Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: add GitHub Actions for release automation #20

Closed
wants to merge 1 commit into from

Conversation

pjsier
Copy link
Member

@pjsier pjsier commented Jan 23, 2022

This automates publishing to crates.io and creating a GitHub release whenever a tag starting with "v" is pushed

@michaelkirk
Copy link
Member

Does this mean anyone who can push a tag can publish a release to crates.io?

@pjsier
Copy link
Member Author

pjsier commented Jan 23, 2022

Yeah, so I wanted to open it as a PR first to decide if that sounds alright. It looks like all members of georust have permissions to push to this repo, which I didn't realize at first, so it could make sense to either restrict that or leave this alone. It's a pretty minor step to publish and create a release

@michaelkirk
Copy link
Member

I'm not an org admin. I'm not sure what the mechanism for getting everyone in Core commit rights is - are they being manually opted in to each repo by an admin or is there something in effect that applies to all new repos as well? Unless we want to revisit the policy org wide, it's probably best to keep publishing the kml crate manual for now, unless it becomes arduous.

In practice permissive commit access has been somewhat useful at getting people to take agency of repositories that transfer from hand to hand, and it hasn't been abused AFAIK. The restrictive publishing permissions added in georust/meta#21 serve as a sort of blast door if someones account does get compromised.

@pjsier
Copy link
Member Author

pjsier commented Jan 25, 2022

From looking at the settings it looks like members of the organization have rights to commit to all repos by default. I think that makes sense for permissive commit access though, so I don't think it should be an issue here.

Overall this isn't a huge issue, and I think the reasons for keeping things as is make sense. Thanks for clarifying!

@pjsier pjsier closed this Jan 25, 2022
@michaelkirk
Copy link
Member

Thanks for your flexibility and talking it through with me!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants