Security News
New Proposed CISA Mandate Would Require Critical Infrastructure to Report Ransom Payments Within 24 Hours
CISA has proposed a set of new rules that would require critical infrastructure to report cyber incidents and ransom payments.
semantic-release-codeartifact
Advanced tools
semantic-release plugin for AWS CodeArtifact
Weekly downloads
Readme
A semantic-release plugin for publishing packages to AWS CodeArtifact.
Automate your entire package release workflow including: determining the next version number, generating release notes, and publishing packages to CodeArtifact using this plugin with semantic-release.
npm install -D semantic-release semantic-release-codeartifact
The plugin can be configured in the semantic-release configuration file:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
["semantic-release-codeartifact", {
"tool": "npm",
"domain": "<YOUR_DOMAIN>",
"repository": "<YOUR_REPOSITORY>"
}],
"@semantic-release/npm",
"@semantic-release/github"
]
}
See Additional Usage for details on using other tools with this plugin.
Check out this example repo to see it in action.
In order to use semantic-release you need:
In order to use semantic-release-codeartifact you need:
The IAM role used by your CI environment will need the following permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codeartifact:GetAuthorizationToken",
"codeartifact:GetRepositoryEndpoint",
"codeartifact:PublishPackageVersion"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "sts:GetServiceBearerToken",
"Resource": "*",
"Condition": {
"StringEquals": {
"sts:AWSServiceName": "codeartifact.amazonaws.com"
}
}
}
]
}
The AWS configuration is required for the AWS SDK which is used for getting an auth token for CodeArtifact.
Variable | Description |
---|---|
AWS_REGION | Required. The AWS region to be used with the AWS SDK |
AWS_ACCESS_KEY_ID | Required. Your AWS Access Key |
AWS_SECRET_ACCESS_KEY | Required. Your AWS Secret Access Key |
AWS_SESSION_TOKEN | Session token if you have/need it |
Note: Proxy configurations are supported and will be used if HTTP_PROXY or HTTPS_PROXY is found on the environment using aws-sdk-v3-proxy.
The following environment variables can be set to configure the plugin. Options specified by plugin config will take precedence over these environment variables.
Variable | Description |
---|---|
SR_CA_TOOL | Tool to connect with the CodeArtifact repository |
SR_CA_DOMAIN | Your CodeArtifact domain name |
SR_CA_REPOSITORY | Your CodeArtifact repository name |
SR_CA_DOMAIN_OWNER | The AWS Account ID that owns your CodeArtifact domain |
SR_CA_DURATION_SEC | The time, in seconds, that login information for CodeArtifact is valid |
Option | Description | Default |
---|---|---|
tool | Required. Tool to connect with the CodeArtifact repository | SR_CA_TOOL environment variable. |
domain | Required. Your CodeArtifact domain name | SR_CA_DOMAIN environment variable. |
repository | Required. Your CodeArtifact repository name | SR_CA_REPOSITORY environment variable. |
domainOwner | The AWS Account ID that owns your CodeArtifact domain | SR_CA_DOMAIN_OWNER environment variable. |
durationSections | The time, in seconds, that login information for CodeArtifact is valid | 7200 (2 hours) |
skipPluginCheck | Skips the check for required plugins, this can be used if you are using your own custom plugins for your specified tool | false |
Step | Description |
---|---|
verifyConditions | Verify the presence and the validity of the authentication (set via configuration), and provide authentication values to the semantic-release plugin related to the CodeArtifact tool being used |
CodeArtifact supports multiple tools including npm (JavaScript), Maven and Gradle (Java), and pip (Python). Each contain different dependencies and are listed below.
Required dependencies:
npm install --save-dev semantic-release semantic-release-codeartifact
semantic-release includes the other plugins listed below:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
["semantic-release-codeartifact", {
"tool": "npm",
"domain": "<YOUR_DOMAIN>",
"repository": "<YOUR_REPOSITORY>"
}],
"@semantic-release/npm",
"@semantic-release/github"
]
}
Note: semantic-release-codeartifact
must be listed before @semantic-release/npm
Support for pip coming soon
Support for Maven coming soon
Support for Gradle coming soon
Thanks goes to these wonderful people (emoji key):
Ryan Sonshine 💻 | Jared McAteer 🐛 |
This project follows the all-contributors specification. Contributions of any kind welcome!
FAQs
semantic-release plugin for AWS CodeArtifact
The npm package semantic-release-codeartifact receives a total of 1,533 weekly downloads. As such, semantic-release-codeartifact popularity was classified as popular.
We found that semantic-release-codeartifact demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA has proposed a set of new rules that would require critical infrastructure to report cyber incidents and ransom payments.
Security News
Redis is no longer OSS, breaking its explicit commitment to remain under the BSD 3-Clause License forever. This has angered contributors who are now working to fork the software.
Product
Socket AI now enables 'AI detected potential malware' alerts by default, ensuring users benefit from AI-powered state-of-the-art malware detection without needing to opt-in.