BUILD-6483 Allowing usage of custom npmrc file

SonarSource · Oct 9, 2024 · 1258a76 · 1258a76
1 parent b293fd9
commit 1258a76
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 4 deletions.
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
@@ -130,7 +130,7 @@ jobs:
           repository: SonarSource/gh-action_release
           # This property is changed during the release process to reference the correct tag
           # During development change this to your branch name to run it in another repository
-          ref: feat/smarini/BUILD-6483-addPublishToNpmJsWorkflow
+          ref: ${{ github.ref }}
           path: gh-action_release
       # Clone the calling repo for checking releasability prerequisites
       - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1

diff --git a/.github/workflows/npmjs.yaml b/.github/workflows/npmjs.yaml
@@ -103,11 +103,24 @@ jobs:
         working-directory: ${{ steps.local_repo.outputs.dir }}/package
         run: npm version --no-git-tag-version ${{ steps.get_version.outputs.version }}
 
+      - name: Checkout developer repository
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+        with:
+          repository: ${{ github.event.repository.full_name}}
+          path: developer_repo
+          token: ${{ github.token }}
+
       - name: Configure npm registry
         run: |
-          echo "always-auth=true" > ~/.npmrc
-          echo "email=helpdesk+npmjs@sonarsource.com" >> ~/.npmrc
-          echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> ~/.npmrc
+          if [ -f developer_repo/.github/workflows/.npmrc ]; then
+            echo ".npmrc file found in developer repository at .github/workflows/.npmrc."
+            cp developer_repo/.github/workflows/.npmrc ~/.npmrc
+          else
+            echo ".npmrc file not found in developer repository. Using default configuration."
+            echo "always-auth=true" > ~/.npmrc
+            echo "email=helpdesk+npmjs@sonarsource.com" >> ~/.npmrc
+            echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> ~/.npmrc
+          fi
         env:
           NPM_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).npm_token }}
 

diff --git a/README.md b/README.md
@@ -45,6 +45,10 @@ Available options:
 - `dryRun` (default: *false*): perform a dry run execution
 - `pushToDatadog` (default: *true*): push results to Datadog for monitoring
 
+## Custom .npmrc File for NpmJS
+
+When releasing an npm project using this action, you can specify a custom .npmrc file. To do this, place your .npmrc file in the .github/workflows/ directory of the repository you wish to release. The action will automatically use this configuration.
+
 ## Releasability check
 
 To perform a releasability check for a given version without performing an actual release, run the [releasability_check workflow](https://github.com/SonarSource/gh-action_releasability/actions/workflows/releasability_checks.yml).