From 8df0acc272b5b94cfc695402e021d377579f3798 Mon Sep 17 00:00:00 2001 From: Mikhail Preyskurantov <5574159+mpreyskurantov@users.noreply.github.com> Date: Wed, 15 Jul 2026 22:25:12 +0300 Subject: [PATCH 1/3] ci: centralize GitHub Packages npm auth setup --- .github/workflows/build_all.yml | 7 ++++--- .github/workflows/packages_publishing.yml | 13 ++++++++----- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build_all.yml b/.github/workflows/build_all.yml index 414f03b65711..4ff4246ba928 100644 --- a/.github/workflows/build_all.yml +++ b/.github/workflows/build_all.yml @@ -111,13 +111,14 @@ jobs: artifacts/npm/*.tgz retention-days: 1 + - name: Set GitHub Packages auth + run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' + - name: Build SBOMs if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN"; - pnpm nx build sbom; + run: pnpm nx build sbom - name: Upload SBOM artifacts if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} diff --git a/.github/workflows/packages_publishing.yml b/.github/workflows/packages_publishing.yml index fd1940048b24..e5a7b4ef6822 100644 --- a/.github/workflows/packages_publishing.yml +++ b/.github/workflows/packages_publishing.yml @@ -52,12 +52,13 @@ jobs: BUILD_INTERNAL_PACKAGE: true run: pnpm run all:build + - name: Set GitHub Packages auth + run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' + - name: Build SBOMs env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN"; - pnpm nx build sbom; + run: pnpm nx build sbom - name: Build artifacts package run: pnpm run make-artifacts-package @@ -124,10 +125,13 @@ jobs: pnpm pkg get version | tr -d '"' | sed -r 's/(.*)/version=\1/' >> "$GITHUB_OUTPUT"; pnpm pkg get version | tr -d '"' | sed -r 's/([0-9]+\.[0-9]+).*/majorVersion=\1/' >> "$GITHUB_OUTPUT"; + - name: Set GitHub Packages auth + run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' + # --ignore-scripts is required for publishing devextreme-angular which fails with error: # 'Trying to publish a package that has been compiled by Ivy in full compilation mode.' # Should be removed. - - name: Publish to npm.pkg.github.com + - name: Publish to GitHub Packages working-directory: ${{ steps.scopedPackage.outputs.packageDir }} env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -135,7 +139,6 @@ jobs: PACKAGE_VERSION: ${{ steps.scopedPackage.outputs.version }} PACKAGE_VERSION_MAJOR: ${{ steps.scopedPackage.outputs.majorVersion }} run: | - pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN"; pnpm publish --no-git-checks --quiet --ignore-scripts --tag $PACKAGE_VERSION_MAJOR-${{ inputs.tag }} --registry https://npm.pkg.github.com; pnpm dist-tag add $PACKAGE_NAME@$PACKAGE_VERSION latest --registry=https://npm.pkg.github.com; From 78e2ef748bef60b09839438efacf43b1ce9ca3c6 Mon Sep 17 00:00:00 2001 From: Mikhail Preyskurantov <5574159+mpreyskurantov@users.noreply.github.com> Date: Thu, 16 Jul 2026 17:22:01 +0300 Subject: [PATCH 2/3] build_all.yml / consistent guard --- .github/workflows/build_all.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build_all.yml b/.github/workflows/build_all.yml index 4ff4246ba928..1f6e67f821e9 100644 --- a/.github/workflows/build_all.yml +++ b/.github/workflows/build_all.yml @@ -112,6 +112,7 @@ jobs: retention-days: 1 - name: Set GitHub Packages auth + if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' - name: Build SBOMs From c7b7ab56b2d5e5b6947bee15daed979f4984cac2 Mon Sep 17 00:00:00 2001 From: Mikhail Preyskurantov <5574159+mpreyskurantov@users.noreply.github.com> Date: Fri, 17 Jul 2026 13:36:31 +0300 Subject: [PATCH 3/3] remove SBOM steps from build_all.yml --- .github/workflows/build_all.yml | 25 ------------------------- 1 file changed, 25 deletions(-) diff --git a/.github/workflows/build_all.yml b/.github/workflows/build_all.yml index 1f6e67f821e9..a4ba5149c885 100644 --- a/.github/workflows/build_all.yml +++ b/.github/workflows/build_all.yml @@ -7,12 +7,6 @@ on: push: branches: [26_1] workflow_dispatch: - inputs: - SBOM: - description: 'Build SBOM' - required: false - default: false - type: boolean concurrency: group: wf-${{github.event.pull_request.number || github.ref || github.sha}}-${{github.workflow}} @@ -111,25 +105,6 @@ jobs: artifacts/npm/*.tgz retention-days: 1 - - name: Set GitHub Packages auth - if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} - run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' - - - name: Build SBOMs - if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} - env: - NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: pnpm nx build sbom - - - name: Upload SBOM artifacts - if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} - uses: actions/upload-artifact@v7 - with: - name: sbom - path: | - packages/sbom/dist/**/* - retention-days: 1 - custom_bundles: runs-on: devextreme-shr2 needs: build