release-please.yml

on:
  push:
    branches:
      - main
env:
  AWS_REGION: ${{ vars.AWS_REGION}}
  SAR_BUCKET_NAME: ${{ secrets.SAR_BUCKET_NAME }}

permissions:
  contents: write
  pull-requests: write
  id-token: write

name: release-please

jobs:
  release-please:
    runs-on:
      - codebuild-gha-runners-arm64-${{ github.run_id }}-${{ github.run_attempt }}
    steps:
      - id: release
        uses: googleapis/release-please-action@v4
        with:
          token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
      - uses: actions/checkout@v4
        if: ${{ steps.release.outputs.release_created }}
      - uses: aws-actions/setup-sam@v2
        if: ${{ steps.release.outputs.release_created }}
      - name: print envs
        run: env
      - name: configure aws credentials
        uses: aws-actions/configure-aws-credentials@v4
        if: ${{ steps.release.outputs.release_created }}
        with:
          role-to-assume: ${{ secrets.SAR_DEPLOYMENT_IAM_ROLE }}
          role-session-name: github-action-sar-deploy-session
          aws-region: ${{ env.AWS_REGION }}
      - name: Cache SAM  outputs
        if: ${{ steps.release.outputs.release_created }}
        uses: actions/cache@v3
        with:
          key: ${{ runner.os }}-sam
          path: |
            ~/.aws-sam/cache
      - name: SAM build
        if: ${{ steps.release.outputs.release_created }}
        run: |
          sam build --cached
      - name: SAR publish
        if: ${{ steps.release.outputs.release_created }}
        run: |
          sam package --output-template-file packaged.yaml --s3-bucket ${SAR_BUCKET_NAME}
          sam publish --template packaged.yaml --region ${AWS_REGION}