Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

patch: introducing github actions (WinGet) #3780

Merged
merged 5 commits into from Dec 19, 2022
Merged

patch: introducing github actions (WinGet) #3780

merged 5 commits into from Dec 19, 2022

Conversation

mcraa
Copy link
Contributor

@mcraa mcraa commented Jul 5, 2022

patch: introducing github actions
winget release, EP auto update, release build

Change-Type: patch

@ghost
Copy link

ghost commented Jul 5, 2022
edited by ghost

The preview site has been deleted.

@mcraa mcraa mentioned this pull request Jul 6, 2022
Merged
@mcraa mcraa closed this Oct 14, 2022
@mcraa mcraa reopened this Oct 14, 2022
@mcraa mcraa changed the title patch: introducing github actions patch: introducing github actions (WinGet) Oct 14, 2022
@ab77
Copy link
Contributor

ab77 commented Nov 8, 2022

@mcraa do we want to do this still?

@ab77
Copy link
Contributor

ab77 commented Nov 8, 2022

@mcraa @builder555 @zwhitchcox this looks like a great first step to automating some more of these: https://en.wikipedia.org/wiki/List_of_software_package_management_systems

I would suggest we also consider brew and potentially macports (especially given our community brew maintainer has pulled out).

The ideal place for these steps to live would be in .github/actions/finalize/action.yml, since this action finalises GH releases and moves the latest pointer.

@mcraa
Copy link
Contributor Author

mcraa commented Nov 9, 2022

@ab77 yes,
need to fix the commithash of the action (instead of master) for security reasons, and need to get a token, or PR an update to be able to pass a token instead using always secrets.Winget_token

@ab77
Copy link
Contributor

ab77 commented Nov 10, 2022

@ab77 yes, need to fix the commithash of the action (instead of master) for security reasons, and need to get a token, or PR an update to be able to pass a token instead using always secrets.Winget_token

Does the WInget token ever change @mcraa ?

@mcraa
Copy link
Contributor Author

mcraa commented Nov 10, 2022

Does the Winget token ever change @mcraa ?

No it does not. it is just a gh token so the action can open a PR for the microsoft/winget repo.
The action in the PR looks for the secret with a specific name, IMO the token should be passed as a parameter / env var.

@ab77
Copy link
Contributor

ab77 commented Nov 10, 2022

Does the Winget token ever change @mcraa ?

No it does not. it is just a gh token so the action can open a PR for the microsoft/winget repo. The action in the PR looks for the secret with a specific name, IMO the token should be passed as a parameter / env var.

If the token is always the same, we need to store it in a github actions secrets. This way it will be fully protected and only accessible to PRs running in our org (not on forks). Please get the token setup with the ops team in bitwarden and share it with me so I can take of setting up GH secrets.

@mcraa
Copy link
Contributor Author

mcraa commented Nov 10, 2022

i don't know why i remembered wrong but here is the correction:
the token is passed as a parameter

@ab77
Copy link
Contributor

ab77 commented Nov 10, 2022

i don't know why i remembered wrong but here is the correction: the token is passed as a parameter

@mcraa parameters aren't secure, so passing secrets via these is an anti-pattern IMO. Can we make it a secret please?

Also, we need to consider #3853 in the context of package repositories which use PR flow (doesn't scale with auto release cadence).

@mcraa mcraa mentioned this pull request Nov 11, 2022
Closed
ab77
ab77 requested changes Dec 16, 2022
View reviewed changes
Copy link
Contributor

@ab77 ab77 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we please use FLOWZONE existing token here if it will suffice.

@ab77 ab77 self-requested a review December 19, 2022 19:05
@balena-ci balena-ci merged commit 797345f into master Dec 19, 2022
@balena-ci balena-ci deleted the actions branch December 19, 2022 19:40
@Danik1601 Danik1601 mentioned this pull request Oct 22, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ab77 ab77 ab77 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@mcraa @ab77 @balena-ci @vedantmgoyal9