Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check NPM Publish Permissions | |
| on: | |
| push: | |
| env: | |
| NPM_TOKEN: "foo" | |
| jobs: | |
| check-npm-permissions: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| registry-url: 'https://registry.npmjs.org/' | |
| - name: Check NPM Authentication | |
| run: | | |
| npm whoami --registry=https://registry.npmjs.org/ || echo "Not authenticated" | |
| - name: Check Publish Access | |
| env: | |
| PACKAGE_NAME: "@segment/analytics-signals" | |
| run: | | |
| echo "Checking permissions for package: $PACKAGE_NAME" | |
| curl -H "Authorization: Bearer $NPM_TOKEN" \ | |
| https://registry.npmjs.org/-/package/$PACKAGE_NAME/access || echo "No access or invalid token" | |
| - name: Dry-Run Publish | |
| run: | | |
| echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc | |
| npm publish --dry-run || echo "Publish not allowed" |