-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable manually running workflow actions #39
Enable manually running workflow actions #39
Conversation
For testing builds on branches other than main.
Thanks for this proposal. What keeps you from submitting a PR without this trigger? After approval from a collaborator the workflows should already be able to run. |
There are breaking changes in 0.11.0 so I wanted to work in a branch to test (and troubleshoot) changes to the build workflow and then use the docker image to make sure it actually worked before sending you a clean PR. It takes out the guesswork because my skills are much lower than yours. 😄 |
Ah, I get it - I appreciate the intent to submit clean PRs 👍 I wonder about the security implications of enabling |
I suspect there might be a problem with how I wrote the actions, though. The steps guarded like this would be executed in a - name: Sign the published Docker image
if: ${{ github.event_name != 'pull_request' }}
env:
COSIGN_EXPERIMENTAL: "true"
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: cosign sign ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-and-push.outputs.digest }} I guess we'll have to turn the guard into an allow-list instead of a deny-list to support it. 🤔 |
I think it should be as simple as changing the |
Here's some GitHub documents:
The "Run workflow" button only appears in you own Actions. It won't be there for me in your repository, and it won't for you in my fork. I'm not sure there any settings to even change this limitation! You can see a simplistic practical example here (actually where I got the idea from): https://github.com/deviant77/ipq807x-openwrt-builder
I think your actions are correct.
I think So in summary I think everything is fine as it is, we just need to enable the "Run workflow" button by merging this PR to main! 😄 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for patiently walking me through this. My mental model of what the docker image tag will be when the trigger is workflow_dispatch
is incomplete, which is why I was hesitant. But let's give it a try and iterate on it if doesn't behave quite right.
Thank you! ❤️
I've only just got builds working on my fork! I've just created a branch named "this-is-a-test-branch" and ran a manual build. |
good to hear, thanks for sharing! |
For testing builds on branches before you commit them to main.
If you merge this I can then test and send you a pull request for a working Frigate 0.11.0 beta 2 build.