Skip to content

ci(action): update step-security/harden-runner action to v2.10.1 (#882) #271

ci(action): update step-security/harden-runner action to v2.10.1 (#882)

ci(action): update step-security/harden-runner action to v2.10.1 (#882) #271

Workflow file for this run

name: Release
on:
push:
branches:
- main
- beta
- '+([0-9])?(.{+([0-9]),x}).x'
jobs:
test:
uses: ./.github/workflows/test.yml
release:
needs: test
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Checkout project
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
persist-credentials: false
- name: Use Node.js LTS
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4
with:
node-version: 'lts/*'
cache: npm
- name: Install packages
run: npm ci
- name: Audit npm signatures
run: npm audit signatures
- name: Build project
run: npm run build
- name: Run Semantic Release
run: npx semantic-release
env:
GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}