semantic-release-codeartifact

Semantic Release CodeArtifact

A semantic-release plugin for publishing packages to AWS CodeArtifact.

Automate your entire package release workflow including: determining the next version number, generating release notes, and publishing packages to CodeArtifact using this plugin with semantic-release.

Table of Contents

• Install
• Usage
• Demo
• Requirements
  • IAM Policy for Publishing
• Configuration
  • AWS Environment variables
  • Plugin environment variables
  • Options
• Lifecycle Hooks
• Recipes
  • CI Configurations
• Additional Usage
  • JavaScript - npm
    • Plugin Configuration with npm
  • pip - Python
  • Maven - Java
  • Gradle - Java

Install

npm install -D semantic-release semantic-release-codeartifact

Usage

The plugin can be configured in the semantic-release configuration file:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    ["semantic-release-codeartifact", {
      "tool": "npm",
      "domain": "<YOUR_DOMAIN>",
      "repository": "<YOUR_REPOSITORY>"
    }],
    "@semantic-release/npm",
    "@semantic-release/github"
  ]
}

See Additional Usage for details on using other tools with this plugin.

Demo

Check out this example repo to see it in action.

Requirements

In order to use semantic-release you need:

• To host your code in a Git repository
• Use a Continuous Integration service that allows you to securely set up credentials
• Git CLI version 2.7.1 or higher installed in your Continuous Integration environment
• Node.js version 10.18 or higher installed in your Continuous Integration environment

In order to use semantic-release-codeartifact you need:

• An AWS Account
• An AWS CodeArtifact repository
• A role your CI environment can assume with sufficient IAM permissions to publish packages with CodeArtifact

IAM Policy for Publishing

The IAM role used by your CI environment will need the following permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "codeartifact:GetAuthorizationToken",
        "codeartifact:GetRepositoryEndpoint",
        "codeartifact:PublishPackageVersion"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "sts:GetServiceBearerToken",
      "Resource": "*",
      "Condition": {
        "StringEquals": {
          "sts:AWSServiceName": "codeartifact.amazonaws.com"
        }
      }
    }
  ]
}

Configuration

AWS Environment variables

The AWS configuration is required for the AWS SDK which is used for getting an auth token for CodeArtifact.

Variable	Description
AWS_REGION	Required. The AWS region to be used with the AWS SDK
AWS_ACCESS_KEY_ID	Required. Your AWS Access Key
AWS_SECRET_ACCESS_KEY	Required. Your AWS Secret Access Key
AWS_SESSION_TOKEN	Session token if you have/need it

Note: Proxy configurations are supported and will be used if HTTP_PROXY or HTTPS_PROXY is found on the environment with aws-sdk-v3-proxy.

Plugin environment variables

The following environment variables can be set to configure the plugin. Options specified by plugin config will take precedence over these environment variables.

Variable	Description
SR_CA_TOOL	Tool to connect with the CodeArtifact repository
SR_CA_DOMAIN	Your CodeArtifact domain name
SR_CA_REPOSITORY	Your CodeArtifact repository name
SR_CA_DOMAIN_OWNER	The AWS Account ID that owns your CodeArtifact domain
SR_CA_DURATION_SEC	The time, in seconds, that login information for CodeArtifact is valid

Options

Option	Description	Default
tool	Required. Tool to connect with the CodeArtifact repository	SR_CA_TOOL environment variable.
domain	Required. Your CodeArtifact domain name	SR_CA_DOMAIN environment variable.
repository	Required. Your CodeArtifact repository name	SR_CA_REPOSITORY environment variable
domainOwner	The AWS Account ID that owns your CodeArtifact domain	SR_CA_DOMAIN_OWNER environment variable
durationSections	The time, in seconds, that login information for CodeArtifact is valid	7200 (2 hours)

Lifecycle Hooks

Step	Description
verifyConditions	Verify the presence and the validity of the authentication (set via configuration), and provide authentication values to the semantic-release plugin related to the CodeArtifact tool being used

Recipes

CI Configurations

• Github Actions (coming soon)
• GitLab (coming soon)
• CircleCI (coming soon)

Additional Usage

CodeArtifact supports multiple tools including npm (JavaScript), Maven and Gradle (Java), and pip (Python). Each contain different dependencies and are listed below.

JavaScript - npm

Required dependencies:

• @semantic-release/npm

npm install --save-dev semantic-release semantic-release-codeartifact

Plugin Configuration with npm

semantic-release includes the other plugins listed below:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    ["semantic-release-codeartifact", {
      "tool": "npm",
      "domain": "<YOUR_DOMAIN>",
      "repository": "<YOUR_REPOSITORY>"
    }],
    "@semantic-release/npm",
    "@semantic-release/github"
  ]
}

Note: semantic-release-codeartifact must be listed before @semantic-release/npm

pip - Python

Support for pip coming soon

Maven - Java

Support for Maven coming soon

Gradle - Java

Support for Gradle coming soon