fix(ci): release github action needs correct github token permissions

Author: ethan-ozelius-contentful

.github/workflows/build.yaml

@@ -5,12 +5,26 @@ permissions:
 
 on:
   workflow_call:
+    VAULT_URL:
+      required: true
 
 jobs:
   build:
     runs-on: ubuntu-latest
 
     steps:
+      - name: 'Retrieve Secrets from Vault'
+        id: vault
+        uses: hashicorp/[email protected]
+        with:
+          url: ${{ secrets.VAULT_URL }}
+          role: ${{ github.event.repository.name }}-github-action
+          method: jwt
+          path: github-actions
+          exportEnv: false
+          secrets: |
+            github/token/${{ github.event.repository.name }}-semantic-release token | GITHUB_TOKEN_FROM_VAULT;
+
       - name: Checkout code
         uses: actions/checkout@v5
 

.github/workflows/main.yaml

@@ -9,6 +9,8 @@ on:
 jobs:
   build:
     uses: ./.github/workflows/build.yaml
+    secrets:
+      VAULT_URL: ${{ secrets.VAULT_URL }}
 
   check:
     needs: build

.github/workflows/release.yaml

@@ -62,7 +62,12 @@ jobs:
             dist
           key: build-cache-${{ github.run_id }}-${{ github.run_attempt }}
 
+      - name: Setup Chrome
+        uses: browser-actions/setup-chrome@v2
+        with:
+          install-chromedriver: true
+
       - name: Run semantic release
         run: npm run semantic-release
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ steps.vault.outputs.GITHUB_TOKEN }}

package.json

@@ -6,9 +6,9 @@
   "type": "module",
   "exports": {
     ".": {
+      "types": "./dist/types/index.d.ts",
       "import": "./dist/esm/index.js",
-      "require": "./dist/contentful.cjs",
-      "types": "./dist/types/index.d.ts"
+      "require": "./dist/contentful.cjs"
     }
   },
   "main": "./dist/esm/index.js",