-
Notifications
You must be signed in to change notification settings - Fork 1
57 lines (55 loc) · 1.76 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
name: Release
on:
push:
branches:
- develop
- release/*
workflow_dispatch:
jobs:
release:
name: Release
runs-on: ubuntu-latest
permissions: write-all
defaults:
run:
working-directory: ./typescript
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v2
with:
node-version: 'lts/*'
- name: Install dependencies
run: npm ci
- name: Prepare
run: npm run build
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPMJS_TOKEN }}
run: |
npx semantic-release | tee out
echo "RELEASE_VERSION=$(grep 'Created tag ' out | awk -F 'Created tag ' '{print $2}')" >> $GITHUB_ENV
# Snyk SBOM
# - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
# with:
# role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
# app_name: 'typescript-rola'
# step_name: 'snyk-sbom'
# secret_prefix: 'SNYK'
# secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
# parse_json: true
# - name: Generate SBOM
# uses: snyk/actions/node@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0
# with:
# args: --all-projects --org=${{ env.SNYK_PROJECTS_ORG_ID }} --format=cyclonedx1.4+json --json-file-output sbom.json
# command: sbom
# - name: Upload SBOM
# uses: AButler/upload-release-assets@c94805dc72e4b20745f543da0f62eaee7722df7a # v2.0.2
# with:
# files: sbom.json
# repo-token: ${{ secrets.GITHUB_TOKEN }}
# release-tag: ${{ env.RELEASE_VERSION }}