Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: add winget releaser workflow #2155

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

sitiom
Copy link

@sitiom sitiom commented Oct 16, 2024

Continuation of #637

This action automatically generates manifests for Winget Community Repository (microsoft/winget-pkgs) and submits them.

Before merging this:

  1. Ensure the ${{ secrets.DEPLOY_KEY }} token has the public_repo permission:

example

  1. Fork microsoft/winget-pkgs under @zen-browser. The action will use that fork for making a branch and creating a PR with the upstream winget-pkgs repository on every release.
  2. Install Pull on the winget-pkgs fork to ensure that it is constantly updated.

If you want to see an example of a PR created using this action, see microsoft/winget-pkgs/pulls (Pull request has been created with WinGet Releaser).

@mauro-balades
Copy link
Member

And how does it get approved? Can anyone change it then?

@UnownPlain
Copy link

A Winget moderator will approve it. Anyone can make changes to the package through a PR but it needs to be approved by a moderator.

https://learn.microsoft.com/en-us/windows/package-manager/package/repository#submission-process

@UnownPlain
Copy link

@sitiom I've added the arm installer to the package in microsoft/winget-pkgs#194819. Can you change the regex to also match the arm installers?

zen\.installer-(?:generic|arm64)\.exe$ should work

@dosubot dosubot bot added the size:S This PR changes 10-29 lines, ignoring generated files. label Nov 28, 2024
@sitiom
Copy link
Author

sitiom commented Nov 28, 2024

@sitiom I've added the arm installer to the package in microsoft/winget-pkgs#194819. Can you change the regex to also match the arm installers?

zen\.installer-(?:generic|arm64)\.exe$ should work

Done

@larziwau
Copy link
Contributor

Could you add a space between the actions? so it can look like the entire action

@Akhil373 Akhil373 mentioned this pull request Dec 11, 2024
4 tasks
Copy link

@UnownPlain UnownPlain left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Optimized builds have been removed with version 1.0.2-b.4

https://github.com/zen-browser/desktop/wiki/Why-have-optimized-builds-been-removed%3F

.github/workflows/build.yml Outdated Show resolved Hide resolved
.github/workflows/build.yml Outdated Show resolved Hide resolved
.github/workflows/build.yml Outdated Show resolved Hide resolved
@vikingnope
Copy link

vikingnope commented Jan 14, 2025

I just added Twilight builds to Winget and started writing the whole code for a PR, only to find out that this PR was opened🤣.

I would recommend changing your code to something like the following:

  winget-release:
  name: Winget Release
  runs-on: ubuntu-latest
  needs: [build-data, release]
  steps:
    - name: Winget Twilight Release
      if: ${{ inputs.update_branch == 'twilight' }}
      uses: vedantmgoyal2009/winget-releaser@a3ac67b0c3026bc335a33b722188e3ec769d6a64
      with:
        identifier: Zen-Team.Zen-Browser.Twilight
        version: ${{ needs.build-data.outputs.version }}
        max-versions-to-keep: 1
        installers-regex: 'zen\.installer(-arm64)?\.exe$'
        token: ${{ secrets.WINGET_TOKEN }}

    - name: Winget Stable Release
      if: ${{ inputs.update_branch == 'release' }}
      uses: vedantmgoyal2009/winget-releaser@a3ac67b0c3026bc335a33b722188e3ec769d6a64
      with:
        identifier: Zen-Team.Zen-Browser
        version: ${{ needs.build-data.outputs.version }}
        installers-regex: 'zen\.installer(-arm64)?\.exe$'
        token: ${{ secrets.WINGET_TOKEN }}

@vikingnope
Copy link

For security reasons I would recommend this change for both releases, this ensures that if any malicious code is committed to the workflow, it should not affect this repo:

uses: vedantmgoyal9/winget-releaser@a3ac67b0c3026bc335a33b722188e3ec769d6a64

@sitiom
Copy link
Author

sitiom commented Jan 21, 2025

For security reasons I would recommend this change for both releases, this ensures that if any malicious code is committed to the workflow, it should not affect this repo:

uses: vedantmgoyal9/winget-releaser@a3ac67b0c3026bc335a33b722188e3ec769d6a64

The same could apply to the other actions pinned against a tag; I'm just following the code in the workflow. So it would be up to @mauro-balades

@blu3berryys
Copy link

This can be done by using dependabot aswell

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
size:S This PR changes 10-29 lines, ignoring generated files.
Projects
Status: To Merge
Development

Successfully merging this pull request may close these issues.

6 participants