Skip to content

Create truss RC packages through GHA #2002

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Create truss RC packages through GHA #2002

wants to merge 4 commits into from

Conversation

@ndeepak-baseten
Copy link
Contributor

@ndeepak-baseten ndeepak-baseten commented Oct 21, 2025
edited
Loading

🚀 What

Add a workflow to trigger an RC release from GHA. This packages code already pushed into the branch in the distribution, ensuring package security and integrity. Also allows traceability.

Inputs:

  • branch name
  • desired rc version (looked up from pyproject.toml and uv.lock)

Other features:

  • Can be run by a set of allowlisted users.
  • Validates version for x.y.zrcN schema.
  • Validates expected rc is consistent in uv.lock and pyproject.toml
  • Allows one run at a time

💻 How

Add new GHA workflow. Mostly follows our post-commit workflow, but leaves out the git tag and release steps.

🔬 Testing

Individual steps work. Validated regex separately. Can test wofkflow after merge.

@ndeepak-baseten ndeepak-baseten changed the title Initial commit for rc release CI Create truss RC packages through GHA Oct 21, 2025
ndeepak-baseten
ndeepak-baseten commented Oct 21, 2025
View reviewed changes
.github/workflows/create-rc-release.yml
- name: Check user permissions
run: |
# Only allow specific users to trigger (from secret)
ALLOWED_USERS="${{ secrets.RC_RELEASE_ALLOWED_USERS }}"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mainly for security reasons. Can follow any prior best practice if available.

ndeepak-baseten
ndeepak-baseten commented Oct 21, 2025
View reviewed changes
.github/workflows/create-rc-release.yml
@@ -0,0 +1,65 @@
# .github/workflows/create-rc-release.yml
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alternatively, I could add one more conditional to "Main - post-commit" to jump straight to package publishing. However, this workflow also runs validations for rc versions. Not heavily opinionated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@squidarth squidarth Awaiting requested review from squidarth

@nnarayen nnarayen Awaiting requested review from nnarayen

@nicolasgere nicolasgere Awaiting requested review from nicolasgere

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ndeepak-baseten