses: actions/setup-node@v3
+ with:
+ node-version: '18.x'
+ registry-url: 'https://registry.npmjs.org'
+ scope: '@carousell'
+ # Skip post-install scripts here, as a malicious
+ # script could steal NODE_AUTH_TOKEN.
+ - run: |
+ echo "//npm.pkg.github.com/:_authToken=${{ secrets.FINGERPRINTJS_TOKEN }}" >> .npmrc
+ echo "@carousell:registry=https://npm.pkg.github.com" >> .npmrc
+ - run: npm ci --ignore-scripts
+ - run: npm publish
+ env:
+ CI: true
+ NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ NPM_TOKEN: ${{ secrets.NPM_TOKEN }}