vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-10 00:31:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: use oidc token for npm promotion

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-02 20:23:56 +01:00
parent dbfb13b93a
commit 658f0c5d2d
4 changed files with 78 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/openclaw-npm-promote-beta.yml vendored
View File

@@ -23,6 +23,7 @@ jobs:
environment: npm-release
permissions:
contents: read
id-token: write
steps:
- name: Validate version input format
env:
@@ -69,16 +70,15 @@ jobs:
- name: Promote beta to latest
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
RELEASE_VERSION: ${{ inputs.version }}
run: |
set -euo pipefail
registry_token="$(node scripts/npm-oidc-exchange-token.mjs openclaw)"
userconfig="$(mktemp)"
trap 'rm -f "${userconfig}"' EXIT
chmod 0600 "${userconfig}"
printf '%s\n' "//registry.npmjs.org/:_authToken=${NODE_AUTH_TOKEN}" > "${userconfig}"
printf '%s\n' "//registry.npmjs.org/:_authToken=${registry_token}" > "${userconfig}"
NPM_CONFIG_USERCONFIG="${userconfig}" npm whoami >/dev/null
NPM_CONFIG_USERCONFIG="${userconfig}" \
npm dist-tag add "openclaw@${RELEASE_VERSION}" latest
promoted_latest="$(npm view openclaw dist-tags.latest)"