Skip to content

Commit ee48b9c

Browse files
bear-engineerbear-engineer
authored
Add release workflow and update AWS credentials provider chain (#1)
### TL;DR Added GitHub release automation workflow and updated AWS credential provider chain. ### What changed? - Added release automation with GitHub Actions: - Created `.github/release-drafter-config.yml` to define release notes format with Korean category labels - Added `.github/workflows/release.yml` to automate plugin publishing when release tags are pushed - Updated AWS credential provider chain in `Credentials.kt` to include: - Added `WebIdentityTokenFileCredentialsProvider` as first priority - Added `EnvironmentVariableCredentialsProvider` as second priority - Reordered credential providers for better precedence - Bumped version from 0.0.2 to 0.0.3 in `gradle.properties` ### How to test? 1. Push a tag with format `release/*` to trigger the release workflow 2. Verify the release draft is created with proper categorization 3. Test AWS credential resolution in different environments to ensure proper provider precedence ### Why make this change? - Streamlines the release process with automated changelog generation and plugin publishing - Improves AWS credential resolution by adding support for web identity tokens and environment variables - Enhances security by prioritizing more secure credential providers in the chain
2 parents 188b333 + 63e3a27 commit ee48b9c

File tree

4 files changed

+77
-8
lines changed

4 files changed

+77
-8
lines changed

.github/release-drafter-config.yml

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
name-template: 'v$RESOLVED_VERSION'
2+
tag-template: 'v$RESOLVED_VERSION'
3+
categories:
4+
- title: '🎁 새로운 기능'
5+
label: 'feature'
6+
- title: '🐞 버그 수정'
7+
label: 'fix'
8+
- title: '⬆️ Dependencies'
9+
collapse-after: 3
10+
labels:
11+
- 'dependencies'
12+
change-template: '- $TITLE (#$NUMBER by @$AUTHOR)'
13+
change-title-escapes: '\<*_&'
14+
template: |
15+
## Change Logs
16+
---
17+
$CHANGES
18+
no-changes-template: '변경사항이 없습니다.'
19+
version-resolver:
20+
major:
21+
labels:
22+
- 'major'
23+
minor:
24+
labels:
25+
- 'minor'
26+
patch:
27+
labels:
28+
- 'patch'
29+
default: patch
30+
include-labels:
31+
- 'release'

.github/workflows/release.yml

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
#file: noinspection SpellCheckingInspection
2+
name: Build
3+
on:
4+
push:
5+
tags:
6+
- 'release/*'
7+
jobs:
8+
release_draft:
9+
name: Release
10+
runs-on: ubuntu-latest
11+
permissions:
12+
id-token: write
13+
contents: write
14+
steps:
15+
- uses: actions/checkout@v4
16+
with:
17+
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
18+
- name: Set up JDK
19+
uses: actions/setup-java@v4
20+
with:
21+
distribution: corretto
22+
java-version: 17
23+
cache: gradle
24+
- name: Cache Gradle packages
25+
uses: actions/cache@v4
26+
with:
27+
path: ~/.gradle/caches
28+
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
29+
restore-keys: ${{ runner.os }}-gradle
30+
- name: codeartifact publish
31+
env:
32+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
33+
GRADLE_PUBLISH_KEY: ${{ secrets.GRADLE_PUBLISH_KEY }}
34+
GRADLE_PUBLISH_SECRET: ${{ secrets.GRADLE_PUBLISH_SECRET }}
35+
TZ: Asia/Seoul
36+
run: ./gradlew publishPlugins --stacktrace --exclude-task test
37+
- uses: release-drafter/release-drafter@v5
38+
with:
39+
config-name: release-drafter-config.yml
40+
env:
41+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

gradle.properties

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
releaseVersion=0.0.2
1+
releaseVersion=0.0.3
22

33
kotlin.code.style=official
44
kotlinVersion=1.9.24

src/main/kotlin/com/kmong/Credentials.kt

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,14 @@
11
package com.kmong
22

3-
import software.amazon.awssdk.auth.credentials.AwsCredentials
4-
import software.amazon.awssdk.auth.credentials.AwsCredentialsProviderChain
5-
import software.amazon.awssdk.auth.credentials.ContainerCredentialsProvider
6-
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider
7-
import software.amazon.awssdk.auth.credentials.InstanceProfileCredentialsProvider
8-
import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider
3+
import software.amazon.awssdk.auth.credentials.*
94

105
fun getAwsCredentials(profileName: String?): AwsCredentials {
116
return AwsCredentialsProviderChain.builder()
7+
.addCredentialsProvider(WebIdentityTokenFileCredentialsProvider.create())
8+
.addCredentialsProvider(EnvironmentVariableCredentialsProvider.create())
129
.addCredentialsProvider(ProfileCredentialsProvider.create(profileName))
13-
.addCredentialsProvider(DefaultCredentialsProvider.create())
1410
.addCredentialsProvider(ContainerCredentialsProvider.create())
1511
.addCredentialsProvider(InstanceProfileCredentialsProvider.create())
12+
.addCredentialsProvider(DefaultCredentialsProvider.create())
1613
.build().resolveCredentials()
1714
}

0 commit comments

Comments
 (0)