chore: fix-up & tidy-up workflows and remove references to .npmrc registry changes (#260)

Author: Strum355

.github/workflows/integration.yml

@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://www.schemastore.org/github-workflow.json
 ---
 name: Integration
 

.github/workflows/pr-validation.yml

@@ -1,3 +1,5 @@
+# yaml-language-server: $schema=https://www.schemastore.org/github-workflow.json
+---
 name: Validate PR
 
 on:
@@ -14,6 +16,7 @@ jobs:
       - uses: amannn/action-semantic-pull-request@v5
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   commit-message-validation:
     name: Validate commit messages
     runs-on: ubuntu-latest
@@ -27,13 +30,6 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: 20
-          registry-url: 'https://npm.pkg.github.com'
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Create .npmrc
-        run: |
-          echo "@trustification:registry=https://npm.pkg.github.com" >> .npmrc
 
       - name: Install commitlint
         run: |

.github/workflows/pr.yml

@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://www.schemastore.org/github-workflow.json
 ---
 name: Pull request build
 
@@ -29,13 +30,6 @@ jobs:
         with:
           node-version: ${{ matrix.node }}
           cache: npm
-          registry-url: 'https://npm.pkg.github.com'
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Create .npmrc
-        run: |
-          echo "@trustification:registry=https://npm.pkg.github.com" >> .npmrc
 
       - name: Enable Corepack
         run: corepack enable

.github/workflows/release.yml

@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://www.schemastore.org/github-workflow.json
 ---
 name: Release
 
@@ -23,21 +24,13 @@ jobs:
       - name: Checkout sources
         uses: actions/checkout@v4
         with:
-          ssh-key: ${{ secrets.DEPLOY_KEY }}
           fetch-depth: 0
 
       - name: Install node 18
         uses: actions/setup-node@v4
         with:
           node-version: 18
           cache: npm
-          registry-url: 'https://npm.pkg.github.com'
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Create .npmrc
-        run: |
-          echo "@trustification:registry=https://npm.pkg.github.com" >> .npmrc
 
       - name: Configure git
         run: |
@@ -74,7 +67,7 @@ jobs:
 
       - name: Publish package
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
         run: npm publish
 
       - name: Commit and push package modifications
@@ -93,10 +86,10 @@ jobs:
         uses: actions/github-script@v6
         id: release-notes
         with:
-          github-token: ${{ secrets.STAGING_PAT }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
             const repo_name = context.payload.repository.full_name
-            const response = await github.request('POST /repos/' + repo_name + '/releases' + '/generate-notes', {
+            const response = await github.request('POST /repos/' + repo_name + '/releases/generate-notes', {
               tag_name: '${{ steps.bump.outputs.version }}',
               previous_tag_name: '${{ steps.fetch-tag.outputs.oldest-tag != ''  && steps.fetch-tag.outputs.oldest-tag  || steps.last-release.outputs.base-tag }}'
             })
@@ -105,7 +98,7 @@ jobs:
       - name: Create a release
         uses: actions/github-script@v6.4.1
         with:
-          github-token: ${{ secrets.STAGING_PAT }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
             const repo_name = context.payload.repository.full_name
             const response = await github.request('POST /repos/' + repo_name + '/releases', {

.github/workflows/stage.yml

@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://www.schemastore.org/github-workflow.json
 ---
 name: Stage
 
@@ -22,29 +23,21 @@ on:
 jobs:
   stage:
     runs-on: ubuntu-latest
-#    Branches that starts with `release/` shouldn't trigger this workflow, as these are triggering the release workflow.
+    # Branches that starts with `release/` shouldn't trigger this workflow, as these are triggering the release workflow.
     if: github.repository_owner == 'guacsec' && github.event.pull_request.merged == true && !startsWith(github.head_ref, 'release/')
     environment: staging
     name: Stage the project
     steps:
       - name: Checkout sources
         uses: actions/checkout@v4
         with:
-          ssh-key: ${{ secrets.DEPLOY_KEY }}
           fetch-depth: 0
 
       - name: Install node 18
         uses: actions/setup-node@v4
         with:
           node-version: 18
           cache: npm
-          registry-url: 'https://npm.pkg.github.com'
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Create .npmrc
-        run: |
-          echo "@trustification:registry=https://npm.pkg.github.com" >> .npmrc
 
       - name: Enable Corepack
         run: corepack enable
@@ -131,7 +124,7 @@ jobs:
 
       - name: Publish package
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
         run: npm publish
 
       - name: Commit and push package modifications

README.md

@@ -4,41 +4,8 @@
 * Looking for our Java API? Try [Exhort Java API](https://github.com/guacsec/exhort-java-api).
 * Looking for our Backend implementation? Try [Exhort](https://github.com/guacsec/exhort).
 
-The _Exhort JavaScript API_ module is deployed to _GitHub Package Registry_.
-
-<details>
-<summary>Click here for configuring <em>GHPR</em> registry access.</summary>
-<h3>Configure Registry Access</h3>
-<p>
-Create a
-<a href="https://docs.github.com/en/packages/learn-github-packages/introduction-to-github-packages#authenticating-to-github-packages">token</a>
-with the <strong>read:packages</strong> scope<br/>
-
-> Based on
-> <a href="https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry#authenticating-to-github-packages">GitHub documentation</a>,
-> In <em>Actions</em> you can use <em>GITHUB_TOKEN</em>
-</p>
-<p>
-
-Add the following line to the <em>.npmrc</em> file in your user home (
-See [GH Docs](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry#authenticating-with-a-personal-access-token)):
-
-```text
-//npm.pkg.github.com/:_authToken=<your-ghp-token-goes-here>
-```
-</p>
-</details>
-
 <h3>Usage</h3>
 <p>
-Configuring <em>NPM</em> to look in <em>GHPR</em> for the <em>trustify-da</em> namespace is done by adding
-<code>@trustify-da:registry=https://npm.pkg.github.com</code> to <em>.npmrc</em> in the project root or user home.
-
-```shell
-echo "@trustify-da:registry=https://npm.pkg.github.com" >> .npmrc
-echo "@trustification:registry=https://npm.pkg.github.com" >> .npmrc
-```
-</p>
 
 <ul>
 <li>

docker-image/Dockerfiles/Dockerfile

@@ -4,9 +4,7 @@ FROM registry.access.redhat.com/ubi9/nodejs-20 AS builder
 # use privilaged user
 USER root
 
-# assign token for reading packages from github package registry
-ARG PACKAGE_REGISTRY_ACCESS_TOKEN=''
-ARG TRUSTIFY_DA_JAVASCRIPT_API_VERSION='0.1.1-ea.55'
+ARG TRUSTIFY_DA_JAVASCRIPT_API_VERSION='0.2.4-ea.12'
 
 # install Java
 RUN curl -kL https://download.oracle.com/java/21/archive/jdk-21.0.1_linux-x64_bin.tar.gz -o /tmp/java-package.tar.gz \
@@ -23,10 +21,6 @@ RUN curl -kL https://go.dev/dl/go1.21.5.linux-amd64.tar.gz -o /tmp/golang-packag
 # install jq JSON formating tool
 RUN curl -kL https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux64 -o /usr/bin/jq
 
-# copy the .npmrc file
-COPY configs/.npmrc .
-# replace placeholder with the actual environment variable
-RUN sed -i "s/__PACKAGE_REGISTRY_ACCESS_TOKEN__/${PACKAGE_REGISTRY_ACCESS_TOKEN}/g" ./.npmrc
 # install Exhort javascript API
 RUN npm install --global @trustify-da/trustify-da-javascript-client@${TRUSTIFY_DA_JAVASCRIPT_API_VERSION}