Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add release workflow #4

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add release workflow #4

wants to merge 1 commit into from

Conversation

dosas
Copy link

@dosas dosas commented Sep 10, 2024

If this gets merged someone with admin rights needs to set the api key for rubygems in the github settings.

@geemus
Copy link
Member

geemus commented Sep 11, 2024

@dosas Hey, could you give me a little more context on how we would use this and the advantages? I've been fine with just doing it locally so far and I'm also not sure how a workflow would work with 2FA, so would appreciate your help understanding the options. Thanks!

@dosas
Copy link
Author

dosas commented Sep 12, 2024

I shamelessly copied the workflow from https://github.com/theforeman/actions/blob/v0/.github/workflows/release-gem.yml

Sadly I have no github project where I have admin rights, so I never configured these settings. @sbernhard I think you configured these settings once, maybe you can add some context here?

I suppose when using a token there is usually no need for 2FA.

The biggest advantage I see as opposed to doing it manual locally is automation (pushing a tag should then automatically trigger a release) and a single source of truth for gems, the CI.

@sbernhard
Copy link

The advantage of this is, you set a tag and its automatically pushed to rubygems. Pretty easy to setup. Just add the RUBYGEMS_API_KEY in the settings:

image

Its possible to set the secret for the organization or per repository.

@geemus
Copy link
Member

geemus commented Sep 15, 2024

I think since I have 2FA turned on this wouldn't work. Looking at their docs it looks like in addition to the API token you need to set an OTP header: https://guides.rubygems.org/rubygems-org-api/. I don't think there is an easy way to do that here, unless I'm missing something. So maybe it's best for me to stick with the more manual process, where I can respond to the 2FA prompt inline. Do let me know if I'm missing something, as I don't want to disable 2FA.

@dosas
Copy link
Author

dosas commented Oct 14, 2024

@geemus I will see if I can change this PR to trusted publishing. Would this be an acceptable solution for you.

In the meantime, could you publish a new version of https://github.com/fog/fog-ovirt ?

@geemus
Copy link
Member

geemus commented Oct 14, 2024

@dosas I need to read up and think about trusted publishing a bit more to decide. I'm certainly happy to publish directly in the mean time, I'll try to do that presently.

@geemus
Copy link
Member

geemus commented Oct 14, 2024

I pushed a PR with version bump/etc, looks like fog-ovirt is setup to require reviews, so I'll wait for that and then try to get it all released soon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants