[master] use old release process

[openshift-cherrypick-robot]

This is an automated cherry-pick of #3243

/assign jgyselov

Summary by CodeRabbit

• Chores
  • Updated CI/CD workflow configuration to improve build and release automation reliability and security posture through streamlined dependencies and authentication handling.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: openshift-cherrypick-robot
Once this PR has been reviewed and has the lgtm label, please assign jgyselov for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

This pull request modifies the GitHub Actions release workflow to downgrade action versions (checkout v4→v3, setup-node v4→v3), add a git configuration step, remove Yarn registry configuration, and switch from hardcoded registry settings to NPM_AUTH_TOKEN-based authentication for package publication.

Changes

Cohort / File(s)	Change Summary
Release Workflow ​.github/workflows/release.yaml	Downgrades checkout and setup-node actions; adds git user config; removes Yarn registry configuration; replaces hardcoded npm registry/auth with NPM_AUTH_TOKEN environment variable; simplifies npm publish command

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Single file modification with configuration and action version changes
• Straightforward substitution of authentication mechanism (hardcoded → token-based)
• Requires verification of action version compatibility and npm authentication flow correctness

Possibly related PRs

• Release job: Configure Yarn for npm registry #3235: Adds "Configure Yarn for npm registry" step and --access public flag to npm publish, which this PR removes as part of switching to token-based authentication.
• Update release job to use trusted-publishers flow #3228: Also modifies the release workflow publish flow but implements opposite versioning approach (moves to setup-node@v4 and trusted-publishers while this PR downgrades to v3 with NPM_AUTH_TOKEN).

Suggested labels

lgtm, approved, size/S

Suggested reviewers

• jgyselov
• ammont82

Poem

🐰 A workflow refined with care,
Authentication token in the air,
Versions downward, gitconfig set,
Cleaner release pipeline yet!
Yarn's old way now has rest,
NPM_AUTH_TOKEN does best. ✨

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 60b2e0f and 63a72c1.

📒 Files selected for processing (1)

• .github/workflows/release.yaml (3 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}