Release automation#1172
Conversation
PatelUtkarsh
left a comment
PatelUtkarsh
left a comment
There was a problem hiding this comment.
Left some suggestions but overall looks good!
|
|
||
| # After the deployment, we also want to create a zip and upload it to the release on GitHub. | ||
| - name: Upload release asset | ||
| uses: actions/upload-release-asset@v1 |
There was a problem hiding this comment.
💡 thought: This action is archived and deprecated by GitHub since 2021.
Should we migrate it to more active ones like:
- name: Upload release asset
uses: softprops/action-gh-release@v2
with:
files: ${{ steps.deploy.outputs.zip-path }}
There was a problem hiding this comment.
@PatelUtkarsh It seems that "softprops/action-gh-release" serves a different purpose from my understanding though, no? 🤔 It seems to be aimed at creating github releases, while here we're trying to upload assets to the manually created release https://github.com/softprops/action-gh-release
There was a problem hiding this comment.
@gabrielcld2 Good question, but softprops/action-gh-release actually handles this case too 👍
When the workflow is triggered by a release event, the action does not create a new release - it detects the existing release for the current tag and updates it in place, uploading anything passed via files: as release assets. Creating releases is just one of its modes; attaching assets to an existing release is the most common usage and exactly what the (archived) actions/upload-release-asset did.
From their README (Uploading release assets):
"If a tag already has a GitHub release, the existing release will be updated with the release assets."
The migration would be a drop-in replacement:
# After the deployment, upload the zip to the existing GitHub release.
- name: Upload release asset
uses: softprops/action-gh-release@v2
with:
files: ${{ steps.deploy.outputs.zip-path }}No upload_url, asset_name, or asset_content_type plumbing needed — it infers all of that. The GITHUB_TOKEN env is also unnecessary (it uses the default token), though the job may need permissions: contents: write depending on the repo's default workflow permissions.
Two things to be aware of:
- The asset will be named after the actual zip filename rather than
${{ github.event.repository.name }}.zipif keeping the old name matters, add a rename step before upload. - If the repo's default
GITHUB_TOKENpermissions are read-only, the job needs an explicitpermissions: contents: write.
Since actions/upload-release-asset has been archived since 2021 and won't receive security or Node-runtime updates, I'd still suggest making the switch in this PR while we're already touching this workflow.
|
|
||
| jobs: | ||
| lint_and_test: | ||
| uses: ./.github/workflows/ci.yml |
There was a problem hiding this comment.
With workflow_call, secrets are not passed automatically; the caller must add secrets: inherit (or ci.yml must declare the secret under on.workflow_call.secrets). As written, every release-triggered run will execute E2E with an empty CLOUDINARY_E2E_URL, which will silently test the wrong target or fail; blocking the deploy since deploy_to_wp_repository has needs: lint_and_test.
| uses: ./.github/workflows/ci.yml | |
| uses: ./.github/workflows/ci.yml | |
| secrets: inherit |
4 participants
Deployment process
This is what the production release process will look like from now on:
1. Prepare master branch
This is pretty much as before:
master.versionandpackage.jsonreadme.txtchangelog2 Create and publish GH release
This is also similar to what was done before:
masterreadme.txt)3. The GH workflow
Publishing the release will automatically trigger
.github/workflows/deploy-to-wp-org.yml, which:npm run build)build/and update version references (viagrunt prepare)trunk/, createstags/<version>/, and updatesassets/QA notes