Mirror-Tools
/
shaka-packager
mirror of https://github.com/shaka-project/shaka-packager.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
shaka-packager/.github/workflows
History
Joey Parrish acafc0fd93 Make CI workflows safe when testing in a fork 
Testing CI workflows is a pain.  This usually involves forking the
main repo and testing various operations there, where the results will
not break the main repo.

However, some things like NPM and Docker package names were initially
hard-coded.  This meant that a fork would need to customize those in
the workflows to avoid pushing official-looking packages during CI
testing.

This change moves those hard-coded names to GitHub Secrets.  Though
the names are not actually secret, the secret store is per-repo, and
will be independent in a fork.  This makes it easier to avoid
accidentally pushing official-looking releases during testing, even if
the fork has access to the same auth tokens.

Change-Id: Ide8f7aa92a028dd217200fca60881333bf8ae579
 		2021-06-17 13:36:59 -07:00
..
custom-actions Refactor actions and workflows 2021-06-17 10:32:24 -07:00
README.md Make CI workflows safe when testing in a fork 2021-06-17 13:36:59 -07:00
build_and_test.yaml Refactor actions and workflows 2021-06-17 10:32:24 -07:00
docker_hub_release.yaml Make CI workflows safe when testing in a fork 2021-06-17 13:36:59 -07:00
github_release.yaml Refactor actions and workflows 2021-06-17 10:32:24 -07:00
npm_release.yaml Make CI workflows safe when testing in a fork 2021-06-17 13:36:59 -07:00
update_docs.yaml Refactor actions and workflows 2021-06-17 10:32:24 -07:00

README.md

GitHub Actions CI

Actions

  • custom-actions/build-packager: Builds Shaka Packager. Leaves build artifacts in the "artifacts" folder. Requires OS-dependent and build-dependent inputs.
  • custom-actions/test-packager: Tests Shaka Packager. Requires OS-dependent and build-dependent inputs.
  • custom-actions/build-docs: Builds Shaka Packager docs.

Workflows

  • On PR:
    • build_and_test.yaml: Builds and tests all combinations of OS & build settings. Also builds docs.
  • On release tag:
    • github_release.yaml: Creates a draft release on GitHub, builds and tests all combinations of OS & build settings, builds docs on all OSes, attaches static release binaries to the draft release, then fully publishes the release.
  • On release published:
    • docker_hub_release.yaml: Builds a Docker image to match the published GitHub release, then pushes it to Docker Hub.
    • npm_release.yaml: Builds an NPM package to match the published GitHub release, then pushes it to NPM.
    • update_docs.yaml: Builds updated docs and pushes them to the gh-pages branch.

Required Repo Secrets

  • DOCKERHUB_CI_USERNAME: The username of the Docker Hub CI account
  • DOCKERHUB_CI_TOKEN: An access token for Docker Hub
  • DOCKERHUB_PACKAGE_NAME: Not a true "secret", but stored here to avoid someone pushing bogus packages to Docker Hub during CI testing from a fork
    • In a fork, set to a private name which differs from the production one
  • NPM_CI_TOKEN: An "Automation"-type access token for NPM for the shaka-bot account
  • NPM_PACKAGE_NAME: Not a true "secret", but stored here to avoid someone pushing bogus packages to NPM during CI testing from a fork
    • In a fork, set to a private name which differs from the production one
  • SHAKA_BOT_TOKEN: A GitHub personal access token for the shaka-bot account, with workflow scope