Skip to content

docs: Add missing params in refresh token rotation guide (#11386) #3

docs: Add missing params in refresh token rotation guide (#11386)

docs: Add missing params in refresh token rotation guide (#11386) #3

Workflow file for this run

name: Release
on:
push:
branches:
- main
- beta
- next
- 3.x
pull_request:
# TODO: Support latest releases
workflow_dispatch:
inputs:
name:
type: choice
description: Package name (npm)
options:
- "@auth/core"
- "@auth/dgraph-adapter"
- "@auth/drizzle-adapter"
- "@auth/dynamodb-adapter"
- "@auth/fauna-adapter"
- "@auth/firebase-adapter"
- "@auth/hasura-adapter"
- "@auth/mikro-orm-adapter"
- "@auth/mongodb-adapter"
- "@auth/neo4j-adapter"
- "@auth/pouchdb-adapter"
- "@auth/prisma-adapter"
- "@auth/sequelize-adapter"
- "@auth/supabase-adapter"
- "@auth/surrealdb-adapter"
- "@auth/typeorm-adapter"
- "@auth/unstorage-adapter"
- "@auth/upstash-redis-adapter"
- "@auth/xata-adapter"
- "next-auth"
# TODO: Infer from package name
path:
type: choice
description: Directory name (packages/*)
options:
- "core"
- "frameworks-nextjs"
- "adapter-edgedb"
- "adapter-dgraph"
- "adapter-drizzle"
- "adapter-dynamodb"
- "adapter-fauna"
- "adapter-firebase"
- "adapter-hasura"
- "adapter-mikro-orm"
- "adapter-mongodb"
- "adapter-neo4j"
- "adapter-pouchdb"
- "adapter-prisma"
- "adapter-sequelize"
- "adapter-supabase"
- "adapter-surrealdb"
- "adapter-typeorm"
- "adapter-unstorage"
- "adapter-upstash-redis"
- "adapter-xata"
- "next-auth"
permissions:
id-token: write
env:
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
TURBO_TEAM: ${{ vars.TURBO_TEAM }}
FORCE_COLOR: true
NPM_CONFIG_PROVENANCE: true
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- name: Init
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install pnpm
uses: pnpm/action-setup@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
cache: "pnpm"
- name: Install dependencies
run: pnpm install
- name: Peek
run: pnpm peek
if: ${{ github.repository == 'nextauthjs/next-auth' && github.event_name == 'push' && github.ref == 'refs/heads/main' }}
- name: Get base commit SHA from main
id: get_base_sha
run: echo "BASE_SHA=$(git merge-base origin/main HEAD)" >> $GITHUB_ENV
- name: Check for changes under /packages
id: check-packages
run: |
if git diff --name-only ${{ env.BASE_SHA }}...HEAD | grep '^packages/'; then
echo "PACKAGES_CHANGES=true" >> $GITHUB_ENV
else
echo "PACKAGES_CHANGES=false" >> $GITHUB_ENV
fi
- name: Build
if: ${{ env.PACKAGES_CHANGES == 'true' }}
run: pnpm build
- name: Lint
run: pnpm lint
timeout-minutes: 15
- name: Run unit tests
if: ${{ env.PACKAGES_CHANGES == 'true' }}
run: pnpm test
- name: Get installed Playwright version
id: playwright-version
run: echo "PLAYWRIGHT_VERSION=$(pnpx playwright -V | awk '{ print $2 }')" >> $GITHUB_ENV
- name: Cache playwright binaries
uses: actions/cache@v4
id: playwright-cache
with:
path: |
~/.cache/ms-playwright
key: ${{ runner.os }}-playwright-${{ env.PLAYWRIGHT_VERSION }}
- name: Install Playwright
if: steps.playwright-cache.outputs.cache-hit != 'true' && github.repository == 'nextauthjs/next-auth'
run: |
pnpm exec playwright install --with-deps chromium
- name: Run E2E tests (Nextjs-Docker)
continue-on-error: true
if: false
timeout-minutes: 15
run: |
cd apps/examples/nextjs-docker && pnpm test:docker
env:
AUTH_SECRET: ${{ secrets.AUTH_SECRET }}
TEST_KEYCLOAK_USERNAME: ${{ secrets.TEST_KEYCLOAK_USERNAME }}
TEST_KEYCLOAK_PASSWORD: ${{ secrets.TEST_KEYCLOAK_PASSWORD }}
AUTH_KEYCLOAK_ID: ${{ secrets.AUTH_KEYCLOAK_ID }}
AUTH_KEYCLOAK_SECRET: ${{ secrets.AUTH_KEYCLOAK_SECRET }}
AUTH_KEYCLOAK_ISSUER: ${{ secrets.AUTH_KEYCLOAK_ISSUER }}
AUTH_TRUST_HOST: 1
- name: Run E2E tests
continue-on-error: true # TODO: Make this less flakey
if: github.repository == 'nextauthjs/next-auth'
timeout-minutes: 15
run: |
pnpm test:e2e
env:
AUTH_SECRET: ${{ secrets.AUTH_SECRET }}
TEST_KEYCLOAK_USERNAME: ${{ secrets.TEST_KEYCLOAK_USERNAME }}
TEST_KEYCLOAK_PASSWORD: ${{ secrets.TEST_KEYCLOAK_PASSWORD }}
AUTH_KEYCLOAK_ID: ${{ secrets.AUTH_KEYCLOAK_ID }}
AUTH_KEYCLOAK_SECRET: ${{ secrets.AUTH_KEYCLOAK_SECRET }}
AUTH_KEYCLOAK_ISSUER: ${{ secrets.AUTH_KEYCLOAK_ISSUER }}
AUTH_TRUST_HOST: 1
- uses: actions/upload-artifact@v4
name: Upload Playwright artifacts
with:
name: playwright-traces
path: "**/packages/utils/test-results/*/trace.zip"
retention-days: 7
- uses: codecov/codecov-action@v4
if: always()
name: Coverage
with:
token: ${{ secrets.CODECOV_TOKEN }}
release-branch:
name: Publish branch
timeout-minutes: 120
runs-on: ubuntu-latest
needs: test
if: ${{ github.event_name == 'push' }}
environment: Production
steps:
- name: Init
uses: actions/checkout@v4
with:
fetch-depth: 0
# Please upvote https://github.com/orgs/community/discussions/13836
token: ${{ secrets.GH_PAT }}
- name: Install pnpm
uses: pnpm/action-setup@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
cache: "pnpm"
- name: Install dependencies
run: pnpm install
- name: Publish to npm and GitHub
run: pnpm release
env:
# Please upvote https://github.com/orgs/community/discussions/13836
GITHUB_TOKEN: ${{ secrets.GH_PAT }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
release-pr:
name: Publish PR
timeout-minutes: 120
runs-on: ubuntu-latest
needs: test
if: ${{ github.event_name == 'pull_request' }}
environment: Preview
steps:
- name: Init
uses: actions/checkout@v4
- name: Install pnpm
uses: pnpm/action-setup@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
cache: "pnpm"
- name: Install dependencies
run: pnpm install
- name: Determine version
uses: ./.github/version-pr
id: determine-version
env:
PR_NUMBER: ${{ github.event.number }}
- name: Publish to npm
run: |
cd packages/core
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> .npmrc
pnpm publish --no-git-checks --access public --tag experimental
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Comment version on PR
uses: NejcZdovc/comment-pr@v2
with:
message:
"🎉 Experimental release [published 📦️ on npm](https://npmjs.com/package/@auth/core/v/${{ env.VERSION }})!\n \
```sh\npnpm add @auth/core@${{ env.VERSION }}\n```\n \
```sh\nyarn add @auth/core@${{ env.VERSION }}\n```\n \
```sh\nnpm i @auth/core@${{ env.VERSION }}\n```"
env:
VERSION: ${{ steps.determine-version.outputs.version }}
GITHUB_TOKEN: ${{ secrets.GH_PAT }}
release-manual:
name: Publish manually
runs-on: ubuntu-latest
if: ${{ github.event_name == 'workflow_dispatch' }}
steps:
- name: Init
uses: actions/checkout@v4
- name: Install pnpm
uses: pnpm/action-setup@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
cache: "pnpm"
- name: Install dependencies
run: pnpm install
- name: Determine version
uses: ./.github/version-pr
id: determine-version
env:
PACKAGE_PATH: ${{ github.event.inputs.path }}
- name: Publish to npm
run: |
pnpm build
cd packages/$PACKAGE_PATH
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> .npmrc
pnpm publish --no-git-checks --access public --tag experimental
echo "🎉 Experimental release published 📦️ on npm: https://npmjs.com/package/${{ github.event.inputs.name }}/v/${{ env.VERSION }}"
echo "Install via: pnpm add ${{ github.event.inputs.name }}@${{ env.VERSION }}"
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
PACKAGE_PATH: ${{ github.event.inputs.path }}
VERSION: ${{ steps.determine-version.outputs.version }}