faraj
/
go-cursor-help
mirror of https://github.com/yuaotian/go-cursor-help.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

chore: update GitHub Actions workflows for improved tagging and release process 

- Changed GITHUB_TOKEN reference in auto-tag.yml to use the standard token for better security.
- Added debug steps in both workflows to enhance visibility into the release process and check permissions.
- Updated permissions in release.yml to explicitly define required access levels for contents, packages, and actions.
- Refined the conditional execution for the release job to ensure it only runs when a valid version is generated.
pull/122/head v0.0.17
煎饼果子卷鲨鱼辣椒 5 months ago
parent
1e4f2457c2
commit
84cd8c15c7
2 changed files with 38 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 20
      .github/workflows/auto-tag.yml
  2. 22
      .github/workflows/release.yml

20
.github/workflows/auto-tag.yml
View File

@ -64,7 +64,7 @@ jobs:
- name: Create new tag - name: Create new tag
env: env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: | run: |
new_tag=${{ steps.get_latest_tag.outputs.version }} new_tag=${{ steps.get_latest_tag.outputs.version }}
git config --global user.name 'github-actions[bot]' git config --global user.name 'github-actions[bot]'
@ -90,13 +90,27 @@ jobs:
echo "---" echo "---"
echo "Direct version value: ${{ steps.get_latest_tag.outputs.version }}" echo "Direct version value: ${{ steps.get_latest_tag.outputs.version }}"
- name: Debug Release Trigger
run: |
echo "Auto-tag completed successfully"
echo "Version to be released: ${{ steps.get_latest_tag.outputs.version }}"
echo "Checking release conditions:"
echo " - Version not empty: ${{ steps.get_latest_tag.outputs.version != '' }}"
echo " - Current job status: ${{ job.status }}"
release: release:
needs: auto-tag needs: auto-tag
permissions:
contents: write
packages: write
actions: write
if: | if: |
always() &&
needs.auto-tag.result == 'success' && needs.auto-tag.result == 'success' &&
needs.auto-tag.outputs.version != '' needs.auto-tag.outputs.version != ''
uses: ./.github/workflows/release.yml uses: ./.github/workflows/release.yml
with: with:
version: ${{ needs.auto-tag.outputs.version }} version: ${{ needs.auto-tag.outputs.version }}
secrets: inherit
secrets:
RELEASE_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
PASSPHRASE: ${{ secrets.PASSPHRASE }}

22
.github/workflows/release.yml
View File

@ -21,7 +21,10 @@ on:
tags: tags:
- "v*" - "v*"
permissions: write-all
permissions:
contents: write
packages: write
actions: write
jobs: jobs:
goreleaser: goreleaser:
@ -29,6 +32,23 @@ jobs:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
timeout-minutes: 15 timeout-minutes: 15
steps: steps:
- name: Check Permissions
run: |
echo "Checking required permissions..."
TOKEN="${{ secrets.RELEASE_TOKEN }}"
if [ -z "$TOKEN" ]; then
echo "::error::RELEASE_TOKEN is not set"
exit 1
fi
echo "Token permissions check passed"
- name: Debug Workflow Trigger
run: |
echo "Event name: ${{ github.event_name }}"
echo "Ref: ${{ github.ref }}"
echo "Version input: ${{ inputs.version }}"
echo "Token exists: ${{ secrets.RELEASE_TOKEN != '' }}"
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with:

Write Preview
Loading…
Cancel
Save