New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds automatic release action #17594
Conversation
Great to see this progress! Btw another important step to complete at the end will be to update the instructions at: https://matomo.org/blog/2014/11/verify-signatures-piwik-packages/ |
Is it ready to review? I see the |
@flamisz That's because it requires some setup before it could be merged. It's also only a suggestion from my side how the process could work. So it has the needs review and rfc label actually to get some feedback. |
From my end it looks fantastic @sgiehl - great work! Will save us all time and make our release process faster 🚀 |
@tsteur Not sure if someone wants to do a code review. Otherwise we can configure it |
👍 wasn't sure as it was set to draft. Generally had a look over it and looked ok-ish but don't know the details. I guess we'd mostly want to test it to ensure it works. Maybe in beginning we wouldn't test it with ssh piwik-builds but some other account. |
This issue is in "needs review" but there has been no activity for 7 days. ping @matomo-org/core-reviewers |
dfc653b
to
9ce997a
Compare
@Findus23 applied some of the fixes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left a few minor comments. The password check we could add after it's been merged.
Otherwise looks all good to merge from my perspective once the comments have been addressed and once the process of using this is documented and how it works (eg how to allow someone to release etc)
👍 |
Guess we actually could merge this one now. Once the secrets have been added we can give it a first try... |
* Adds automatic release action * remove test branch usage * set proper permissions * use the commit hashes of the versions for external actions * remove invalid permission property * use local version of build script * various improvements * disallow creating automated tags from branches other than 4.x-dev and next_release * apply latest build script changes * manually import gpg key instead of using an action * remove all remote work * also attach piwik.* files to the release * some cleanup * Adds confirmation box to action run * apply review feedback * add password check * allow releases to be triggered from any development branch * only allow beta releases from development branches * improve permissions * add some comments about required secrets * use default github token to check group members
This PR aims to set up a automatic build process.
What this action does:
This action always needs to be triggered manually in the actions tab. This is possible with two purposes:
New release in the current major version
When a new release has to be done this action simply needs to be triggered manually, without setting a version.
The action will then:
matomo-org/release-team
--> If this is not the case the action will abort with an error
core/Version.php
will be extracted and used--> If a tag with the determined version already exists the action will abort with an error
.github/scripts/build-package.sh
--> This will create piwik and matomo release archives in
zip
andtar.gz
as well as signature files ending on.asc
Release in LTS version (or re-release of a broken one)
When releasing a LTS version we can't simply trigger the action. Instead we need to create the tag manually first. After this has been done, the actions needs to be triggered while providing the tagged version number in the according input:
The action will then:
matomo-org/release-team
--> If this is not the case the action will abort with an error
--> If no tag exists the action will abort with an error
.github/scripts/build-package.sh
--> This will create piwik and matomo release archives in
zip
andtar.gz
as well as signature files ending on.asc
Additionally the action could also be used to re-release a "broken" release. Even though this should be an uncommon use case, it's possible to simply trigger the action with a version number that already exists. For pre-releases the script should simply run through and recreate the archives. They should then be replaced in the repo release. For stable releases this currently won't work as the build script aborts if the version is already available on our build server
Requirements:
The team
matomo-org/release-team
needs to be filled with the persons who should be able to trigger this action. This is currently a private group, so no one can directly see who actually has the permissionThe action requires the following repository tokens to be set up:
Testing / Feedback
If someone wants to test the process feel free to get in touch on slack. It's set up on my fork and uses a slightly adjusted build script that uploads the releases to another account. Can give you access...
fixes matomo-org/matomo-package#119