feat: add semantic versioning and automated releases

- Add semantic-release configuration
- Create automated release workflow
- Enable artifact uploads to GitHub releases
- Add changelog generation
Commit format for releases:
- feat: new feature (minor bump)
- fix: bug fix (patch bump)
- BREAKING CHANGE: major bump

Author: thomasvincent

.github/workflows/release.yml

@@ -1,63 +1,23 @@
-name: Create Release
+name: Release
 
 on:
   push:
-    tags:
-      - 'v*.*.*'
+    branches: [main, master]
 
-# Cancel previous runs on the same PR
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-
-
-# Minimal permissions by default
 permissions:
-  contents: read
+  contents: write
+  issues: write
+  pull-requests: write
+
+concurrency:
+  group: release-\${{ github.ref }}
+  cancel-in-progress: false
 
 jobs:
-  build:
-    name: Create Release
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v6
-        with:
-          fetch-depth: 0
-          
-      - name: Get the version
-        id: get_version
-        run: echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
-        
-      - name: Generate changelog
-        id: changelog
-        uses: metcalfc/[email protected]
-        with:
-          myToken: ${{ secrets.GITHUB_TOKEN }}
-          
-      - name: Create Release
-        id: create_release
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          tag_name: ${{ steps.get_version.outputs.VERSION }}
-          release_name: Release ${{ steps.get_version.outputs.VERSION }}
-          body: |
-            ## Changes in this Release
-            
-            ${{ steps.changelog.outputs.changelog }}
-            
-            ## SSM Documents
-            
-            This release includes the following SSM Automation documents:
-            
-            - `attach_policies_to_role.yaml`: Attaches IAM policies to a role
-            - `s3_encryption.yaml`: Enables server-side encryption on S3 buckets
-            - `ec2_instance_patching.yaml`: Patches EC2 instances
-            - `create_and_tag_resources.yaml`: Creates and tags AWS resources
-            - `security_group_audit.yaml`: Audits and remediates security groups
-            - `maintenance_window_setup.yaml`: Sets up SSM maintenance windows
-          draft: false
-          prerelease: false
+  release:
+    uses: thomasvincent/.github/.github/workflows/reusable-semantic-release.yml@main
+    with:
+      project-type: 'nodejs'
+      build-artifacts: true
+      upload-artifacts: true
+    secrets: inherit

.releaserc.json

@@ -0,0 +1,18 @@
+{
+  "branches": ["main", "master"],
+  "plugins": [
+    ["@semantic-release/commit-analyzer", {
+      "preset": "conventionalcommits"
+    }],
+    ["@semantic-release/release-notes-generator", {
+      "preset": "conventionalcommits"
+    }],
+    "@semantic-release/changelog",
+    ["@semantic-release/npm", {"npmPublish": false}],
+    "@semantic-release/github",
+    ["@semantic-release/git", {
+      "assets": ["CHANGELOG.md", "package.json", "Cargo.toml", "pyproject.toml"],
+      "message": "chore(release): ${nextRelease.version} [skip ci]"
+    }]
+  ]
+}