From a04cf494cb0ba235a2289475e441951c842a243a Mon Sep 17 00:00:00 2001 From: Mikhail Preyskurantov <5574159+mpreyskurantov@users.noreply.github.com> Date: Wed, 15 Jul 2026 22:25:12 +0300 Subject: [PATCH 1/3] ci: centralize GitHub Packages npm auth setup --- .github/workflows/build_all.yml | 7 ++++--- .github/workflows/packages_publishing.yml | 13 ++++++++----- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build_all.yml b/.github/workflows/build_all.yml index a4cb2b6e99ee..1f5ab0ef4039 100644 --- a/.github/workflows/build_all.yml +++ b/.github/workflows/build_all.yml @@ -59,13 +59,14 @@ jobs: artifacts/npm/*.tgz retention-days: 1 + - name: Set GitHub Packages auth + run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' + - name: Build SBOMs if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN"; - pnpm nx build sbom; + run: pnpm nx build sbom - name: Upload SBOM artifacts if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} diff --git a/.github/workflows/packages_publishing.yml b/.github/workflows/packages_publishing.yml index 9ace56ff8f43..e88ffc892753 100644 --- a/.github/workflows/packages_publishing.yml +++ b/.github/workflows/packages_publishing.yml @@ -52,12 +52,13 @@ jobs: BUILD_INTERNAL_PACKAGE: true run: pnpm run all:build + - name: Set GitHub Packages auth + run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' + - name: Build SBOMs env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN"; - pnpm nx build sbom; + run: pnpm nx build sbom - name: Build artifacts package run: pnpm run make-artifacts-package @@ -124,10 +125,13 @@ jobs: pnpm pkg get version | tr -d '"' | sed -r 's/(.*)/version=\1/' >> "$GITHUB_OUTPUT"; pnpm pkg get version | tr -d '"' | sed -r 's/([0-9]+\.[0-9]+).*/majorVersion=\1/' >> "$GITHUB_OUTPUT"; + - name: Set GitHub Packages auth + run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' + # --ignore-scripts is required for publishing devextreme-angular which fails with error: # 'Trying to publish a package that has been compiled by Ivy in full compilation mode.' # Should be removed. - - name: Publish to npm.pkg.github.com + - name: Publish to GitHub Packages working-directory: ${{ steps.scopedPackage.outputs.packageDir }} env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -135,7 +139,6 @@ jobs: PACKAGE_VERSION: ${{ steps.scopedPackage.outputs.version }} PACKAGE_VERSION_MAJOR: ${{ steps.scopedPackage.outputs.majorVersion }} run: | - pnpm set //npm.pkg.github.com/:_authToken="$NODE_AUTH_TOKEN"; pnpm publish --no-git-checks --quiet --ignore-scripts --tag $PACKAGE_VERSION_MAJOR-${{ inputs.tag }} --registry https://npm.pkg.github.com; pnpm dist-tag add $PACKAGE_NAME@$PACKAGE_VERSION latest --registry=https://npm.pkg.github.com; From 6b5565be82e18fbe622c1c1c3c385af630435294 Mon Sep 17 00:00:00 2001 From: Mikhail Preyskurantov <5574159+mpreyskurantov@users.noreply.github.com> Date: Thu, 16 Jul 2026 17:22:01 +0300 Subject: [PATCH 2/3] build_all.yml / consistent guard --- .github/workflows/build_all.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build_all.yml b/.github/workflows/build_all.yml index 1f5ab0ef4039..ee73fd75cda9 100644 --- a/.github/workflows/build_all.yml +++ b/.github/workflows/build_all.yml @@ -60,6 +60,7 @@ jobs: retention-days: 1 - name: Set GitHub Packages auth + if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' - name: Build SBOMs From 16e489fb18faa18068940a7e01eeb95950419709 Mon Sep 17 00:00:00 2001 From: Mikhail Preyskurantov <5574159+mpreyskurantov@users.noreply.github.com> Date: Fri, 17 Jul 2026 13:36:31 +0300 Subject: [PATCH 3/3] remove SBOM steps from build_all.yml --- .github/workflows/build_all.yml | 25 ------------------------- 1 file changed, 25 deletions(-) diff --git a/.github/workflows/build_all.yml b/.github/workflows/build_all.yml index ee73fd75cda9..a7698bab9ced 100644 --- a/.github/workflows/build_all.yml +++ b/.github/workflows/build_all.yml @@ -7,12 +7,6 @@ on: push: branches: [25_2] workflow_dispatch: - inputs: - SBOM: - description: 'Build SBOM' - required: false - default: false - type: boolean jobs: build: @@ -59,25 +53,6 @@ jobs: artifacts/npm/*.tgz retention-days: 1 - - name: Set GitHub Packages auth - if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} - run: pnpm set //npm.pkg.github.com/:_authToken='${NODE_AUTH_TOKEN}' - - - name: Build SBOMs - if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} - env: - NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: pnpm nx build sbom - - - name: Upload SBOM artifacts - if: ${{ github.event_name == 'push' || github.event.inputs.SBOM == 'true' }} - uses: actions/upload-artifact@v7 - with: - name: sbom - path: | - packages/sbom/dist/**/* - retention-days: 1 - custom_bundles: runs-on: devextreme-shr2 needs: build