v3.3.1-7rc #76
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| release: | |
| types: | |
| - published | |
| env: | |
| SAR_BUCKET_NAME : ${{ secrets.SAR_BUCKET_NAME }} | |
| AWS_REGION : "eu-west-1" | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| release: | |
| name: release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js with OIDC | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 24.x | |
| registry-url: "https://registry.npmjs.org" | |
| - uses: actions/setup-python@v3 | |
| with: | |
| python-version: "3.8" | |
| - uses: aws-actions/setup-sam@v2 | |
| - name: Install esbuild | |
| run: npm install esbuild -g | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build TypeScript | |
| run: npm run build | |
| - name: NPM security audit | |
| run: npm run audit | |
| - name: configure aws credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: ${{ secrets.SAR_DEPLOYMENT_IAM_ROLE }} | |
| role-session-name: github-action-sar-deploy-session | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Verify npm registry config | |
| run: | | |
| npm config get registry | |
| npm config list --json | jq '{registry: .registry, userconfig: .userconfig}' | |
| - name: NPM publish packages with OIDC | |
| run: | | |
| set -euxo pipefail | |
| cp README.md serverless-plugin | |
| if [[ "${{ github.event.release.prerelease }}" = true ]]; then | |
| export NPM_PUBLISH_ARGS="--tag next" | |
| else | |
| export NPM_PUBLISH_ARGS="" | |
| fi | |
| npm publish ${NPM_PUBLISH_ARGS} \ | |
| --provenance \ | |
| --loglevel verbose \ | |
| --workspace slic-watch-core \ | |
| --workspace serverless-slic-watch-plugin | |
| - name: SAR publish | |
| run: | | |
| sam build --base-dir . --template-file cf-macro/template.yaml | |
| sam package --output-template-file packaged.yaml --s3-bucket ${SAR_BUCKET_NAME} | |
| sam publish --template packaged.yaml --region ${AWS_REGION} --semantic-version $(cat package.json | jq -r '.version') |