chore: release to GitHub

jkowalleck · jkowalleck · commit 769fd921d93e · 2024-05-23T16:29:34.000+02:00
Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -78,14 +78,14 @@ jobs:
       - name: git push back
         run: git push --follow-tags
 
-  publish-NPMJS:
+  publish-package:
     needs:
       - "bump"
-    name: publish NPMJS
+    name: publish package
     runs-on: ubuntu-latest
     timeout-minutes: 30
     env:
-      NPMJS_RELEASE_TAG: ${{ github.event.inputs.prerelease == 'true' && 'unstable-prerelease' || 'latest' }}
+      PACKAGE_RELEASE_TAG: ${{ github.event.inputs.prerelease == 'true' && 'unstable-prerelease' || 'latest' }}
     steps:
       - name: Checkout code
         # see https://github.com/actions/checkout
@@ -100,16 +100,27 @@ jobs:
       - name: install build tools
         run: npm i --ignore-scripts --include=optional --loglevel=silly
       # no explicit npm build. if a build is required, it should be configured as prepublish/prepublishOnly script of npm.
-      - name: login to NPMJS
-        run: npm config set "//registry.npmjs.org/:_authToken=$NPMJS_AUTH_TOKEN"
+      - name: login to registries
+        run: |
+          npm config set "//registry.npmjs.org/:_authToken=$NPM_TOKEN"
+          npm config set "//npm.pkg.github.com/:_authToken=$GITHUB_TOKEN"
         env:
-          NPMJS_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-      - name: publish to NPMJS as "${{ env.NPMJS_RELEASE_TAG }}"
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+      - name: publish to NPMJS as "${{ env.PACKAGE_RELEASE_TAG }}"
+        run: >
+          npm publish
+          --@cyclonedx:registry='https://registry.npmjs.org'
+          --provenance
+          --access public 
+          --tag "$PACKAGE_RELEASE_TAG"
+      - name: publish to GitHub as "${{ env.PACKAGE_RELEASE_TAG }}"
         run: >
-          npm publish 
+          npm publish
+          --@cyclonedx:registry='https://npm.pkg.github.com'
           --provenance
           --access public 
-          --tag "$NPMJS_RELEASE_TAG"
+          --tag "$PACKAGE_RELEASE_TAG"
       - name: pack release result
         run: |
           mkdir -p "$PACKED_DIR"
@@ -125,7 +136,7 @@ jobs:
   release-GH:
     needs:
       - "bump"
-      - "publish-NPMJS"
+      - "publish-package"
     name: publish GitHub
     runs-on: ubuntu-latest
     timeout-minutes: 30
