fix(publish): permissionless dry-run in GHA (#22679)

Fixes https://github.com/denoland/deno/issues/22658
author: Divy Srivastava <dj.srivastava23@gmail.com> 2024-03-06 18:26:20 +0530
committer: GitHub <noreply@github.com> 2024-03-06 18:26:20 +0530
commit: 156950828e8c25f9de346c7cd737f1d0ebc8c1fb (patch)
tree: 19d13eb33aa4df107238dbc6780c70cebc2f6270 /cli/tools/registry
parent: 89d7bc693a281db06ac1b70ea3e81735d28069fc (diff)
2 files changed, 8 insertions, 1 deletions
diff --git a/cli/tools/registry/auth.rs b/cli/tools/registry/auth.rs
index 3d40fa766..820d3b6b6 100644
--- a/cli/tools/registry/auth.rs
+++ b/cli/tools/registry/auth.rs
@@ -43,7 +43,13 @@ fn get_gh_oidc_env_vars() -> Option<Result<(String, String), AnyError>> {
 
 pub fn get_auth_method(
   maybe_token: Option<String>,
+  dry_run: bool,
 ) -> Result<AuthMethod, AnyError> {
+  if dry_run {
+    // We don't authenticate in dry-run mode.
+    return Ok(AuthMethod::Interactive);
+  }
+
   if let Some(token) = maybe_token {
     return Ok(AuthMethod::Token(token));
   }
diff --git a/cli/tools/registry/mod.rs b/cli/tools/registry/mod.rs
index 4af0f73b9..9c670ebc1 100644
--- a/cli/tools/registry/mod.rs
+++ b/cli/tools/registry/mod.rs
@@ -884,7 +884,8 @@ pub async fn publish(
 ) -> Result<(), AnyError> {
   let cli_factory = CliFactory::from_flags(flags).await?;
 
-  let auth_method = get_auth_method(publish_flags.token)?;
+  let auth_method =
+    get_auth_method(publish_flags.token, publish_flags.dry_run)?;
 
   let import_map = cli_factory
     .maybe_import_map()
author	Divy Srivastava <dj.srivastava23@gmail.com>	2024-03-06 18:26:20 +0530
committer	GitHub <noreply@github.com>	2024-03-06 18:26:20 +0530
commit	156950828e8c25f9de346c7cd737f1d0ebc8c1fb (patch)
tree	19d13eb33aa4df107238dbc6780c70cebc2f6270 /cli/tools/registry
parent	89d7bc693a281db06ac1b70ea3e81735d28069fc (diff)