-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 9744bb3
Showing
4 changed files
with
59 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| name: publish | ||
|
|
||
| on: | ||
| push: | ||
|
|
||
| jobs: | ||
| # https://dart.dev/tools/pub/automated-publishing | ||
| publish: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: flutter-actions/setup-flutter@v3 | ||
| - uses: ./ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| # About | ||
| GitHub Action to configuring credentials for automated publishing of packages to pub.dev |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| #!/bin/bash | ||
|
|
||
| if [[ -z "${ACTIONS_ID_TOKEN_REQUEST_URL}" ]] && [[ -z "${ACTIONS_ID_TOKEN_REQUEST_TOKEN}" ]]; then | ||
| echo "==> No GitHub OIDC token found, skipping..." | ||
| exit 0 | ||
| fi | ||
|
|
||
| log_group_start() { | ||
| echo "::group::${1}" | ||
| } | ||
| log_group_end() { | ||
| echo "::endgroup::" | ||
| } | ||
|
|
||
| jwtd() { | ||
| log_group_start "Decoding JWT data..." | ||
| jq -R 'split(".") | .[0],.[1] | @base64d | fromjson' <<< "${1}" | ||
| echo "Signature: $(echo "${1}" | awk -F'.' '{print $3}')" | ||
| log_group_end | ||
| } | ||
|
|
||
| INPUT_GITHUB_OIDC_AUDIENCE="https://pub.dev" | ||
|
|
||
| echo "Create the OIDC token used for pub.dev publishing..." | ||
| GITHUB_OIDC_RESPONSE=$(curl -s -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=${INPUT_GITHUB_OIDC_AUDIENCE}") | ||
| GITHUB_OIDC_IDTOKEN=$(jq -r '.value' <<< "${GITHUB_OIDC_RESPONSE}") | ||
| export PUB_TOKEN=${GITHUB_OIDC_IDTOKEN} | ||
| echo "PUB_TOKEN=${GITHUB_OIDC_IDTOKEN}" >> $GITHUB_ENV | ||
|
|
||
| jwtd "$GITHUB_OIDC_IDTOKEN" | ||
|
|
||
| echo "The Dart CLI successfully authenticated with the GitHub OIDC token," | ||
| dart pub token add ${INPUT_GITHUB_OIDC_AUDIENCE} --env-var PUB_TOKEN |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| name: "Setup Pub.dev credentials" | ||
| description: "Configuring credentials for automated publishing of packages to pub.dev" | ||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - name: Setup Pub.dev credentials | ||
| run: $GITHUB_ACTION_PATH/action.sh | ||
| shell: bash |