Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add auto upload assets #601

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

add auto upload assets #601

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ee94cce
add auto upload assets
AsenHu Nov 17, 2024
afcf9d4
Merge branch 'main' into main
AsenHu Nov 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 74 additions & 0 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
name: Upload Release Assets

on:
release:
types: [published]
workflow_dispatch:
inputs:
tag:
description: 'Tag to release'
required: true
type: string
action_id:
description: 'Action ID of the CI run'
required: true
type: string

permissions:
contents: write

jobs:
build:
runs-on: ubuntu-latest

steps:
- name: get latest ci id
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So, the problem I think I see with these steps is there is no check anywhere if the latest CI run is a tag, or if we're even running in a tag at all.

To me, it just looks like it's going to try automatically uploading binaries every single CI run. I don't know how safe that is.

Here's an example of our Docker publish step, we perform actions based on whether we're in a tag or not: https://github.com/girlbossceo/conduwuit/blob/main/.github/workflows/ci.yml#L511

In this case, I only want to run this if I'm running the workflow from a tag.

I also don't really see anything that replaces existing binaries uploaded. So, if I run a workflow, and re-run it, will it upload two binaries?

Can some safety precautions be added?

Copy link
Author

@AsenHu AsenHu Nov 26, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

every single CI run

This workflow is triggered by publishing, it does not run on every single CI run.

on:
  release:
    types: [published]

This means that it will only run if you are on the releases page, click publish release, and select a tag.

So, if I run a workflow, and re-run it, will it upload two binaries?

No, if there is already a file with the same name in the release, it will be overwritten. It is done by the clobber of gh cli.

gh release upload $TAG "$file" --clobber --repo="${{github.repository}}"

This document describes the function of clobber.

Can some safety precautions be added?

Of course, I can make the workflow exit with an error when it is triggered by commit. Or I can make it run only when the workflow is triggered by publishing, so that even if the workflow is accidentally triggered, there will be no problems.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay then I likely misunderstood then. I guess I can just try it out as is and see what happens.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can just enter the action id, and v0.4.7-rc and run it manually, it will upload the action artifact you selected to v0.4.7-rc. You can also run it repeatedly to see if it replaces.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or you can let me do this in my fork, which would be safer.

id: get_ci_id
env:
GH_TOKEN: ${{ github.token }}
run: |
if [ "${{ github.event_name }}" == "workflow_dispatch" ]
then
id="${{ github.event.inputs.action_id }}"
tag="${{ github.event.inputs.tag }}"
else
# get all runs of the ci workflow
json=$(gh api "repos/${{ github.repository }}/actions/workflows/ci.yml/runs")

# find first run that is github sha and status is completed
id=$(echo "$json" | jq ".workflow_runs[] | select(.head_sha == \"${{ github.sha }}\" and .status == \"completed\") | .id" | head -n 1)
if [ ! "$id" ]; then
echo "No completed runs found"
echo "ci_id=0" >> "$GITHUB_OUTPUT"
exit 0
fi

tag="${{ github.event.release.tag_name }}"
fi

echo "ci_id=$id" >> "$GITHUB_OUTPUT"
echo "tag=$tag" >> "$GITHUB_OUTPUT"

- name: get latest ci artifacts
if: steps.get_ci_id.outputs.ci_id != 0
uses: actions/download-artifact@v4
env:
GH_TOKEN: ${{ github.token }}
with:
merge-multiple: true
run-id: ${{ steps.get_ci_id.outputs.ci_id }}
github-token: ${{ github.token }}

- run: |
ls

- name: upload release assets
if: steps.get_ci_id.outputs.ci_id != 0
env:
GH_TOKEN: ${{ github.token }}
TAG: ${{ steps.get_ci_id.outputs.tag }}
run: |
for file in $(find . -type f); do
echo "Uploading $file..."
gh release upload $TAG "$file" --clobber --repo="${{github.repository}}" || echo "Something went wrong, skipping."
done