New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add title argument to CLI release workflow #1349
Conversation
0a22ddb
to
50f58c4
Compare
@@ -64,5 +68,6 @@ jobs: | |||
repo_token: "${{ secrets.GITHUB_TOKEN }}" | |||
automatic_release_tag: "${{ github.event.inputs.release_tag }}" | |||
prerelease: false | |||
title: "${{ github.event.inputs.release_title }}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what happens if the user leaves title
empty? Will this create a release with an empty title or just proceed as if no title had been passed to the action? Just wanna make sure this action does something reasonable if the title hasn't been provided at all or otherwise make the title required in all cases.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tested that, it falls back to the default, not an empty string.
See #1354 for the permissions fix. |
.github/workflows/cli-release.yaml
Outdated
id-token: "write" | ||
contents: "write" | ||
packages: "write" | ||
pull-requests: "read" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
are you sure it needs all of these?
I think this workflow actually only needs contents: write
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not, I just yanked this from an issue on the repo for action-automatic-releases that says contents: "write"
was insufficient. I can experiment with restricting the permissions. I couldn't find a good resource explaining what each scope actually gives you. I'll do this next week some time, each loop of testing here takes like 30 minutes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok, just read the issue (marvinpinto/actions#340 (comment)) and looked through the source code of the action to understand a bit better what it does.
I'm 95% confident that for us it only needs:
contents: write
pull-requests: read
The latter is because it queries PRs to get a changelog.
The id-token is definitely irrelevant here (as the issue from the other repo suggested) and packages seems also very unlikely. I guess @marvinpinto was publishing some package (npm, docker etc.) as part of the workflow and that's why he's added it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sweet yeah I would've thought the same. I'll test that change.
/land |
Forge run: https://github.com/aptos-labs/aptos-core/actions/runs/2500106240 |
f9964db
to
6de4949
Compare
Description
Adds the ability to specify a name for the release.
Test Plan
quote: Christian
In seriousness, testing a manually triggered action from a branch isn't possible, I have to test from a clone of the repo. Stay posted.
Updated test plan
See https://github.com/banool/aptos-core/actions/runs/2477553972. This is a run on my clone of the repo using this updated workflow. I confirmed that the title of the workflow ran successfully and the release had the given title. I also did a run where I didn't specify the title and it correctly fell back to the default title: https://github.com/banool/aptos-core/actions/runs/2477607202.