diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0ca4001..0904cbe 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -8,6 +8,9 @@ on: type: boolean required: false default: 'false' +env: + JAVA_VERSION: 21 + NODE_VERSION: 22 jobs: build: @@ -40,6 +43,9 @@ jobs: publish: false runs-on: ${{ matrix.os }} + permissions: + contents: read + id-token: write steps: - name: Checkout @@ -47,12 +53,12 @@ jobs: - name: Setup Node.js environment uses: actions/setup-node@v6 with: - node-version: 22.x + node-version: ${{env.NODE_VERSION}}.x - name: Setup Java JDK uses: actions/setup-java@v5 with: distribution: 'temurin' - java-version: '17' + java-version: ${{env.JAVA_VERSION}} - name: Add rust target run: rustup target add ${{ matrix.target }} - name: Setup cross-compilation @@ -79,36 +85,35 @@ jobs: run: mv java.*.node npm/${{ matrix.package }} shell: bash - name: NPM Publish Binary - uses: JS-DevTools/npm-publish@e06fe3ef65499b38eb12224f2a60979f6d797330 + uses: JS-DevTools/npm-publish@v4 if: ${{ matrix.package != 'linux-x64-gnu' }} with: access: public - token: ${{ secrets.NPM_TOKEN }} package: npm/${{ matrix.package }}/package.json dry-run: ${{ github.event.inputs.dry-run == 'true' }} ignore-scripts: false - name: NPM Publish - uses: JS-DevTools/npm-publish@v3.1.1 + uses: JS-DevTools/npm-publish@v4.1.5 if: ${{ matrix.package == 'linux-x64-gnu' }} with: access: public - token: ${{ secrets.NPM_TOKEN }} dry-run: ${{ github.event.inputs.dry-run == 'true' }} ignore-scripts: false build-musl: runs-on: ubuntu-latest + permissions: + contents: read + id-token: write steps: - uses: actions/checkout@v6 - name: Build uses: addnab/docker-run-action@v3 timeout-minutes: 180 with: - image: ghcr.io/markusjx/node-java-bridge/java-bridge-node-alpine-build:node-20-jdk-17 + image: ghcr.io/markusjx/node-java-bridge/test-alpine:${{env.NODE_VERSION}}-${{env.JAVA_VERSION}} options: -v ${{ github.workspace }}:/github/workspace -w /github/workspace run: | - npm config set cache /tmp --global - export CI=true npm ci npm run build - name: Get version @@ -122,10 +127,9 @@ jobs: run: mv java.*.node npm/linux-x64-musl shell: bash - name: NPM Publish Binary - uses: JS-DevTools/npm-publish@v3.1.1 + uses: JS-DevTools/npm-publish@v4 with: access: public - token: ${{ secrets.NPM_TOKEN }} package: npm/linux-x64-musl/package.json dry-run: ${{ github.event.inputs.dry-run == 'true' }} ignore-scripts: false @@ -143,13 +147,12 @@ jobs: shell: bash - name: Create Release id: create_release - uses: actions/create-release@v1 + uses: softprops/action-gh-release@v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: tag_name: v${{ env.version }} - release_name: Release v${{ env.version }} - body: | - Auto-generated release + name: Release v${{ env.version }} + generate_release_notes: true draft: true prerelease: false