Merge pull request #187 from hellosign/SPDE-130 #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Sign Embedded Latest Package | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| env: | |
| NPM_REGISTRY_URL: "https://registry.npmjs.com" | |
| CDN_AWS_PUBLISH_ROLE: arn:aws:iam::301904545275:role/github-actions-oidc-role-prod-sign-embedded | |
| CDN_BUCKET: cdn.hellosign.com | |
| CDN_PATH: public/js/embedded | |
| AWS_REGION: us-east-1 | |
| jobs: | |
| build: | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: write # This is required for publishing releases | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| node-version: [16.x] # we should pull this from a common place | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| registry-url: ${{ env.NPM_REGISTRY_URL }} | |
| - name: Build | |
| run: | | |
| npm install | |
| npm run build | |
| - name: Test | |
| run: | | |
| npm test | |
| - name: Validate Semver | |
| id: version | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: .github/actions-scripts/validate-release-version.js | |
| - name: Announce version | |
| run: | | |
| echo "v${{ steps.version.outputs.version }} is the proposed new version." | |
| - name: Pack | |
| run: | | |
| npm pack --pack-destination="./umd" | |
| - name: Create Release | |
| uses: actions/github-script@v5 | |
| with: | |
| script: | | |
| github.rest.repos.createRelease({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| tag_name: 'v${{ steps.version.outputs.version }}', | |
| }); | |
| - name: Publish | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: true | |
| run: | | |
| npm publish --provenance --access=public | |
| - name: Configure AWS credentials for Prod | |
| id: awskeys | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.CDN_AWS_PUBLISH_ROLE }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Copy dev build to cdn | |
| run: aws s3 cp umd/embedded.development.js s3://${{ env.CDN_BUCKET }}/${{ env.CDN_PATH }}/v${{ steps.version.outputs.version }}/ | |
| - name: Copy minified build to nonprod cdn | |
| run: aws s3 cp umd/embedded.production.min.js s3://${{ env.CDN_BUCKET }}/${{ env.CDN_PATH }}/v${{ steps.version.outputs.version }}/ | |