-
-
Notifications
You must be signed in to change notification settings - Fork 196
98 lines (91 loc) · 3.81 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
name: Release
on:
# Allows you to run this workflow manually from the Actions tab.
# As there are a number of changes that need to happen during release we don't automatically release on push
workflow_dispatch:
inputs:
environment:
description: "Environment to deploy into"
type: environment
default: production
createRelease:
description: "Whether to create a release as part of the workflow"
type: boolean
default: false
# Needed permissions for changesets
permissions:
contents: write
id-token: write
pull-requests: write
jobs:
# install dependencies and store artifact
release:
name: Prepare figma plugin
environment:
name: ${{ inputs.environment }}
runs-on: ubuntu-22.04
steps:
# Pull secrets from vault
- name: Import Secrets
id: secrets
uses: hashicorp/vault-action@v2
with:
url: ${{ vars.VAULT_URL }}
role: ${{ vars.VAULT_ROLE }}_${{ inputs.environment }}
method: jwt
namespace: admin
secrets: |
${{ vars.VAULT_PATH }} MIXPANEL_ACCESS_TOKEN | MIXPANEL_ACCESS_TOKEN;
${{ vars.VAULT_PATH }} STORYBLOK_ACCESS_TOKEN | STORYBLOK_ACCESS_TOKEN;
${{ vars.VAULT_PATH }} SUPABASE_ANON_KEY | SUPABASE_ANON_KEY;
${{ vars.VAULT_PATH }} SENTRY_AUTH_TOKEN | SENTRY_AUTH_TOKEN;
- name: Checkout
uses: actions/checkout@v3
- name: Setup Node.js environment
uses: actions/setup-node@v3
with:
node-version: '22.x'
cache: yarn
cache-dependency-path: '**/yarn.lock'
- name: Install dependencies
run: yarn --frozen-lockfile --immutable
# Generate the expected env file
- name: Make envfile
uses: SpicyPizza/[email protected]
with:
file_name: packages/tokens-studio-for-figma/.env.production
envkey_ENVIRONMENT: ${{ inputs.environment }}
envkey_LICENSE_API_URL: ${{ vars.LICENSE_API_URL }}
envkey_SECOND_SCREEN_APP_URL: ${{ vars.SECOND_SCREEN_APP_URL }}
envkey_LAUNCHDARKLY_SDK_CLIENT: ${{ vars.LAUNCHDARKLY_SDK_CLIENT }}
envkey_TOKEN_FLOW_APP_URL: ${{ vars.TOKEN_FLOW_APP_URL }}
envkey_SENTRY_DSN: ${{ vars.SENTRY_DSN }}
envkey_SENTRY_ORG: ${{ vars.SENTRY_ORG }}
envkey_SENTRY_PROJECT: ${{ vars.SENTRY_PROJECT }}
envkey_SUPABASE_URL: ${{ vars.SUPABASE_URL }}
envkey_MIXPANEL_ACCESS_TOKEN: ${{ steps.secrets.outputs.MIXPANEL_ACCESS_TOKEN }}
envkey_STORYBLOK_ACCESS_TOKEN: ${{ steps.secrets.outputs.STORYBLOK_ACCESS_TOKEN }}
envkey_SUPABASE_ANON_KEY: ${{ steps.secrets.outputs.SUPABASE_ANON_KEY }}
envkey_SENTRY_AUTH_TOKEN: ${{ steps.secrets.outputs.SENTRY_AUTH_TOKEN }}
# Build the figma plugin package
- name: Build Package
run: npm run build
# Create the bundle for Figma
- name: Bundle
run: npm run bundle
# Generate the release automatically in Github. This should not result in a publish to npm
# We should disable this if doing beta releases
- name: Create Release
if: ${{ inputs.createRelease }}
id: changesets
uses: changesets/action@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Store artifact for later use
- name: Store Artifact
uses: actions/upload-artifact@v4
with:
name: package
path: dist/bundle.zip