chore: Migrate CodeBuild release to GHA (without publishing step) #19
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| permissions: | |
| contents: read | |
| id-token: write | |
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| version_bump: | |
| required: false | |
| description: '[Optional] Override semantic versioning with explict version (allowed values: "patch", "minor", "major", or explicit version)' | |
| default: '' | |
| dist_tag: | |
| description: 'NPM distribution tag' | |
| required: false | |
| default: 'latest' | |
| branch: | |
| description: 'The branch to release from' | |
| required: false | |
| default: 'master' | |
| env: | |
| NODE_OPTIONS: "--max-old-space-size=4096" | |
| NPM_CONFIG_UNSAFE_PERM: true | |
| jobs: | |
| pre-release-ci: | |
| uses: ./.github/workflows/shared-ci.yml | |
| # Once all tests have passed, run semantic versioning | |
| version: | |
| runs-on: ubuntu-latest | |
| needs: [pre-release-ci] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| submodules: true | |
| - name: Setup Node.js 16 | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '16' | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci --unsafe-perm | |
| - name: Configure git | |
| env: | |
| BRANCH: ${{ github.event.inputs.branch }} | |
| VERSION_BUMP: ${{ github.event.inputs.version_bump }} | |
| run: | | |
| git config --global user.name "aws-crypto-tools-ci-bot" | |
| git config --global user.email "[email protected]" | |
| git checkout ${{ github.head_ref }} # Use PR branch or current branch | |
| - name: Version packages (dry run - no push) | |
| run: | | |
| # For testing: no push to avoid modifying master branch | |
| npx lerna version --conventional-commits --no-push --yes ${VERSION_BUMP:+$VERSION_BUMP --force-publish} | |
| # TODO: uncomment line below and remove line above when adding publish step | |
| # npx lerna version --conventional-commits --git-remote origin --yes ${VERSION_BUMP:+$VERSION_BUMP --force-publish} | |
| git log -n 1 | |
| # Once semantic versioning has run and bumped versions, publish to npm | |
| # TODO: Publish step that doesn't use OTP but instead follows | |
| # https://docs.npmjs.com/trusted-publishers | |
| # Once publishing is complete, validate that the published packages are useable | |
| validate: | |
| uses: ./.github/workflows/shared-ci.yml | |
| # TODO: Uncomment when adding publish step | |
| # needs: [publish] | |
| with: | |
| test-published-packages: true |