Add title argument to CLI release workflow #1349
Conversation
banool
force-pushed
the
add_title_argument_to_cli_release
branch
2 times, most recently
from
0a22ddb
to
50f58c4
Compare
| @@ -64,5 +68,6 @@ jobs: | |||
| repo_token: "${{ secrets.GITHUB_TOKEN }}" | |||
| automatic_release_tag: "${{ github.event.inputs.release_tag }}" | |||
| prerelease: false | |||
| title: "${{ github.event.inputs.release_title }}" | |||
There was a problem hiding this comment.
what happens if the user leaves title empty? Will this create a release with an empty title or just proceed as if no title had been passed to the action? Just wanna make sure this action does something reasonable if the title hasn't been provided at all or otherwise make the title required in all cases.
There was a problem hiding this comment.
I tested that, it falls back to the default, not an empty string.
|
See #1354 for the permissions fix. |
.github/workflows/cli-release.yaml
Outdated
| id-token: "write" | ||
| contents: "write" | ||
| packages: "write" | ||
| pull-requests: "read" |
There was a problem hiding this comment.
are you sure it needs all of these?
I think this workflow actually only needs contents: write.
There was a problem hiding this comment.
I'm not, I just yanked this from an issue on the repo for action-automatic-releases that says contents: "write" was insufficient. I can experiment with restricting the permissions. I couldn't find a good resource explaining what each scope actually gives you. I'll do this next week some time, each loop of testing here takes like 30 minutes.
There was a problem hiding this comment.
ok, just read the issue (marvinpinto/actions#340 (comment)) and looked through the source code of the action to understand a bit better what it does.
I'm 95% confident that for us it only needs:
contents: write
pull-requests: read
The latter is because it queries PRs to get a changelog.
The id-token is definitely irrelevant here (as the issue from the other repo suggested) and packages seems also very unlikely. I guess @marvinpinto was publishing some package (npm, docker etc.) as part of the workflow and that's why he's added it.
There was a problem hiding this comment.
Sweet yeah I would've thought the same. I'll test that change.
|
/land |
|
Forge run: https://github.com/aptos-labs/aptos-core/actions/runs/2500106240 |
aptos-bot
force-pushed
the
add_title_argument_to_cli_release
branch
from
f9964db
to
6de4949
Compare
Description
Adds the ability to specify a name for the release.
Test Plan
quote: Christian
In seriousness, testing a manually triggered action from a branch isn't possible, I have to test from a clone of the repo. Stay posted.
Updated test plan
See https://github.com/banool/aptos-core/actions/runs/2477553972. This is a run on my clone of the repo using this updated workflow. I confirmed that the title of the workflow ran successfully and the release had the given title. I also did a run where I didn't specify the title and it correctly fell back to the default title: https://github.com/banool/aptos-core/actions/runs/2477607202.