chore(release): setup new publish-to-bcr
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
new file mode 100644
index 0000000..0712e52
--- /dev/null
+++ b/.github/workflows/publish.yaml
@@ -0,0 +1,33 @@
+on:
+ # Run the publish workflow after a successful release
+ # Will be triggered from the release.yaml workflow
+ workflow_call:
+ inputs:
+ tag_name:
+ required: true
+ type: string
+ secrets:
+ publish_token:
+ required: true
+ # In case of problems, let release engineers retry by manually dispatching
+ # the workflow from the GitHub UI
+ workflow_dispatch:
+ inputs:
+ tag_name:
+ required: true
+ type: string
+
+jobs:
+ publish:
+ uses: bazel-contrib/publish-to-bcr/.github/workflows/publish.yaml@v0.0.4
+ with:
+ tag_name: ${{ inputs.tag_name }}
+ # GitHub repository which is a fork of the upstream where the Pull Request will be opened.
+ registry_fork: bazel-contrib/bazel-central-registry
+ permissions:
+ attestations: write
+ contents: write
+ id-token: write
+ secrets:
+ # Necessary to push to the BCR fork, and to open a pull request against a registry
+ publish_token: ${{ secrets.BCR_PUBLISH_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7f1c2ed..7741979 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,8 +15,19 @@
contents: write
jobs:
release:
- uses: bazel-contrib/.github/.github/workflows/release_ruleset.yaml@0b644c3ee5c7cd9a7657f7e782b26a599d9b6d5c # 2025-01-23
+ uses: bazel-contrib/.github/.github/workflows/release_ruleset.yaml@v7.2.0
with:
prerelease: false
release_files: rules_nodejs-*.tar.gz
- tag_name: ${{ inputs.tag_name }}
+ tag_name: ${{ inputs.tag_name || github.ref_name }}
+ publish:
+ needs: release
+ uses: ./.github/workflows/publish.yaml
+ with:
+ tag_name: ${{ inputs.tag_name || github.ref_name }}
+ permissions:
+ id-token: write
+ attestations: write
+ contents: write
+ secrets:
+ publish_token: ${{ secrets.BCR_PUBLISH_TOKEN }}
