ci: switch to OIDC releases to npm #29

Workflow file for this run

.github/workflows/release.yaml at 8482786

	name: "🚀 Release"

	on:
	workflow_dispatch:
	push:
	tags:
	- "v..*"

	jobs:
	prebuilds:
	name: create prebuilds
	permissions:
	contents: read
	strategy:
	matrix:
	os: [ubuntu-latest, ubuntu-24.04-arm, macos-latest, windows-latest]
	arch: [""]
	include:
	# macos-latest is arm64; cross-compile for x64 too
	- os: macos-latest
	arch: "--arch x86_64"
	runs-on: ${{ matrix.os }}
	steps:
	- name: checkout
	uses: actions/checkout@v6
	- name: node
	uses: actions/setup-node@v6
	with:
	node-version: 22
	cache: "npm"
	- name: MSVC (windows)
	uses: ilammy/msvc-dev-cmd@v1
	if: contains(matrix.os, 'windows')
	- name: install dependencies
	run: npm ci
	- name: build
	run: \|
	npm run prebuild --workspace=@jazzer.js/fuzzer -- ${{ matrix.arch }}
	npm run build --workspace=@jazzer.js/fuzzer -- ${{ matrix.arch }}
	- name: upload
	uses: actions/upload-artifact@v7
	with:
	name: native-addon-${{ matrix.os }}${{ matrix.arch && '-x64' \|\| '' }}
	path: packages/fuzzer/prebuilds
	if-no-files-found: error

	verify-prebuilds:
	name: verify prebuilds
	needs: [prebuilds]
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: download prebuilds
	uses: actions/download-artifact@v8
	with:
	pattern: native-addon-*
	path: prebuilds
	merge-multiple: true
	- name: verify all platforms are present
	run: \|
	expected="fuzzer-darwin-arm64.node fuzzer-darwin-x64.node fuzzer-linux-arm64.node fuzzer-linux-x64.node fuzzer-win32-x64.node"
	for f in $expected; do
	if [ ! -f "prebuilds/$f" ]; then
	echo "MISSING: $f"
	exit 1
	fi
	done
	expected_count=$(echo $expected \| wc -w)
	actual_count=$(ls prebuilds/ \| wc -l)
	if [ "$actual_count" -ne "$expected_count" ]; then
	echo "Expected $expected_count prebuilds but found $actual_count:"
	ls -lh prebuilds/
	exit 1
	fi
	echo "Verified $expected_count prebuilds. All as expected:"
	ls -lh prebuilds/

	publish:
	name: publish
	if: startsWith(github.ref, 'refs/tags/')
	needs: [verify-prebuilds]
	runs-on: ubuntu-latest
	permissions:
	id-token: write # Required for OIDC
	contents: write # for creating GH releases
	steps:
	- name: checkout
	uses: actions/checkout@v6
	- name: node
	uses: actions/setup-node@v6
	with:
	node-version: 22
	cache: "npm"
	- name: install
	run: npm ci
	- name: build
	run: npm run build
	- name: download prebuilds
	uses: actions/download-artifact@v8
	with:
	pattern: native-addon-*
	path: packages/fuzzer/prebuilds
	merge-multiple: true
	- name: publish
	run: npm publish --workspaces --access public
	env:
	NODE_AUTH_TOKEN: ${{secrets.NPM_ACCESS_TOKEN}}
	# create GitHub release
	- name: read version
	id: read-version
	run: \|
	echo ::set-output name=version::\
	$(cat ./package.json \| jq '.version' \| tr -d '"')
	shell: bash
	- name: create release
	uses: softprops/action-gh-release@v1
	with:
	name: Release ${{ steps.read-version.outputs.version }}
	body_path: ./.github/release_template.md
	generate_release_notes: true
	draft: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: switch to OIDC releases to npm #29

Workflow file

ci: switch to OIDC releases to npm #29

Uh oh!

Workflow file for this run