chore: authenticate with npm before publishing package changes (conte…

…ntful#1361)

* fix: authenticate with npm before publishing package changes

* chore: remove unecessary github token export

* chore: run npm auth directly, replace git config commands with vault/configure-lerna

.circleci/config.yml

@@ -26,16 +26,9 @@ cache-key: &cache-key
   key: dependency-cache-primary-{{ arch }}-yarn-packages-{{ checksum ".nvmrc" }}-{{ checksum "yarn.lock" }}
 
 commands:
-  with_npm_token:
-    steps:
-      - vault/get-secrets:
-          template-preset: 'npm-read'
-      - run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> ~/.npmrc
-
   yarn_install:
     steps:
       - restore_cache: *cache-key
-      - with_npm_token
       - run: yarn install --prefer-offline --pure-lockfile
       - save_cache:
           <<: *cache-key
@@ -112,10 +105,8 @@ jobs:
       - yarn_install
       - vault/get-secrets:
           template-preset: semantic-release-ecosystem
-      # Lerna only looks for the name GH_TOKEN
-      - run: export GH_TOKEN=${GITHUB_TOKEN}
-      - run: git config --global user.email "${GIT_AUTHOR_EMAIL}"
-      - run: git config --global user.name "${GIT_AUTHOR_NAME}"
+      - vault/configure-lerna
+      - run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> ~/.npmrc
       - run: yarn build
       - run: yarn lerna version --no-private --conventional-commits --create-release github --yes
       # If you planning to upgrade lerna, `no-verify-access` is not needed anymore post version 5.2.0

.contentful/vault-secrets.yaml

@@ -6,4 +6,3 @@ services:
   circleci:
     policies:
       - semantic-release-ecosystem
-      - npm-read