DEV: Release using the REL commit instead of git tag #2500
Conversation
* The git tag is automatically added Pro: * This allows two contributors with write-permissions to trigger a PyPI + GitHub release Con: * My Github Access Token needs to be stored in the repository as a secret. The maximum lifespan of a fine-grained access token seems to be about two years, meaning I may not forget to update it regularly.
|
TODO:
|
|
@stefan6419846 @pubpub-zz This would be my suggestion. The only alternative I see is making one / both of you admins. I am thinking about passing the maintainer role to one of you, but independently of that I think it would be nice if we had a way in which multiple people in the community (with GitHub write permissions) could trigger a release. |
|
Do we really need the personal access token (PAT) here? https://github.com/ncipollo/release-action and https://github.com/rickstaa/action-create-tag/blob/main/entrypoint.sh seem to work with the default |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2500 +/- ##
=======================================
Coverage 94.67% 94.67%
=======================================
Files 50 50
Lines 8230 8230
Branches 1646 1646
=======================================
Hits 7792 7792
Misses 268 268
Partials 170 170 ☔ View full report in Codecov by Sentry. |
I currently have not studied the way to make release. I think you should consider @stefan6419846 as admin. I prefer to stay with current rights to be sure to make no damage 😳 |
This is documented in our docs and will receive some updates as soon as we have solved the tagging issue: #2499. Besides this, I am sure that neither Martin nor any other person (including me) will force you into anything against your will ;) |
stefan6419846
added
the
nf-packaging
Damned! My lazyness has been spotted |
|
I debugged this a bit and read the docs to find a way to not rely on the PAT: We have to grant write permissions for the repository content as detailed at https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions While my approach fixes the use of the deprecated Test repository: https://github.com/stefan6419846/gha_release_tests/blob/main/.github/workflows/release.yml |
|
I have been able to fix the condition as well in my test repository, thus it seems like we should be able to test/replace the PAT approach with the auto-generated GitHub token one. |
|
I have added some proposals to get rid of PATs which have to be maintained manually. The only thing left would be to remove the first line of the tag message if I am not mistaken? |
|
Removing the first line from the tag message is a bit trickier when doing everything with default Linux tools and getting used to setting multi-line variables in GitHub. We probably want to use something like the following step for retrieving the correct message: - name: Extract tag message from commit message
id: extract_message
run: |
VERSION="${{ steps.extract_version.outputs.version }}"
delimiter="$(openssl rand -hex 8)"
MESSAGE=$(echo "${{ github.event.head_commit.message }}" | sed "0,/REL: $VERSION/s///" )
echo "message<<${delimiter}" >> $GITHUB_OUTPUT
echo "$MESSAGE" >> $GITHUB_OUTPUT
echo "${delimiter}" >> $GITHUB_OUTPUT |
Co-authored-by: Stefan <96178532+stefan6419846@users.noreply.github.com>
Co-authored-by: Stefan <96178532+stefan6419846@users.noreply.github.com>
Co-authored-by: Stefan <96178532+stefan6419846@users.noreply.github.com>
Co-authored-by: Stefan <96178532+stefan6419846@users.noreply.github.com>
|
I have proposed a solution for the message now as well. Feel free to verify and check it. Although I tried to test most of this in a dedicated repository manually, I might have missed something or some stuff could be simplified. |
Co-authored-by: Stefan <96178532+stefan6419846@users.noreply.github.com>
|
@stefan6419846 Thank you for your help 🙏 |
|
@stefan6419846 @pubpub-zz I think both of you should now be able to release 🎉 If you notice other people doing substantial contributions and would like them to be contributors as well, let me know :-) |
REL: 4.2.0 ## What's new ### New Features (ENH) - Allow multiple charsets for NameObject.read_from_stream (#2585) by @pubpub-zz - Add support for /Kids in page labels (#2562) by @stefan6419846 - Allow to update fields on many pages (#2571) by @pubpub-zz - Tolerate PDF with invalid xref pointed objects (#2335) by @pubpub-zz - Add Enforce from PDF2.0 in viewer_preferences (#2511) by @pubpub-zz - Add += and -= operators to ArrayObject (#2510) by @pubpub-zz ### Bug Fixes (BUG) - Fix merge_page sometimes generating unknown operator 'QQ' (#2588) by @rfotino - Fix fields update where annotations are kids of field (#2570) by @pubpub-zz - Process CMYK images without a filter correctly (#2557) by @pubpub-zz - Extract text in layout mode without finding resources (#2555) by @pubpub-zz - Prevent recursive loop in some PDF files (#2505) by @pubpub-zz ### Robustness (ROB) - Tolerate "truncated" xref (#2580) by @pubpub-zz - Replace error by warning for EOD in RunLengthDecode/ASCIIHexDecode (#2334) by @pubpub-zz - Rebuild xref table if one entry is invalid (#2528) by @pubpub-zz - Robustify stream extraction (#2526) by @pubpub-zz ### Documentation (DOC) - Update release process for latest changes (#2564) by @stefan6419846 - Encryption/decryption: Clone document instead of copying all pages (#2546) by @redfast00 - Minor improvements (#2542) by @j-t-1 - Update annotation list (#2534) by @j-t-1 - Update references and formatting (#2529) by @j-t-1 - Correct threads reference, plus minor changes (#2521) by @j-t-1 - Minor readability increases (#2515) by @j-t-1 - Simplify PaperSize examples (#2504) by @j-t-1 - Minor improvements (#2501) by @j-t-1 ### Developer Experience (DEV) - Remove unused dependencies (#2572) by @stefan6419846 - Remove page labels PR link from message (#2561) by @stefan6419846 - Fix changelog generator regarding whitespace and handling of "Other" group (#2492) by @stefan6419846 - Add REL to known PR prefixes (#2554) by @stefan6419846 - Release using the REL commit instead of git tag (#2500) by @MartinThoma - Unify code between PdfReader and PdfWriter (#2497) by @pubpub-zz - Bump softprops/action-gh-release from 1 to 2 (#2514) by @dependabot[bot] ### Maintenance (MAINT) - Ressources → Resources (and internal name childs) (#2550) by @pubpub-zz - Fix typos found by codespell (#2549) by @stefan6419846 - Update Read the Docs configuration (#2538) by @j-t-1 - Add root_object, _info and _ID to PdfReader (#2495) by @pubpub-zz ### Testing (TST) - Allow loading truncated images if required (#2586) by @stefan6419846 - Fix download issues from #2562 (#2578) by @pubpub-zz - Improve test_get_contents_from_nullobject to show real use-case (#2524) by @stefan6419846 - Add missing test annotations (#2507) by @stefan6419846 [Full Changelog](4.1.0...4.2.0)
The git tag is automatically added
Pro:
Con: