name: CI on: push: branches: [main] jobs: build-and-publish: runs-on: node-latest defaults: run: shell: sh steps: - name: Checkout repository env: ALPINE_MIRROR: ${{ secrets.ALPINE_MIRROR }} GITEA_TOKEN: ${{ secrets.G_TOKEN }} run: | set -e ALPINE_VERSION=$(cat /etc/alpine-release | cut -d'.' -f1-2) && \ echo "${ALPINE_MIRROR}v${ALPINE_VERSION}/main" > /etc/apk/repositories && \ echo "${ALPINE_MIRROR}v${ALPINE_VERSION}/community" >> /etc/apk/repositories apk update apk add --no-cache git HOST="${GITHUB_SERVER_URL#https://}" REPO="${{ github.repository }}" AUTH_URL="https://${GITEA_TOKEN}@${HOST}/${REPO}.git" git clone --depth 1 --branch "$GITHUB_REF_NAME" "$AUTH_URL" . if [ "$(git rev-parse HEAD)" != "$GITHUB_SHA" ]; then echo "Fetching exact commit $GITHUB_SHA..." git fetch origin "$GITHUB_SHA" --depth 1 git checkout "$GITHUB_SHA" fi - name: Install dependencies run: npm ci --prefer-offline - name: Lint run: npm run lint - name: Check formatting run: npm run format:check # - name: Run tests # run: npm test - name: Build npm package run: | npm run build - name: Publish to Gitea npm registry if: success() env: GITEA_TOKEN: ${{ secrets.G_TOKEN }} run: | set -e # Debug: verify token exists if [ -z "$GITEA_TOKEN" ]; then echo "ERROR: GITEA_TOKEN is empty!" >&2 exit 1 fi # Remove any locally-committed .npmrc to avoid conflicts rm -f .npmrc HOST="${GITHUB_SERVER_URL#https://}" OWNER="${GITHUB_REPOSITORY_OWNER}" # Build registry URL without trailing slash REGISTRY="https://${HOST}/api/packages/${OWNER}/npm" # Auth key MUST exactly match the registry path (also without trailing slash) AUTH_KEY="//${HOST}/api/packages/${OWNER}/npm/:_authToken" npm config set "$AUTH_KEY" "${GITEA_TOKEN}" npm config set registry "$REGISTRY" # Double-check the effective config echo "Effective registry: $(npm config get registry)" echo "Token for ${HOST} is set: $(npm config get "$AUTH_KEY")" # Publish without --registry (uses the global config we just set) npm publish --ignore-scripts