Skip to content

Instantly share code, notes, and snippets.

@cferdinandi
Last active July 12, 2025 22:47
Show Gist options
  • Save cferdinandi/8d3132220b02c2d3fd762c9c11c64a17 to your computer and use it in GitHub Desktop.
Save cferdinandi/8d3132220b02c2d3fd762c9c11c64a17 to your computer and use it in GitHub Desktop.

Automate GitHub Release

This script automates the publishing of a new release on GitHub and runs npm deploy whenever the version number in package.json is changed.

It requires two secret tokens in the repo settings:

  1. GH_TOKEN - a fine-grained token with read/write permissions for content and pull releases.
  2. NPM_TOKEN - a CI token from your NPM account.

Learn more about how it works here.

name: Release
on:
push:
branches:
- main
permissions:
contents: read
jobs:
release:
# prevent this action from running on forks
if: github.repository == 'your/repo'
permissions:
contents: write
pull-requests: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20.x'
registry-url: 'https://registry.npmjs.org'
- name: Install dependencies
run: npm ci
- name: Extract version from package.json
uses: sergeysova/jq-action@v2
id: version
with:
cmd: 'jq .version package.json -r'
- name: Get latest tag
uses: actions-ecosystem/action-get-latest-tag@v1
id: get-latest-tag
- name: Publish GitHub Release
uses: release-drafter/release-drafter@v6
if: ${{ contains(steps.get-latest-tag.outputs.tag, steps.version.outputs.value) == false }}
with:
version: ${{ steps.version.outputs.value }}
publish: true
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
- name: Publish to NPM
if: ${{ contains(steps.get-latest-tag.outputs.tag, steps.version.outputs.value) == false }}
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment