Socket
Socket
Sign inDemoInstall

semantic-release-codeartifact

Package Overview
Dependencies
200
Maintainers
1
Versions
27
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

semantic-release-codeartifact

semantic-release plugin for AWS CodeArtifact


Version published
Maintainers
1
Weekly downloads
1,802
decreased by-25.48%

Weekly downloads

Readme

Source

Semantic Release CodeArtifact

npm package Build Status Downloads Issues Code Coverage Commitizen Friendly Semantic Release

A semantic-release plugin for publishing packages to AWS CodeArtifact.

Automate your entire package release workflow including: determining the next version number, generating release notes, and publishing packages to CodeArtifact using this plugin with semantic-release.

Table of Contents

Install

npm install -D semantic-release semantic-release-codeartifact

Usage

The plugin can be configured in the semantic-release configuration file:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    ["semantic-release-codeartifact", {
      "tool": "npm",
      "domain": "<YOUR_DOMAIN>",
      "repository": "<YOUR_REPOSITORY>"
    }],
    "@semantic-release/npm",
    "@semantic-release/github"
  ]
}

See Additional Usage for details on using other tools with this plugin.

Demo

Check out this example repo to see it in action.

Requirements

In order to use semantic-release you need:

In order to use semantic-release-codeartifact you need:

IAM Policy for Publishing

The IAM role used by your CI environment will need the following permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "codeartifact:GetAuthorizationToken",
        "codeartifact:GetRepositoryEndpoint",
        "codeartifact:PublishPackageVersion"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "sts:GetServiceBearerToken",
      "Resource": "*",
      "Condition": {
        "StringEquals": {
          "sts:AWSServiceName": "codeartifact.amazonaws.com"
        }
      }
    }
  ]
}

Configuration

AWS Environment variables

The AWS configuration is required for the AWS SDK which is used for getting an auth token for CodeArtifact.

VariableDescription
AWS_REGIONRequired. The AWS region to be used with the AWS SDK
AWS_ACCESS_KEY_IDRequired. Your AWS Access Key
AWS_SECRET_ACCESS_KEYRequired. Your AWS Secret Access Key
AWS_SESSION_TOKENSession token if you have/need it

Note: Proxy configurations are supported and will be used if HTTP_PROXY or HTTPS_PROXY is found on the environment using aws-sdk-v3-proxy.

Plugin environment variables

The following environment variables can be set to configure the plugin. Options specified by plugin config will take precedence over these environment variables.

VariableDescription
SR_CA_TOOLTool to connect with the CodeArtifact repository
SR_CA_DOMAINYour CodeArtifact domain name
SR_CA_REPOSITORYYour CodeArtifact repository name
SR_CA_DOMAIN_OWNERThe AWS Account ID that owns your CodeArtifact domain
SR_CA_DURATION_SECThe time, in seconds, that login information for CodeArtifact is valid

Options

OptionDescriptionDefault
toolRequired. Tool to connect with the CodeArtifact repositorySR_CA_TOOL environment variable.
domainRequired. Your CodeArtifact domain nameSR_CA_DOMAIN environment variable.
repositoryRequired. Your CodeArtifact repository nameSR_CA_REPOSITORY environment variable.
domainOwnerThe AWS Account ID that owns your CodeArtifact domainSR_CA_DOMAIN_OWNER environment variable.
durationSectionsThe time, in seconds, that login information for CodeArtifact is valid7200 (2 hours)
skipPluginCheckSkips the check for required plugins, this can be used if you are using your own custom plugins for your specified toolfalse

Lifecycle Hooks

StepDescription
verifyConditionsVerify the presence and the validity of the authentication (set via configuration), and provide authentication values to the semantic-release plugin related to the CodeArtifact tool being used

Recipes

CI Configurations

  • GitHub Actions
  • GitLab (coming soon - PRs welcome)
  • CircleCI (coming soon - PRs welcome)

Additional Usage

CodeArtifact supports multiple tools including npm (JavaScript), Maven and Gradle (Java), and pip (Python). Each contain different dependencies and are listed below.

JavaScript - npm

Required dependencies:

npm install --save-dev semantic-release semantic-release-codeartifact
Plugin Configuration with npm

semantic-release includes the other plugins listed below:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    ["semantic-release-codeartifact", {
      "tool": "npm",
      "domain": "<YOUR_DOMAIN>",
      "repository": "<YOUR_REPOSITORY>"
    }],
    "@semantic-release/npm",
    "@semantic-release/github"
  ]
}

Note: semantic-release-codeartifact must be listed before @semantic-release/npm

Python - pip

Support for pip coming soon

Java - Maven

Support for Maven coming soon

Java - Gradle

Support for Gradle coming soon

Contributors ✨

Thanks goes to these wonderful people (emoji key):


Ryan Sonshine

💻

Jared McAteer

🐛

This project follows the all-contributors specification. Contributions of any kind welcome!

Keywords

FAQs

Last updated on 19 Jul 2023

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc