Skip to content

chore(deps): upgrade dev dependencies (#640) #614

chore(deps): upgrade dev dependencies (#640)

chore(deps): upgrade dev dependencies (#640) #614

# ~~ Generated by projen. To modify, edit .projenrc.ts and run "npx projen".
name: release-tf-ad-user
on:
push:
branches:
- main
workflow_dispatch: {}
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
releasable_commits: ${{ steps.check-commits.outputs.releasable_count }}
tag_exists: ${{ steps.check-tag.outputs.exists }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set git identity
run: |-
git config user.name "github-actions"
git config user.email "github-actions@github.com"
- run: yarn install
- name: build
run: npx projen build
working-directory: packages/@cdk-cloudformation/tf-ad-user
- name: Create version files
run: |-
echo $(node -p "require('./package.json').version") > dist/version.txt
echo "@cdk-cloudformation/tf-ad-user@v$(cat dist/version.txt)" > dist/releasetag.txt
echo "Update AWS CloudFormation Registry type TF::AD::User to v$(cat dist/version.txt)" > dist/changelog.txt
working-directory: packages/@cdk-cloudformation/tf-ad-user
- name: Check for releasable commits
id: check-commits
run: |-
LATEST_TAG=$(git -c "versionsort.suffix=-" tag --sort="-version:refname" --list "@cdk-cloudformation/tf-ad-user@v*" | head -n 1)
echo ${LATEST_TAG:=$(git rev-list HEAD -- . | tail -1)^}
COUNT=$(git log --no-merges --oneline $LATEST_TAG..HEAD -E --grep '^(feat|fix){1}(\([^()[:space:]]+\))?(!)?:[[:blank:]]+.+' -- . | wc -l | xargs)
echo "releasable_count=$COUNT" >> $GITHUB_OUTPUT
cat $GITHUB_OUTPUT
working-directory: packages/@cdk-cloudformation/tf-ad-user
- name: Check if tag exists
id: check-tag
run: |-
TAG=$(cat dist/releasetag.txt)
([ ! -z "$TAG" ] && git ls-remote -q --exit-code --tags origin $TAG && (echo "exists=true" >> $GITHUB_OUTPUT)) || (echo "exists=false" >> $GITHUB_OUTPUT)
cat $GITHUB_OUTPUT
working-directory: packages/@cdk-cloudformation/tf-ad-user
- if: always()
run: mv packages/@cdk-cloudformation/tf-ad-user/dist .
- name: Upload artifact
if: always()
uses: actions/upload-artifact@v4
with:
name: build-artifact
path: dist
overwrite: true
container:
image: jsii/superchain:1-bullseye-slim
release_github:
name: Publish to GitHub Releases
needs:
- build
- release_npm
- release_maven
- release_nuget
- release_pypi
runs-on: ubuntu-latest
permissions:
contents: write
if: (needs.build.outputs.tag_exists != 'true') && (needs.build.outputs.releasable_commits > 0)
steps:
- uses: actions/setup-node@v4
with:
node-version: 18.x
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REPOSITORY: ${{ github.repository }}
GITHUB_REF: ${{ github.sha }}
run: errout=$(mktemp); gh release create $(cat dist/releasetag.txt) -R $GITHUB_REPOSITORY -F dist/changelog.txt -t $(cat dist/releasetag.txt) --target $GITHUB_REF 2> $errout && true; exitcode=$?; if [ $exitcode -ne 0 ] && ! grep -q "Release.tag_name already exists" $errout; then cat $errout; exit $exitcode; fi
release_npm:
name: Publish to npm
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
if: (needs.build.outputs.tag_exists != 'true') && (needs.build.outputs.releasable_commits > 0)
steps:
- uses: actions/setup-node@v4
with:
node-version: 18.x
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Release
env:
NPM_DIST_TAG: latest
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npx -p publib@latest publib-npm
release_maven:
name: Publish to Maven Central
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
if: (needs.build.outputs.tag_exists != 'true') && (needs.build.outputs.releasable_commits > 0)
steps:
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 11.x
- uses: actions/setup-node@v4
with:
node-version: 18.x
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Release
env:
MAVEN_ENDPOINT: https://s01.oss.sonatype.org
MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSPHRASE }}
MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }}
MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
MAVEN_STAGING_PROFILE_ID: ${{ secrets.MAVEN_STAGING_PROFILE_ID }}
run: npx -p publib@latest publib-maven
release_nuget:
name: Publish to NuGet Gallery
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
if: (needs.build.outputs.tag_exists != 'true') && (needs.build.outputs.releasable_commits > 0)
steps:
- uses: actions/setup-node@v4
with:
node-version: 18.x
- uses: actions/setup-dotnet@v4
with:
dotnet-version: 3.x
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Release
env:
NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
run: npx -p publib@latest publib-nuget
release_pypi:
name: Publish to PyPI
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
if: (needs.build.outputs.tag_exists != 'true') && (needs.build.outputs.releasable_commits > 0)
steps:
- uses: actions/setup-node@v4
with:
node-version: 18.x
- uses: actions/setup-python@v5
with:
python-version: 3.x
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Release
env:
TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }}
TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
run: npx -p publib@latest publib-pypi