Add separate section for auditors. #36

	on:
	push:
	branches:
	- main

	permissions:
	contents: write
	pull-requests: read
	id-token: write
	pages: write

	jobs:
	build:
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v2
	- name: Set up Node.js
	uses: actions/setup-node@v1
	with:
	node-version: 16
	registry-url: 'https://registry.npmjs.org'

	- name: Install packages
	run: yarn --frozen-lockfile

	- name: Run Setup
	run: yarn setup
	- name: Run build
	run: yarn build

	- name: Configure AWS Credentials
	if: github.repository_owner == 'Rhosys' && github.ref == 'refs/heads/main'
	uses: aws-actions/configure-aws-credentials@036a4a1ddf2c0e7a782dca6e083c6c53e5d90321
	with:
	aws-region: eu-west-1
	role-duration-seconds: 3600
	# https://stackoverflow.com/questions/69247498/how-can-i-calculate-the-thumbprint-of-an-openid-connect-server
	role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/GitHubRunnerAssumedRole
	role-session-name: GitHubRunner-${{ github.repository_owner }}-SOC2-${{ github.run_number }}
	- name: After build
	if: github.repository_owner == 'Rhosys' && github.ref == 'refs/heads/main'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
	run: node make.js after_build
	- name: Create Github Release and Tag
	if: github.repository_owner == 'Rhosys' && github.ref == 'refs/heads/main'
	run: \|
	git tag $GITHUB_RUN_NUMBER
	git push origin $GITHUB_RUN_NUMBER

	- name: deploy build to github
	if: github.repository_owner == 'Rhosys' && github.ref == 'refs/heads/main'
	uses: JamesIves/[email protected]
	with:
	branch: production
	folder: dist
	clean: true

Provide feedback