BranchMetrics · bredmond5 · Oct 6, 2025
diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml
@@ -9,7 +9,7 @@ env:
 jobs:
   build-push:
     name: run tests, build and push
-    runs-on: ubuntu-latest
+    runs-on: arc-standard-small-set
     steps:
       - uses: actions/checkout@v4
 
@@ -98,8 +98,6 @@ jobs:
         uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-region: us-west-1
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
 
       - name: Deploy updated builds to staging
         if: ${{ github.ref == 'refs/heads/main' }}

diff --git a/.github/workflows/deploy-release.yml b/.github/workflows/deploy-release.yml
@@ -8,86 +8,84 @@
 
 jobs:
   publish:
-    runs-on: ubuntu-latest
+    runs-on: arc-standard-small-set
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: AWS, credentials setup
         uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-region: us-west-1
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
 
       - name: Add INPUT_SHA env var
         run: |
           export INPUT_SHA=$(git rev-parse ${{ github.ref }})
           echo "INPUT_SHA=`echo $INPUT_SHA`" >> $GITHUB_ENV
 
       - name: Install branch-github-actions
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: BranchMetrics/branch-github-actions
           ref: master
          path: .branch-github-actions
          token: ${{ secrets.BRANCHLET_ACCESS_TOKEN_PUBLIC }}

      - name: Get next release version
        uses: actions/github-script@v7
        id: next-version
        with:
          result-encoding: string
          script: |
            const getNextVersion = require('./.branch-github-actions/custom-scripts/next-version');
            const nextVersion = await getNextVersion({
              core,
              github,
              context,
              sha: process.env.INPUT_SHA,
            });
            return nextVersion;
        env:
          INPUT_SHA: ${{ env.INPUT_SHA }}

      - name: Install Node ${{ env.NODE_VERSION }}
        uses: actions/setup-node@v4
        with:
          node-version: ${{ env.NODE_VERSION }}
          registry-url: 'https://registry.npmjs.org'

      # Do this before npm configure because it writes the package.json version
      - name: Write version to files
        run: |
          ./deployment/write-versions.sh ${{ steps.next-version.outputs.result }}

      - name: Configure NPM
        run: npm ci

      - run: make release

      - name: Publish to s3
        run: |
          ./deployment/release-s3.sh ${{ steps.next-version.outputs.result }}

      - name: Publish to npm
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_PUBLISHER_TOKEN }}
        run: npm publish

      - name: Create Github Release
        uses: actions/github-script@v7
        env:
          GE_NEXT_VERSION: ${{ steps.next-version.outputs.result }}
          INPUT_SHA: ${{ env.INPUT_SHA }}
        with:
          result-encoding: string
          script: |
            const createRelease = require('./.branch-github-actions/custom-scripts/create-release');
            const sha = process.env.INPUT_SHA;
            const version = process.env.GE_NEXT_VERSION;
            await createRelease({
              core,
              context,
              github,
              sha,
              version,