47 lines
1.5 KiB
YAML
47 lines
1.5 KiB
YAML
name: Publish pub.dev
|
|
|
|
# pub.dev OIDC trusted publishing rejects tokens originating from `release`
|
|
# events; only `push` and `workflow_dispatch` are accepted.
|
|
#
|
|
# Because the kreuzberg Dart package embeds platform-specific native binaries
|
|
# (Android JNI, iOS XCFramework, server libs for linux/macos/windows), we
|
|
# cannot just rebuild here — those artifacts are produced by the main
|
|
# `publish.yaml` workflow. Instead, the main workflow's `trigger-pubdev` job
|
|
# dispatches this workflow with the run_id of the main workflow, and this
|
|
# workflow downloads the `dart-package-assembled` artifact from that run.
|
|
#
|
|
# One-time setup: on pub.dev → kreuzberg package → Admin → Automated publishing,
|
|
# set the workflow path to `.github/workflows/publish-pubdev.yaml`.
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
run_id:
|
|
description: "GitHub Actions run ID of publish.yaml that produced the dart-package-assembled artifact"
|
|
required: true
|
|
type: string
|
|
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
actions: read
|
|
|
|
env:
|
|
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
|
|
|
|
jobs:
|
|
publish-pub:
|
|
name: Publish pub.dev
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/download-artifact@v8.0.1
|
|
with:
|
|
name: dart-package-assembled
|
|
path: packages/dart
|
|
run-id: ${{ inputs.run_id }}
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- uses: kreuzberg-dev/actions/publish-pub@v1
|
|
with:
|
|
package-dir: packages/dart
|