Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release pipeline: fix ref arguments in invoking workflow #17684

Merged
merged 1 commit into from
Jun 22, 2023
Merged

release pipeline: fix ref arguments in invoking workflow #17684

merged 1 commit into from
Jun 22, 2023

Conversation

tgross
Copy link
Member

@tgross tgross commented Jun 22, 2023

Although #17669 fixed the permissions of the release pipeline to push new commits, there was still an error when invoking the build workflow.

The format of the reference was changed in #17103 such that we're sending the git ref (a SHA) and not the "--ref" argument required by the GH actions workflow API, which in this case is apparently specially defined as "The branch or tag name which contains the version of the workflow file you'd like to run" and not what git calls a "ref".

This changeset:

  • Removes the third-party action entirely so that we're using GitHub's own tooling. This removes one more thing from the supply chain to pin and ensures a 1:1 mapping of args to what's documented by GitHub.
  • Removes the --ref argument entirely, which causes it to default to the current branch that the release workflow is running on (which is always what we want).

Tested out in https://github.com/hashicorp/nomad-enterprise/actions/runs/5349266786 (after many many iterations 😀 )

@tgross
release pipeline: fix ref arguments in invoking workflow
193e588 
Although #17669 fixed the permissions of the release pipeline to push new
commits, there was still an error when invoking the `build` workflow.

The format of the reference was changed in #17103 such that we're sending the
git ref (a SHA) and not the "--ref" argument required by the GH actions workflow
API, which in this case is apparently specially defined as "The branch or tag
name which contains the version of the workflow file you'd like to run" and not
what git calls a "ref".

This changeset:
* Removes the third-party action entirely so that we're using GitHub's own
  tooling. This removes one more thing from the supply chain to pin and ensures a
  1:1 mapping of args to what's documented by GitHub.
* Removes the `--ref` argument entirely, which causes it to default to the
  current branch that the release workflow is running on (which is always what
  we want).
@tgross tgross requested review from lgfa29 and gulducat June 22, 2023 19:14
@tgross tgross added theme/build-infrastructure backport/1.3.x backport to 1.3.x release line backport/1.4.x backport to 1.4.x release line backport/1.5.x backport to 1.5.x release line labels Jun 22, 2023
lgfa29
lgfa29 approved these changes Jun 22, 2023
View reviewed changes
Copy link
Contributor

@lgfa29 lgfa29 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for digging into it 🎉

@tgross tgross merged commit c3d8157 into main Jun 22, 2023
@tgross tgross deleted the release-workflow-permissions branch June 22, 2023 19:33
This was referenced Jun 22, 2023
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lgfa29 lgfa29 lgfa29 approved these changes

@shore shore shore approved these changes

@gulducat gulducat Awaiting requested review from gulducat

Assignees
No one assigned
Labels
backport/1.3.x backport to 1.3.x release line backport/1.4.x backport to 1.4.x release line backport/1.5.x backport to 1.5.x release line theme/build-infrastructure
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tgross @lgfa29 @shore