Release #72
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions | |
name: Release | |
on: | |
# Allows you to run this workflow manually from the Actions tab. | |
# As there are a number of changes that need to happen during release we don't automatically release on push | |
workflow_dispatch: | |
inputs: | |
environment: | |
description: "Environment to deploy into" | |
type: environment | |
default: production | |
createRelease: | |
description: "Whether to create a release as part of the workflow" | |
type: boolean | |
default: false | |
# Needed permissions for changesets | |
permissions: | |
contents: write | |
id-token: write | |
pull-requests: write | |
jobs: | |
# install dependencies and store artifact | |
release: | |
name: Prepare figma plugin | |
environment: | |
name: ${{ inputs.environment }} | |
runs-on: ubuntu-22.04 | |
steps: | |
# Pull secrets from vault | |
- name: Import Secrets | |
id: secrets | |
uses: hashicorp/vault-action@v2 | |
with: | |
url: ${{ vars.VAULT_URL }} | |
role: ${{ vars.VAULT_ROLE }}_${{ inputs.environment }} | |
method: jwt | |
namespace: admin | |
secrets: | | |
${{ vars.VAULT_PATH }} MIXPANEL_ACCESS_TOKEN | MIXPANEL_ACCESS_TOKEN; | |
${{ vars.VAULT_PATH }} STORYBLOK_ACCESS_TOKEN | STORYBLOK_ACCESS_TOKEN; | |
${{ vars.VAULT_PATH }} SUPABASE_ANON_KEY | SUPABASE_ANON_KEY; | |
${{ vars.VAULT_PATH }} SENTRY_AUTH_TOKEN | SENTRY_AUTH_TOKEN; | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node.js environment | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '22.x' | |
cache: yarn | |
cache-dependency-path: '**/yarn.lock' | |
- name: Install dependencies | |
run: yarn --frozen-lockfile --immutable | |
# Generate the expected env file | |
- name: Make envfile | |
uses: SpicyPizza/create-envfile@v2.0 | |
with: | |
file_name: packages/tokens-studio-for-figma/.env.production | |
envkey_ENVIRONMENT: ${{ inputs.environment }} | |
envkey_LICENSE_API_URL: ${{ vars.LICENSE_API_URL }} | |
envkey_SECOND_SCREEN_APP_URL: ${{ vars.SECOND_SCREEN_APP_URL }} | |
envkey_LAUNCHDARKLY_SDK_CLIENT: ${{ vars.LAUNCHDARKLY_SDK_CLIENT }} | |
envkey_TOKEN_FLOW_APP_URL: ${{ vars.TOKEN_FLOW_APP_URL }} | |
envkey_SENTRY_DSN: ${{ vars.SENTRY_DSN }} | |
envkey_SENTRY_ORG: ${{ vars.SENTRY_ORG }} | |
envkey_SENTRY_PROJECT: ${{ vars.SENTRY_PROJECT }} | |
envkey_SUPABASE_URL: ${{ vars.SUPABASE_URL }} | |
envkey_MIXPANEL_ACCESS_TOKEN: ${{ steps.secrets.outputs.MIXPANEL_ACCESS_TOKEN }} | |
envkey_STORYBLOK_ACCESS_TOKEN: ${{ steps.secrets.outputs.STORYBLOK_ACCESS_TOKEN }} | |
envkey_SUPABASE_ANON_KEY: ${{ steps.secrets.outputs.SUPABASE_ANON_KEY }} | |
envkey_SENTRY_AUTH_TOKEN: ${{ steps.secrets.outputs.SENTRY_AUTH_TOKEN }} | |
# Build the figma plugin package | |
- name: Build Package | |
run: npm run build | |
# Create the bundle for Figma | |
- name: Bundle | |
run: npm run bundle | |
# Generate the release automatically in Github. This should not result in a publish to npm | |
# We should disable this if doing beta releases | |
- name: Create Release | |
if: ${{ inputs.createRelease }} | |
id: changesets | |
uses: changesets/action@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# Store artifact for later use | |
- name: Store Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: package | |
path: dist/bundle.zip |