Skip to content

Update release workflow #559

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 10, 2024
Merged

Update release workflow #559

merged 3 commits into from
Apr 10, 2024

Conversation

PsypherPunk
Copy link
Collaborator

@PsypherPunk PsypherPunk commented Apr 9, 2024
edited
Loading

Apologies if this is excessive but following #427, there are a few things I noticed:

  1. Cargo.toml now supports strip which I think should replace the explicit strip steps in the release workflow, unless there's any other reason they're not quite identical…?
  2. the trigger for the release workflow includes a tag with a v prefix. However, no existing tags/releases have that prefix; I've removed it and updated the workflow accordingly.
    • the docker.yml has the same trigger—if the above holds true, should that be updated to match?
  3. as kinda touched upon in feat(build): add GitHub Action to make release #427, I've made the OS/build checks in each step more generic (i.e. matching linux, not x86_64-linux) so if future architectures are added, the workflow should accommodate them.

Let me know if I've misread anything or any of the above isn't required/desired.

@PsypherPunk
build: remove explicit strip steps
cc65cf1 
- update `Cargo.toml` to
  [`strip`](https://doc.rust-lang.org/cargo/reference/profiles.html#strip)
  as part of the release profile.
- remove explicit `strip` steps from the release workflow.
- update step name to better reflect `git config` changes.
@PsypherPunk
build: remove prefix from expected tags
0852786 
- remove the `v` prefix from the triggering tag (all previous tags lack this).
- update tag-deriving steps to better reflect the expected tag pattern.
- update tag-deriving steps to be consistent in how `GITHUB_REF` is parsed.
@PsypherPunk
build: make build/OS checks generic
9bf9ef5 
- update GitHub Actions conditions to use
  [`contains`](https://docs.github.com/en/actions/learn-github-actions/expressions#contains)
  to match _all_ related builds.
- update shell conditions to accommodate the same.
@bee-san
Copy link
Owner

bee-san commented Apr 9, 2024

@CMNatic :

the docker.yml has the same trigger—if the above holds true, should that be updated to match?

👆🏻 I think this is true, but @CMNatic knows so much about our Docker setup so I'll defer :D

And why can't it log into Docker via the CI? It's in the actions secrets :(
image

it does not see those secrets?
image

And thanks @PsypherPunk !!!

@bee-san
Copy link
Owner

bee-san commented Apr 10, 2024

@PsypherPunk waiting on @CMNatic to have a lil look

then i'll merge this and try a release 🥳

@PsypherPunk
Copy link
Collaborator Author

@bee-san, come to think of it, I don't think builds triggered by pull-requests get access to secrets (to avoid external parties raising PRs to steal them, presumably): https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#using-secrets-in-a-workflow

@CMNatic
Copy link
Contributor

CMNatic commented Apr 10, 2024
edited
Loading

Hey 👋🏻

the docker.yml has the same trigger—if the above holds true, should that be updated to match?

Ahh good catch @PsypherPunk. Yes, I think this should also be updated to match :)

I don't think builds triggered by pull-requests get access to secrets

This is my understanding as well. I've double-checked the repo secrets for the dockerhub and they are correct. I think the PR will need to be merged for the runner to run. It's not super ideal, but it does make sense. A new commit will cause a publish to the latest tag which is documented as bleeding-edge. The runner isn't doing any sort of code review or checking if build works, it's just publishing an image:)

If it doesn't, I have a PR ready that uses a newer version the Docker login runner, which uses a access token instead that we can test @bee-san

@bee-san bee-san merged commit f2d9a2e into bee-san:master Apr 10, 2024
@bee-san
Copy link
Owner

bee-san commented Apr 10, 2024

the docker.yml has the same trigger—if the above holds true, should that be updated to match?

Mind doing this in another PR? :)

@CMNatic CMNatic mentioned this pull request Apr 10, 2024
Merged
@PsypherPunk PsypherPunk deleted the update-release-workflow branch April 10, 2024 12:21
@PsypherPunk PsypherPunk mentioned this pull request Apr 10, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@PsypherPunk @bee-san @CMNatic