Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

semantic-release-codeartifact

Package Overview
Dependencies
Maintainers
1
Versions
27
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

semantic-release-codeartifact

semantic-release plugin for AWS CodeArtifact

  • 2.0.9
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
1.7K
decreased by-2.69%
Maintainers
1
Weekly downloads
 
Created
Source

Semantic Release CodeArtifact

npm package Build Status Downloads Issues Code Coverage Commitizen Friendly Semantic Release

A semantic-release plugin for publishing packages to AWS CodeArtifact.

Automate your entire package release workflow including: determining the next version number, generating release notes, and publishing packages to CodeArtifact using this plugin with semantic-release.

Table of Contents

Install

npm install -D semantic-release semantic-release-codeartifact

Usage

The plugin can be configured in the semantic-release configuration file:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    ["semantic-release-codeartifact", {
      "tool": "npm",
      "domain": "<YOUR_DOMAIN>",
      "repository": "<YOUR_REPOSITORY>"
    }],
    "@semantic-release/npm",
    "@semantic-release/github"
  ]
}

See Additional Usage for details on using other tools with this plugin.

Demo

Check out this example repo to see it in action.

Requirements

In order to use semantic-release you need:

In order to use semantic-release-codeartifact you need:

IAM Policy for Publishing

The IAM role used by your CI environment will need the following permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "codeartifact:GetAuthorizationToken",
        "codeartifact:GetRepositoryEndpoint",
        "codeartifact:PublishPackageVersion"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "sts:GetServiceBearerToken",
      "Resource": "*",
      "Condition": {
        "StringEquals": {
          "sts:AWSServiceName": "codeartifact.amazonaws.com"
        }
      }
    }
  ]
}

Configuration

AWS Environment variables

The AWS configuration is required for the AWS SDK which is used for getting an auth token for CodeArtifact.

VariableDescription
AWS_REGIONRequired. The AWS region to be used with the AWS SDK
AWS_ACCESS_KEY_IDRequired. Your AWS Access Key
AWS_SECRET_ACCESS_KEYRequired. Your AWS Secret Access Key
AWS_SESSION_TOKENSession token if you have/need it

Note: Proxy configurations are supported and will be used if HTTP_PROXY or HTTPS_PROXY is found on the environment using aws-sdk-v3-proxy.

Plugin environment variables

The following environment variables can be set to configure the plugin. Options specified by plugin config will take precedence over these environment variables.

VariableDescription
SR_CA_TOOLTool to connect with the CodeArtifact repository
SR_CA_DOMAINYour CodeArtifact domain name
SR_CA_REPOSITORYYour CodeArtifact repository name
SR_CA_DOMAIN_OWNERThe AWS Account ID that owns your CodeArtifact domain
SR_CA_DURATION_SECThe time, in seconds, that login information for CodeArtifact is valid

Options

OptionDescriptionDefault
toolRequired. Tool to connect with the CodeArtifact repositorySR_CA_TOOL environment variable.
domainRequired. Your CodeArtifact domain nameSR_CA_DOMAIN environment variable.
repositoryRequired. Your CodeArtifact repository nameSR_CA_REPOSITORY environment variable.
domainOwnerThe AWS Account ID that owns your CodeArtifact domainSR_CA_DOMAIN_OWNER environment variable.
durationSectionsThe time, in seconds, that login information for CodeArtifact is valid7200 (2 hours)
skipPluginCheckSkips the check for required plugins, this can be used if you are using your own custom plugins for your specified toolfalse

Lifecycle Hooks

StepDescription
verifyConditionsVerify the presence and the validity of the authentication (set via configuration), and provide authentication values to the semantic-release plugin related to the CodeArtifact tool being used

Recipes

CI Configurations

  • GitHub Actions
  • GitLab (coming soon - PRs welcome)
  • CircleCI (coming soon - PRs welcome)

Additional Usage

CodeArtifact supports multiple tools including npm (JavaScript), Maven and Gradle (Java), and pip (Python). Each contain different dependencies and are listed below.

JavaScript - npm

Required dependencies:

npm install --save-dev semantic-release semantic-release-codeartifact
Plugin Configuration with npm

semantic-release includes the other plugins listed below:

{
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    ["semantic-release-codeartifact", {
      "tool": "npm",
      "domain": "<YOUR_DOMAIN>",
      "repository": "<YOUR_REPOSITORY>"
    }],
    "@semantic-release/npm",
    "@semantic-release/github"
  ]
}

Note: semantic-release-codeartifact must be listed before @semantic-release/npm

Python - pip

Support for pip coming soon

Java - Maven

Support for Maven coming soon

Java - Gradle

Support for Gradle coming soon

Contributors ✨

Thanks goes to these wonderful people (emoji key):


Ryan Sonshine

💻

Jared McAteer

🐛

This project follows the all-contributors specification. Contributions of any kind welcome!

Keywords

FAQs

Package last updated on 07 Jan 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc