From: Haoqun Jiang <haoqunjiang@gmail.com>
Date: Fri, 29 Nov 2024 16:10:56 +0000 (+0800)
Subject: workflow: set up automated publishing with provenance support
X-Git-Tag: v3.12.2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=35dec8bda210946fd8eb85f7a643f56ec1be81ea;p=thirdparty%2Fvuejs%2Fcreate-vue.git

workflow: set up automated publishing with provenance support
---

diff --git a/.github/MAINTENANCE.md b/.github/MAINTENANCE.md
new file mode 100644
index 00000000..26b951b9
--- /dev/null
+++ b/.github/MAINTENANCE.md
@@ -0,0 +1,11 @@
+This document explains how to perform the project's maintenance tasks.
+
+### Creating a new release
+
+Anyone with write access to the main branch of both this repository and [create-vue-templates](https://github.com/vuejs/create-vue-templates/) can request a new release. This includes repository maintainers, repository adminstrators, and Vue.js organization administrators.
+
+To do so, follow these steps:
+
+1. Run `pnpm version <patch|minor|major>` locally to bump the version number and create a new commit / tag. The `postversion` script will automatically push the changes to the repository.
+2. The release will be automatically published to npm by GitHub Actions once approved by an *administrator*.
+3. Go to <https://github.com/vuejs/create-vue/releases/new> and create a new release with the tag that was just created. Describe the notable changes in the release notes.
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
new file mode 100644
index 00000000..e3eac4f7
--- /dev/null
+++ b/.github/workflows/publish.yml
@@ -0,0 +1,28 @@
+name: Publish
+
+on:
+  push:
+    tags:
+      - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+
+jobs:
+  release:
+    # Use Publish environment for deployment protection
+    environment: Publish
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 9
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 'lts/*'
+          registry-url: 'https://registry.npmjs.org'
+      - run: pnpm install
+      - run: pnpm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
diff --git a/package.json b/package.json
index 3e37f2ca..e6b1f220 100644
--- a/package.json
+++ b/package.json
@@ -23,7 +23,8 @@
     "pretest": "pnpm run build && pnpm run snapshot",
     "test": "zx ./scripts/test.mjs",
     "test:unit": "vitest",
-    "prepublishOnly": "zx ./scripts/prepublish.mjs"
+    "postversion": "zx ./scripts/postversion.mjs",
+    "prepublishOnly": "pnpm run build"
   },
   "repository": {
     "type": "git",
@@ -58,5 +59,9 @@
     "*.{js,ts,vue,json}": [
       "prettier --write"
     ]
+  },
+  "publishConfig": {
+    "access": "public",
+    "provenance": true
   }
 }
diff --git a/scripts/prepublish.mjs b/scripts/postversion.mjs
similarity index 100%
rename from scripts/prepublish.mjs
rename to scripts/postversion.mjs