Update IAM Roles #78

# to view logs

	name: Update IAM Roles

	on:
	schedule:
	- cron: '37 3 * * SUN'
	workflow_dispatch:

	permissions:
	contents: write

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3
	with:
	token: ${{secrets.GH_PAT}}

	- uses: actions/setup-node@v3
	with:
	node-version: 16.x

	- run: npm ci

	- name: Regenerate Roles
	run: npm run save-roles
	env:
	API_KEY: ${{ secrets.GCP_KEY }}

	- name: Check if new roles
	id: git_diff
	run: \|
	if git diff --quiet src/google/data/roles.json; then
	echo "No changes detected"
	echo "changes=false" >> $GITHUB_OUTPUT
	else
	echo "Changes detected, committing and pushing"

	git config user.email "patrick.doc@ameritech.net"
	git config user.name "(Workflow) Patrick Dougherty"

	VERSION=$(npm version patch --git-tag-version false)
	VERSION=${VERSION:1}

	git add src/google/data/roles.json package.json package-lock.json
	git commit -m "${VERSION} Bumping roles.json"
	git tag -a "${VERSION}" -m "Automated roles.json update (${VERSION})"
	git push --atomic origin main "${VERSION}"
	echo "changes=true" >> $GITHUB_OUTPUT
	echo "version=${VERSION}" >> ${GITHUB_OUTPUT}
	fi

	- name: Create release
	if: steps.git_diff.outputs.changes == 'true'
	uses: softprops/action-gh-release@v1
	with:
	body: \|
	Automated roles.json bump. See GCP IAM roles changelog [here](https://cloud.google.com/iam/docs/permissions-change-log)
	tag_name: ${{steps.git_diff.outputs.version}}

	- name: Publish
	if: steps.git_diff.outputs.changes == 'true'
	run: npm run deploy
	env:
	VSCE_PAT: ${{ secrets.VSCE_PAT }}

Provide feedback