DOPS-1719 Implement npmjs publishing using OIDC #130

	name: Publish package

	on:
	push:
	tags:
	- v2..
	workflow_dispatch:

	jobs:
	publish-to-npm:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	id-token: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Install pnpm
	uses: pnpm/action-setup@v4
	with:
	version: 10

	- uses: actions/setup-node@v4
	with:
	node-version: 20.13.1
	registry-url: 'https://registry.npmjs.org'
	scope: ${{ github.repository_owner }}
	cache: pnpm

	# pnpm uses npm under the hood, so we need to upgrade it to the latest version to suport OIDC
	- name: Install npm@11
	run: npm install -g npm@11

	- name: Install dependencies
	run: pnpm install --frozen-lockfile

	- name: Build
	run: pnpm build

	- name: Publish 🚀
	run: \|
	VERSION=$(node -p "require('../package.json').version")
	if [[ "$VERSION" == "-rc" ]]; then
	pnpm publish --no-git-checks --access=public --tag next
	else
	pnpm publish --no-git-checks --access=public
	fi
	working-directory: dist

	publish-to-github:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Install pnpm
	uses: pnpm/action-setup@v4
	with:
	version: 10

	- uses: actions/setup-node@v4
	with:
	node-version: 20.13.1
	cache: pnpm

	- name: Install dependencies
	run: pnpm install --frozen-lockfile

	- name: Build
	run: pnpm build

	- name: Auth in GitHub private registry npm
	run: \|
	echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > .npmrc
	echo "@1inch:registry=https://npm.pkg.github.com" >> .npmrc

	- name: Publish 🚀
	run: pnpm publish --no-git-checks
	working-directory: dist

Provide feedback