3838 schedule :
3939 - cron : ' 0 15 * * 0'
4040
41+ #
42+ # Npm Trusted Publishing + OIDC
43+ #
44+ permissions :
45+ contents : write
46+ id-token : write
47+
4148#
4249# Jobs
4350#
5259 fail-fast : false
5360
5461 matrix :
55- node-version : [18, 20, 22]
62+ node-version : [20, 22, 24 ]
5663
5764 steps :
5865 #
@@ -75,25 +82,34 @@ jobs:
7582 # pass to nodejs_helper.sh for building and packaging, .
7683 #
7784 # The available Secret variables are listed below:
85+ # GITHUB_TOKEN : Github token(automatically set by github actions)
7886 # NODEJS_TYPE_VARS_FILE : specify custom variables file
79- # * NPM_TOKEN : The token for publishing to npm
8087 # FORCE_PUBLISHER : nodejs major version to publish packages
8188 # FORCE_NOT_PUBLISHER : do not allow to publish any packages(for forked repository)
8289 # USE_PACKAGECLOUD_REPO : true means using pacakgecloud.io repo, false is not using
8390 # PACKAGECLOUD_OWNER : owner name as a pat of path to packagcloud.io for downloading
8491 # PACKAGECLOUD_DOWNLOAD_REPO : repo name as a pat of path to packagcloud.io for downloading
92+ # NPM_TOKEN : [Deprecated] The token for publishing to npm
8593 #
86- # "NPM_TOKEN" is required variable to publish the package.
94+ # NPM Trusted Publisher for NPM package should be set, so you won't need
95+ # to specify NPM_TOKEN.
96+ # If you set NPM_TOKEN(not recommended), it will be used to publish.
97+ # When publishing a package to an NPM repository, you need to upload the
98+ # package for the first time and then configure NPM Trusted Publisher.
99+ # For this reason, specify NPM_TOKEN the first time you upload a package.
100+ # From the second time onwards (after configuring NPM Trusted Publisher),
101+ # delete NPM_TOKEN.
87102 #
88103 - name : Set environments from secrets
89104 run : |
105+ echo "ENV_GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> "${GITHUB_ENV}"
90106 echo "ENV_NODEJS_TYPE_VARS_FILE=${{ secrets.NODEJS_TYPE_VARS_FILE }}" >> "${GITHUB_ENV}"
91- echo "ENV_NPM_TOKEN=${{ secrets.NPM_TOKEN }}" >> "${GITHUB_ENV}"
92107 echo "ENV_FORCE_PUBLISHER=${{ secrets.FORCE_PUBLISHER }}" >> "${GITHUB_ENV}"
93108 echo "ENV_FORCE_NOT_PUBLISHER=${{ secrets.FORCE_NOT_PUBLISHER }}" >> "${GITHUB_ENV}"
94109 echo "ENV_USE_PACKAGECLOUD_REPO=${{ secrets.USE_PACKAGECLOUD_REPO }}" >> "${GITHUB_ENV}"
95110 echo "ENV_PACKAGECLOUD_OWNER=${{ secrets.PACKAGECLOUD_OWNER }}" >> "${GITHUB_ENV}"
96111 echo "ENV_PACKAGECLOUD_DOWNLOAD_REPO=${{ secrets.PACKAGECLOUD_DOWNLOAD_REPO }}" >> "${GITHUB_ENV}"
112+ echo "ENV_NPM_TOKEN=${{ secrets.NPM_TOKEN }}" >> "${GITHUB_ENV}"
97113
98114#
99115 # Run building and packaging helper
@@ -129,7 +145,7 @@ jobs:
129145 # <default tag flag>: If you want to use the created Docker image as the default image, specify "default".
130146 #
131147 imageinfo :
132- - alpine:3.21 ,alpine:3.21 ,alpine,default
148+ - alpine:3.22 ,alpine:3.22 ,alpine,default
133149 - ubuntu:24.04,ubuntu:24.04,ubuntu
134150
135151 #
@@ -165,7 +181,7 @@ jobs:
165181 # [NOTE] Secrets
166182 # When passing parameters to docker_helper.sh in build and pusing,
167183 # use Secret of organization or repository.
168- #
184+ #
169185 # By setting the correct values for the following variable names,
170186 # they will be passed as parameters in docker_helper.sh.
171187 # * DOCKER_HUB_USERNAME : Docker Hub username to read/push the docker images
0 commit comments