Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for release workflow #65

Open
wesleytodd opened this issue Oct 13, 2023 · 15 comments
Open

Support for release workflow #65

wesleytodd opened this issue Oct 13, 2023 · 15 comments

Comments

@wesleytodd
Copy link
Member

I would love to see a managed release workflow here as well. I see two ways we could go:

  1. Release Please
  2. Call version and release package.json scripts

I personally like the first option a lot, but I know that is more opinionated. Maybe we could even have both?

@ljharb
Copy link
Member

ljharb commented Oct 13, 2023

We shouldn’t use a single factor approach, but if we can get a two factor one that sounds great.

@wesleytodd
Copy link
Member Author

As much as I agree, there is not one today which can do this. We have discussed this in a few different forums, but I don't see any solutions here other than author local machine, and that is just not what users want nor is it was is best for projects other than ones with authors like you who are deeply invested in the ecosystem.

@ljharb
Copy link
Member

ljharb commented Oct 13, 2023

There is if you use an external service, like Step Security's "wait for secrets" mechanism.

@wesleytodd
Copy link
Member Author

Got a link? Haven't seen that one yet.

@ljharb
Copy link
Member

ljharb commented Oct 13, 2023

https://github.com/step-security/wait-for-secrets - i use it on eslint-plugin-react. There's also https://github.com/GoogleCloudPlatform/wombat-dressing-room, but that requires you to deploy something yourself.

@wesleytodd
Copy link
Member Author

Yeah wombat dressing room was the one I knew about. I will check out wait-for-secrets. I am happy if we can get a good solution here, so if that is it I am onboard.

@dominykas
Copy link
Member

This does not publish anything to npm - does 2FA even apply?

@wesleytodd
Copy link
Member Author

My proposal was that it would also have a workflow which did release. I was thinking it could be separate, but since this is just called action I assumed it might make sense for it to contain more than just the test setup.

@dominykas
Copy link
Member

workflow which did release
[..]
more than just the test setup.

Sorry, not sure what you mean?

@wesleytodd
Copy link
Member Author

wesleytodd commented Oct 17, 2023

I am proposing we add a new workflow for release/publish.

@dominykas
Copy link
Member

Yeah, that's fine, but in the context of 2FA - do we need anything? This repo is not publishing anything on npm, and internal Github stuff can be handled by the token, or am I missing something?

@wesleytodd
Copy link
Member Author

I think @ljharb was pointing out that providing a release workflow to other repos without 2FA was an issue.

@dominykas
Copy link
Member

dominykas commented Oct 20, 2023

Oh, OK, yeah, that I agree on. I assumed this was about having a release workflow in here, but the request here is about providing a workflow for others to use, right?

@ljharb
Copy link
Member

ljharb commented Oct 20, 2023

Yes, that was my understanding.

@wesleytodd
Copy link
Member Author

wesleytodd commented Oct 20, 2023

Yep, that was my thought, a workflow for others to use. I was just trying to think of things that would get more folks setup without having to do it all on their own.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants