Adding release procedures to Github Actions #355
Conversation
mdemoret-nv
added
non-breaking
| cat ci/release/pr_code_freeze_template.md | envsubst | \ | ||
| gh pr create --base main --head branch-${VERSION} \ | ||
| --title "[RELEASE] ${REPO_NAME} v${VERSION}" \ | ||
| --body-file - \ |
There was a problem hiding this comment.
Remark: This is pretty cool. I didn't know you could pipe the file in like that.
| fetch-depth: 0 | ||
| - name: Create PR | ||
| run: | | ||
| cat ci/release/pr_code_freeze_template.md | envsubst | \ |
There was a problem hiding this comment.
Remark: Using envsubst here could be dangerous due GITHUB_TOKEN being in the environment. Wondering what the chances are we accidentally expose the token this way. I imagine it would require both updating the template and running the workflow from the dashboard. Seems unlikely, but still possible.
Question: Is having GITHUB_TOKEN in the environment necessary?
Question: Are there other secrets that could be exposed with envsubst?
| with: | ||
| lfs: false | ||
| path: 'mrc' | ||
| fetch-depth: 0 |
There was a problem hiding this comment.
Question: Do we need to fetch all history for all branches and tags?
| create_next_release_branch: | ||
| description: 'Creates the next release branch and configures tags' | ||
| required: true | ||
| type: boolean | ||
| default: false | ||
| update_next_release_versions: | ||
| description: 'Runs the update-version script and creates a PR with the changes' | ||
| required: true | ||
| type: boolean | ||
| default: false | ||
| update_changelog: | ||
| description: 'Updates the CHANGELOG.md file for the current release and commits the changes' | ||
| required: true | ||
| type: boolean | ||
| default: false | ||
| merge_release_branch: | ||
| description: 'Merges the code freeze release branch, creates the release tag, and creates a new Github release' | ||
| required: true | ||
| type: boolean | ||
| default: false |
There was a problem hiding this comment.
Remark: Looks like some of these inputs are unused.
Question: Should the unused inputs be removed?
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## branch-23.07 #355 +/- ##
=================================================
+ Coverage 51.20% 73.14% +21.93%
=================================================
Files 346 382 +36
Lines 11041 13403 +2362
Branches 930 1010 +80
=================================================
+ Hits 5654 9804 +4150
+ Misses 5387 3599 -1788
Flags with carried forward coverage won't be shown. Click here to find out more. see 162 files with indirect coverage changes Continue to review full report in Codecov by Sentry.
|
Description
Testing performing some release procedures in CI to improve release automation