0857653338
This was found by auditing workflows based on research published here: https://github.com/joeyparrish/workflow-cheat-sheet The research was prompted by a workflow bug in Shaka Streamer |
||
|---|---|---|
| .. | ||
| README.md | ||
| build-docker.yaml | ||
| build-docs.yaml | ||
| build-matrix.json | ||
| build.yaml | ||
| lint.yaml | ||
| pr.yaml | ||
| publish-docker.yaml | ||
| publish-docs.yaml | ||
| publish-npm.yaml | ||
| release-please.yaml | ||
| settings.yaml | ||
| sync-labels.yaml | ||
| test-linux-distros.yaml | ||
| update-issues.yaml | ||
| validate-pr-title.yaml | ||
README.md
GitHub Actions CI
Reusable workflows
-
build.yaml: Build and test all combinations of OS & build settings. Also builds docs on Linux. -
build-docs.yaml: Build Packager docs. Runs only on Linux. -
build-docker.yaml: Build the official Docker image. -
lint.yaml: Lint Shaka Packager. -
publish-docs.yaml: Publish Packager docs. Runs on the latest release. -
publish-docker.yaml: Publish the official docker image. Runs on all releases. -
publish-npm.yaml: Publish binaries to NPM. Runs on all releases. -
test-linux-distros.yaml: Test the build on all Linux distros via docker.
Composed workflows
- On PR (
pr.yaml), invoke:lint.yamlbuild.yamlbuild-docs.yamlbuild-docker.yamltest-linux-distros.yaml
Release workflow
release-please.yaml- Updates changelogs, version numbers based on conventional commits syntax and semantic versioning
- Generates/updates a PR on each push
- When the PR is merged, runs additional steps:
- Creates a GitHub release
- Invokes
publish-docs.yamlto publish the docs - Invokes
publish-docker.yamlto publish the docker image - Invokes
build.yaml - Attaches the binaries from
build.yamlto the GitHub release - Invokes
publish-npm.yamlto publish the binaries to NPM
Common workflows from shaka-project
sync-labels.yamlupdate-issues.yamlvalidate-pr-title.yaml
Required Repo Secrets
RELEASE_PLEASE_TOKEN: A PAT forshaka-botto run therelease-pleaseaction. If missing, the release workflow will use the defaultGITHUB_TOKENDOCKERHUB_CI_USERNAME: The username of the Docker Hub CI accountDOCKERHUB_CI_TOKEN: An access token for Docker Hub- To generate, visit https://hub.docker.com/settings/security
DOCKERHUB_PACKAGE_NAME: Not a true "secret", but stored here to avoid someone pushing bogus packages to Docker Hub during CI testing from a fork- In a fork, set to a private name which differs from the production one
NPM_CI_TOKEN: An "Automation"-type access token for NPM for theshaka-botaccount- To generate, visit https://www.npmjs.com/settings/shaka-bot/tokens and select the "Automation" type
NPM_PACKAGE_NAME: Not a true "secret", but stored here to avoid someone pushing bogus packages to NPM during CI testing from a fork- In a fork, set to a private name which differs from the production one
Repo Settings
Each of these workflow features can be enabled by creating a "GitHub Environment" with the same name in your repo settings. Forks will not have these enabled by default.
debug: enable debugging via SSH after a failureself_hosted: enable self-hosted runners in the build matrix