Setup Github Actions that deploy our hello-strongbox-* to the Github Package Registry #1927
Comments
carlspring
added
help wanted
testing
hacktoberfest
|
Hi, this sounds easy. Should the actions somehow also use an installed strongbox installation or merely build + deploy to github actions. While the former sound complicated, the latter seems "pointless"? Am i missing something here? Would gladly help otherwise :) |
|
Hi @BjoernAkAManf , The point of this task is so that we can later on use these dependencies for testing Strongbox's behaviour when proxying to the Github Package Registry. I will create a follow-up task for this as well. So, to answer your question -- no, it should not be deploying to Strongbox at all right now, just to the Github Package Registry. Feel free to pick this up! :) @j4ckofalltrades might pick up some of the sub-tasks as well. |
|
Ah thanks! Guess i'll go and write some github actions code then 😄 . |
|
Took more attempts than i wanted it to, however now it builds jars into the package repository.
See: |
|
Awesome, thanks! :) So, you now have the Maven one covered! Would you like to do the rest of the ones that use Maven repositories as well (first)? |
|
Sure i can do that. |
|
@BjoernAkAManf @carlspring I'm currently looking into Update: Looking into |
|
Thanks, @j4ckofalltrades ! This project looks quite useful and I'm sure we'll be using it to try out more of our Github Actions with it in the future! cc: @steve-todorov |
|
@BjoernAkAManf : How are things going with the Maven-based actions? |
carlspring
changed the title
carlspring
changed the title
|
Just an fyi regarding authentication in GitHub Action workflows, this pertains to the See https://docs.github.com/en/free-pro-team@latest/actions/reference/authentication-in-a-workflow#about-the-github_token-secret for more info. |
|
Thanks for the clarification, @j4ckofalltrades ! :) There's something else that we'll need to address -- the non-Maven-based tool have no concept of snapshots, which means that every time we merge a pull request, the NPM, NuGet and so on Github Actions will fail. Is there a reasonable way in which we can handle this for these? Can we remove the artifacts before deploying them? (They're all using fixed versions such as cc: @steve-todorov Please, feel free to pick up the Maven and SBT ones as well. We haven't heard back from @BjoernAkAManf, nor seen a pull request for them yet, so I assume it would be safe to proceed with them as well. (Please, feel free to give us a shout, if this is not so, @BjoernAkAManf). |
Unfortunately this isn't possible for public repos / packages. From GitHub docs:
We could maybe skip the publish step as an alternative e.g. |
Yeah, we should probably do this. |
|
@j4ckofalltrades : Could you please make the artifact names more consistent? If possible, they should all be using the following format: |
|
Sorry to reply so late, have been unexpectedly busy the last couple of days. I'll add the maven artifact to the github repository now, but otherwise i'll probably wont be able to help the next days. |
|
Thanks @BjoernAkAManf ! I think that it will be better, if @j4ckofalltrades does the remainder of the sub-tasks, as he's already done with most of the work anyway. @j4ckofalltrades , @steve-todorov : Could you please review strongbox/strongbox-examples#28? Thanks! :) |
|
@j4ckofalltrades , @BjoernAkAManf , @steve-todorov , There is another problem with the deployment of all these artifacts that I've realized. Basically, when an example sub-module has been changed, we will need to bump the versions for all of the other ones as well, because if they have already been deployed to the Github Package Registry, then the deployment for all of them will fail. Do you guys have any suggestions on how we could easily sort this our for all of them? Should we use the |
|
However, we'll then need to address this as well: |
|
One other option is to append the latest commit hash (maybe trimmed to first ~6-10 characters) to the version number. like in https://maven.apache.org/maven-ci-friendly.html and it should be fairly simple to do in other non-Maven based artifacts as well. GitHub Actions provides it via the GITHUB_SHA environment variable. |
|
Another option would be to switch the version to |
|
The hash would probably be easier and cleaner, but it would also be less human-intelligible (and it would be hard to tell what the latest version is, unless you look it up via the commit history). Not that anyone would really be using these artifacts for anything else than testing our integration with the Github Package Registry via Strongbox. |
|
Okay let's go with the append timestamp If all good then it should also be applied to the maven workflow. |
Task Description
We need to create a Github Action for the strongbox-examples that deploys the artifacts for each of layout providers (that we have an image for) to the Github Package Registry for the strongbox-examples.
You will need to create a fork and set this up in your fork first.
Tasks
The following tasks will need to be carried out:
Task Relationships
This task:
Useful Links
Help
The text was updated successfully, but these errors were encountered: