Skip to content

Releasey workflow review #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 10, 2025
Merged

Releasey workflow review #2

merged 3 commits into from
Nov 10, 2025

Conversation

@snazy
Copy link

@snazy snazy commented Nov 8, 2025

No description provided.

snazy
snazy commented Nov 8, 2025
View reviewed changes
.github/workflows/release-3-build-and-publish-artifacts.yml

- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6
uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
Copy link
Author

@snazy snazy Nov 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Must only use use hash-references (see Actions Policy

And also only use action+version that are allowed by the policy, currently approved patterns are here

releasey/libs/_version.sh
local current_version_with_dash
local version_with_dash
current_version_with_dash="$(echo "${old_version//-/--}")"
version_with_dash="$(echo "$version//-/--}")"
Copy link
Author

@snazy snazy Nov 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dangling }

@snazy snazy force-pushed the releasey-workflow-review branch from af380c5 to f65458d Compare November 8, 2025 11:06
@snazy snazy mentioned this pull request Nov 8, 2025
Merged
pingtimeout
pingtimeout reviewed Nov 10, 2025
View reviewed changes
.github/workflows/release-4-publish-release.yml
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
run: |
echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login ghcr.io -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
Copy link
Owner

@pingtimeout pingtimeout Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIUC this is required because the docker/login-action Github Action is not in approved_patterns.yml ?

Copy link
Author

@snazy snazy Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Correct.

releasey/libs/_version.sh
current_version_with_dash="$(echo "${old_version//-/--}")"
version_with_dash="$(echo "$version//-/--}")"
exec_process sed -i~ "s/${current_version_with_dash}/${version_with_dash}/" "$HELM_README_FILE"
current_version_with_dash="${old_version//-/--}"
Copy link
Owner

@pingtimeout pingtimeout Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line is not needed anymore, is it?

Copy link
Author

@snazy snazy Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Correct, feel free to remove it ;)

@pingtimeout pingtimeout merged commit c2760ed into pingtimeout:releasey-workflow Nov 10, 2025
@snazy snazy deleted the releasey-workflow-review branch November 10, 2025 15:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pingtimeout pingtimeout pingtimeout left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snazy @pingtimeout