I have an application which is in a private github repo, and am wondering if the releases could be made public so that the app can auto-update itself from github instead of us having to host it.
Additionally I'm wondering if it's possible to use the github api from the deployed app to check for new updates.
A workaround would be to create a public repo, composed of:
empty commits (git commit --allow-empty)
each commit tagged
each tag with a release
each release with the deliveries (the binaries of your private app)
That way, you have a visible repo dedicated for release hosting, and a private repos for source development.
As #VonC mentioned we have to create a second Repository for that. This is not prohibited and i am doing it already. With github workflows i automated this task, I'm using a develop / master branching, so always when I'm pushing anything to the master branch a new version is build and pushed to the public "Realease" Repo.
In my specific use case I'm building an android apk and releasing it via unoffical github api "hub". Some additional advantage of this is you can have an extra issue tracker for foreign issues and bugs.
name: Master CI CD
# using checkout#v2 instead of v1 caus it needs further configuration
on:
pull_request:
types: [closed]
jobs:
UnitTest:
runs-on: ubuntu-latest
if: github.event.pull_request.merged
steps:
- uses: actions/checkout#v2
- name: make executable
run: chmod +x gradlew
- name: Unit tests
run: |
./gradlew test
IncrementVersionCode:
needs: UnitTest
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: set up JDK 1.8
uses: actions/setup-java#v1
with:
java-version: 1.8
- name: make executable
run: chmod +x gradlew
- name: increment version
run: ./gradlew incrementVersionCode
- name: Push new version to master
run: |
git config --local user.email "workflow#bot.com"
git config --local user.name "WorkflowBot"
git commit -m "Increment Build version" -a
# maybe better amend commits to avoid bot commits
BuildArtifacts:
needs: IncrementVersionCode
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: set up JDK 1.8
uses: actions/setup-java#v1
with:
java-version: 1.8
- name: make executable
run: chmod +x gradlew
- name: Build with Gradle
run: ./gradlew build -x lint
- name: Rename artifacts
run: |
cp app/build/outputs/apk/release/app-release.apk MyApp.apk
- name: Upload Release
uses: actions/upload-artifact#master
with:
name: Release Apk
path: MyApp.apk
- name: Upload Debug
uses: actions/upload-artifact#master
with:
name: Debug Apk
path: app/build/outputs/apk/debug/app-debug.apk
# https://dev.to/ychescale9/running-android-emulators-on-ci-from-bitrise-io-to-github-actions-3j76
E2ETest:
needs: BuildArtifacts
runs-on: macos-latest
strategy:
matrix:
api-level: [21, 27]
arch: [x86]
steps:
- name: checkout
uses: actions/checkout#v2
- name: Make gradlew executable
run: chmod +x ./gradlew
- name: run tests
uses: reactivecircus/android-emulator-runner#v2
with:
api-level: ${{ matrix.api-level }}
arch: ${{ matrix.arch }}
script: ./gradlew connectedCheck
Deploy:
needs: E2ETest
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
steps:
- uses: actions/checkout#v2 # Needed for gradle file to get version information
- name: Get Hub
run: |
curl -fsSL https://github.com/github/hub/raw/master/script/get | bash -s 2.14.1
cd bin
chmod +x hub
cd ..
- name: Get Apk
uses: actions/download-artifact#master
with:
name: Release Apk
- name: Publish
env:
GITHUB_TOKEN: "${{ secrets.RELEASE_REPO_SECRET }}"
run: |
APP_NAME=MyApp
VERSION_NAME=`grep -oP 'versionName "\K(.*?)(?=")' ./app/build.gradle`
VERSION_CODE=`cat version.properties | grep "VERSION_CODE" | cut -d'=' -f2`
FILENAME="${APP_NAME}-v${VERSION_NAME}-${VERSION_CODE}"
TAG="v${VERSION_NAME}-${VERSION_CODE}"
TAG="latest-master"
echo $APP_NAME
echo $VERSION_NAME
echo $VERSION_CODE
echo $FILENAME
echo $TAG
git clone https://github.com/MyUser/MyApp-Releases
cd MyApp-Releases
./../bin/hub release delete "${TAG}" || echo "Failed deleting TAG: ${TAG}" # If release got lost catch error with message
./../bin/hub release create -a "../${APP_NAME}.apk" -m "Current Master Build: ${FILENAME}" -p "${TAG}"
EvaluateCode:
needs: Deploy
runs-on: ubuntu-latest
steps:
- name: Get Hub
run: |
echo "TDOO: Run Jacoco for coverage, and other profiling tools"
The 2022 answer to this question is even more straight-forward.
You'd just need to use the pre-installed gh CLI:
gh release create v0.0.1 foobar.zip -R https://github.com/your/repo-here
This command will create a tag v0.0.1 and a release with the local file foobar.zip attached on the public repository. You can run this in the GitHub Action of any private repository.
The -R argument points to the repository you'd like to create a tag/release on. foobar.zip would be located in your local directory.
One thing is important here: GITHUB_TOKEN must still be set as the token of the repository you'd like to release on!
Full example:
- name: Publish
env:
GITHUB_TOKEN: "${{ secrets.RELEASE_REPO_SECRET }}"
run: |
gh release create v0.0.1 foobar.zip -R https://github.com/your/repo-here
If you're planning to re-release and override existing versions, there is gh release delete as well. The -d flag creates a release as a draft etc. pp. Please take a look at the docs.
I'm using a slightly more advanced approach by setting:
shell: bash
run: $GITHUB_ACTION_PATH/scripts/publish.sh
And in file scripts/publish.sh:
#!/usr/bin/env node
const cp = require('child_process')
const fs = require('fs');
const path = require('path');
const APP_VERSION = JSON.parse(fs.readFileSync('package.json', { encoding: 'utf8' })).version
const TAG = `v${APP_VERSION}`
cp.execSync(`gh release create ${TAG} foobar.zip -R https://github.com/your/repo-name`, { stdio: 'inherit' })
This approach enables you to be able to for example, use Node.js or any other programming language available, to extract a version from the project management file of choice (e.g. package.json) and automatically come up with the right tag version and name.
A simple way to duplicate releases from a private repo to a public one may be this Release & Assets Github Action which can: Create a release, upload release assets, and duplicate a release to other repository.
Then you can use the regular electron-builder updater's support for public repos.
Related
I recently started working on using some GitHub actions on my projects. I am able to setup them up to run automatically but am struggling with having them run manually. I know that you need the have the workflow_dispatch in the on section. I'm not sure if it's not working because I have it automatically run too. Is someone able to tell me what I am doing wrong?
Here is one of my workflow YAML files
name: Create-Doc-Nightly
on:
push:
branches: [ "nightly" ]
paths:
- 'src/**'
- 'pom.xml'
workflow_dispatch:
jobs:
doc:
name: Create Doc
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
name: Step 1 - Checkout Nightly Branch
with:
persist-credentials: false
fetch-depth: 0
- name: Step 2 - Setup JDK 17
uses: actions/setup-java#v3.4.1
with:
java-version: 17
distribution: 'temurin'
- name: Step 3 - Remove Doc
run: |
git remote set-url origin https://jnstockley:${{ secrets.TOKEN }}#github.com/jnstockley/BTTN.git
git config user.email "jack#jstockley.com"
git config --local user.name "Jack Stockley"
git rm -r docs
git commit -m "Removed Docs"
git push origin nightly
- name: Step 4 - Create Doc
run: mvn dokka:dokka -f pom.xml
- name: Step 5 - Move Docs
run: |
rm -rf docs
mkdir -p docs
mv target/dokka/* docs
- name: Step 6 - Publish docs
run: |
git remote set-url origin https://jnstockley:${{ secrets.TOKEN }}#github.com/jnstockley/BTTN.git
git config user.email "jack#jstockley.com"
git config --local user.name "Jack Stockley"
git add -f docs
git commit -m "Updated Docs"
git push origin nightly
Link to GitHub repo, nightly branch: https://github.com/jnstockley/BTTN/tree/nightly
The workflow must be on your default branch in order to use workflow_dispatch.
I believe in your case it's only on the branch nightly while it should also be on main.
To manually trigger a workflow, use the workflow_dispatch event. You can manually trigger a workflow run using the GitHub API, GitHub CLI, or GitHub browser interface. For more information, see Manually running a workflow
on: workflow_dispatch
Providing inputs
You can configure custom-defined input properties, default input values, and required inputs for the event directly in your workflow. When you trigger the event, you can provide the ref and any inputs. When the workflow runs, you can access the input values in the inputs context. For more information, see Contexts
This example defines inputs called logLevel, tags, and environment. You pass values for these inputs to the workflow when you run it. This workflow then prints the values to the log, using the inputs.logLevel, inputs.tags, and inputs.environment context properties.
yaml
on:
workflow_dispatch:
inputs:
logLevel:
description: 'Log level'
required: true
default: 'warning'
type: choice
options:
- info
- warning
- debug
tags:
description: 'Test scenario tags'
required: false
type: boolean
environment:
description: 'Environment to run tests against'
type: environment
required: true
jobs:
log-the-inputs:
runs-on: ubuntu-latest
steps:
- run: |
echo "Log level: $LEVEL"
echo "Tags: $TAGS"
echo "Environment: $ENVIRONMENT"
env:
LEVEL: ${{ inputs.logLevel }}
TAGS: ${{ inputs.tags }}
ENVIRONMENT: ${{ inputs.environment }}
If you run this workflow from a browser you must enter values for the required inputs manually before the workflow will run.
You might like the following documentation links
workflow_dispatch
github docs - events-that-trigger-workflows
I would like to publish an extension automatically to TER by using the Github actions and tailor, the CLI Tool for maintaining public TYPO3 Extensions . This works perfectly fine with the following workflow configuration:
name: TYPO3 Extension TER Release
on:
push:
tags:
- '*'
jobs:
publish:
name: Publish new version to TER
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-20.04
env:
TYPO3_EXTENSION_KEY: ${{ secrets.TYPO3_EXTENSION_KEY }}
TYPO3_API_TOKEN: ${{ secrets.TYPO3_API_TOKEN }}
steps:
- name: Checkout repository
uses: actions/checkout#v2
- name: Check tag
run: |
if ! [[ ${{ github.ref }} =~ ^refs/tags/[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ ]]; then
exit 1
fi
- name: Get version
id: get-version
run: echo ::set-output name=version::${GITHUB_REF/refs\/tags\//}
- name: Get comment
id: get-comment
run: |
readonly local comment=$(git tag -n10 -l ${{ steps.get-version.outputs.version }} | sed "s/^[0-9.]*[ ]*//g")
if [[ -z "${comment// }" ]]; then
echo ::set-output name=comment::Released version ${{ steps.get-version.outputs.version }} of ${{ env.TYPO3_EXTENSION_KEY }}
else
echo ::set-output name=comment::$comment
fi
- name: Setup PHP
uses: shivammathur/setup-php#v2
with:
php-version: 7.4
extensions: intl, mbstring, json, zip, curl
tools: composer:v2
- name: Install tailor
run: composer global require typo3/tailor --prefer-dist --no-progress --no-suggest
- name: Publish to TER
run: php ~/.composer/vendor/bin/tailor ter:publish --comment "${{ steps.get-comment.outputs.comment }}" ${{ steps.get-version.outputs.version }}
Since my extension depends on a third party PHP library (which is loaded if the extension is installed with composer) I need to add this library on the fly, when the extension gets deployed to the TER. Therefore I added in Resources/Private/PHP/ a composer.json and a composer.lock.
Now I would like to tell tailor to execute composer install in Resources/Private/PHP/ and package the extension including the external library. Is this possible? If so, how?
Generally it is useful to put everything in Composer command scripts so that you are actually able to execute actions without depending on Github actions or a CI in general.
For example you could add a few commands like this:
{
"scripts": {
"build:cleanup": [
"git reset --hard",
"git clean -xfd"
],
"deploy:ter:setup": [
"#composer global require clue/phar-composer typo3/tailor"
],
"build:ter:vendors": [
"(mkdir -p /tmp/vendors && cd /tmp/vendors && composer require acme/foo:^1.0 acme/bar:^2.0 && composer global exec phar-composer build -v)",
"cp /tmp/vendors/vendors.phar ./Resources/Private/libraries.phar",
"echo \"require 'phar://' . \\TYPO3\\CMS\\Core\\Utility\\ExtensionManagementUtility::extPath('$(composer config extra.typo3/cms.extension-key)') . 'Resources/Private/libraries.phar/vendor/autoload.php';\" >> ext_localconf.php"
],
"deploy:ter:upload": [
"composer global exec -v -- tailor ter:publish --comment \"$(git tag -l --format='%(contents)' $TAG)\" $TAG"
],
"deploy:ter": [
"#build:cleanup",
"#deploy:ter:setup",
"#build:ter:vendors",
"#deploy:ter:upload"
]
}
}
The various scripts explained:
build:cleanup drops all pending files to ensure no undesired files are uploaded to the TER
build:ter:setup installs typo3/tailor for the TER upload and clue/phar-composer for building a Phar of your vendor dependencies
build:ter:vendors installs a manually maintained list of dependencies in a temporary directory and builds a Phar from that; it then copies that Phar to the current directory and adds a require call to your ext_localconf.php
deploy:ter:upload finally invokes Tailor to upload the current directory including the Phar and the ext_localconf.php adjustment and fetches the comment of the specified Git tag; notice that tagging should be done with --message here to have an annotated Git tag (e.g. git tag -a 1.2.3 -m "Bugfix release")
Now assuming you export/provide the environment variables TYPO3_API_USERNAME, TYPO3_API_PASSWORD and TAG you can instantly deploy the latest release like this:
# Provide username and password for TER, if not done yet
export TYPO3_API_USERNAME=YourName
export TYPO3_API_PASSWORD=YourSecretPassword
# Provide the tag to deploy
TAG=1.2.3 composer deploy:ter
Subsequently the related Github action becomes very simple:
jobs:
build:
# ...
release-ter:
name: TYPO3 TER release
if: startsWith(github.ref, 'refs/tags/')
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
- name: Deploy to TER
env:
TYPO3_API_USERNAME: ${{secrets.TYPO3_API_USERNAME}}
TYPO3_API_PASSWORD: ${{secrets.TYPO3_API_PASSWORD}}
TAG: ${{github.ref_name}}
run: composer deploy:ter
Here is a live example:
.github/workflows/ci.yml
composer.json
How can I push some files that were generated by the runner (user1/repo1) to the main branch from another remote repo (user2/repo1) via GitHub actions?
Please note that:
I set-up a secret key (named ACCESS_TOKEN) in user1/repo1, such that it corresponds to the Personal Access Token from the destination repo (user2/repo1)
the GitHub actions needs to be repeated every ~30 minutes
there already exists a file.rds in the destination repo. The push thus needs to override that file every time
the runner needs to be macOS-latest
This is what I have tried so far:
name: gitaction
on:
schedule:
- cron: "*/30 * * * *"
workflow_dispatch:
jobs:
genFileAndPush:
runs-on: macOS-latest
steps:
- uses: actions/checkout#master
- uses: r-lib/actions/setup-r#master
with:
r-version: '4.1.2'
- name: Run R scripts and generate file
run: |
saveRDS(1:3, file = "file.rds")
shell: Rscript {0}
- name: Push to remote repository
run: |
git config --local user.name actions-user
git config --local user.email "actions#github.com"
git add file.rds
git commit -m "commit"
git remote set-url origin https://env.REPO_KEY#github.com/user2/repo1.git
git push -u origin main
env:
REPO_KEY: ${{secrets.ACCESS_TOKEN}}
username: github-actions
It returns the following error:
remote: Permission to user2/repo1.git denied to github-actions[bot].
fatal: unable to access 'https://github.com/user2/repo1.git/': The requested URL returned error: 403
Error: Process completed with exit code 128.
What am I missing?
Edit
As suggested, I tried using GuillaumeFalourd/git-commit-push#v1.1:
name: gitaction
on:
workflow_dispatch:
jobs:
genFileAndPush:
runs-on: macOS-latest
steps:
- uses: actions/checkout#master
- uses: r-lib/actions/setup-r#master
with:
r-version: '4.1.2'
- name: Run R scripts and generate file
run: |
saveRDS(1:3, file = "file.rds")
shell: Rscript {0}
- uses: actions/checkout#v2.3.4
- uses: GuillaumeFalourd/git-commit-push#v1.1
with:
target_branch: main
files: file.rds
remote_repository: https://github.com/user2/repo1
access_token: ${{secrets.ACCESS_TOKEN}}
force: true
Although there were no error, the file was not pushed (because it was not detected?):
Run GuillaumeFalourd/git-commit-push#v1.1
Run CURRENT_BRANCH=${GITHUB_REF}
WARNING: No changes were detected. git commit push action aborted.
There are some actions on the Github Marketplace that can help you with pushing files to other repositories.
Here is an example of one supported on all OS runners.
The workflow would look like this:
name: gitaction
on:
workflow_dispatch:
jobs:
genFileAndPush:
runs-on: macOS-latest
steps:
- uses: actions/checkout#master
- uses: r-lib/actions/setup-r#master
with:
r-version: '4.1.2'
- name: Run R scripts and generate file
run: |
saveRDS(1:3, file = "file.rds")
shell: Rscript {0}
- uses: GuillaumeFalourd/git-commit-push#v1.3
with:
target_branch: main
files: file.rds
remote_repository: https://github.com/user2/repo1
access_token: ${{secrets.ACCESS_TOKEN}}
force: true
You can find more actions like this one on the marketplace.
Otherwise, you can also perform the whole operation manually using command lines to clone the remote repository, copy the files from the local repo wherever you want on the remote repo, then push the new files to the remote repository.
I have npm publish github actions, I want to run this action if my commit has tag, otherwise I don't want to run my action because of that if I do not add any tag my commit then action is run and failed because it try to publish already publish npm package with same tag. For example with my last commit I have tag 1.2.3 and my npm package was publish with 1.2.3 version. When I add new commit to my branch without any tag actions try to publish my package with 1.2.3 version tag so it failed. Here my actions code below, is there any solution for it.
Thanks for advive.
name: NPM Publish
on:
push:
branches:
- master
tags:
- v*
jobs:
build:
name: Build 🏗 & Publish 🚀
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v1
- uses: actions/setup-node#v2.4.0
with:
node-version: 12
registry-url: https://registry.npmjs.org/
- run: npm install
- run: npm publish --access public
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
I need something like that on yml file
if(git_commit has tag) continue job else stop job;
EDITTED VERSION
I edit my yml file base on #Enrico Campidoglio suggestion but still is does not work. I made two commit first one without tag and it canceled the action but second one has tag it still canceled action. Is there any new suggestion or solution ?
name: NPM Publish
on:
push:
branches:
- master
jobs:
build:
name: Build 🏗 & Publish 🚀
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v1
- uses: actions/setup-node#v2.4.0
with:
node-version: 12
registry-url: https://registry.npmjs.org/
- run: echo "GIT_COMMIT=`echo $(git rev-parse --short HEAD)`" >> $GITHUB_ENV
- run: echo "GIT_TAG=`echo $(git describe --tags --exact-match ${{ env.GIT_COMMIT }} || :)`" >> $GITHUB_ENV
- run: echo ${{ env.GIT_TAG }} != v*
- run: |
if [[ ${{ env.GIT_TAG }} == v* ]] ; then
echo "Tag found..."
else
echo "No git tag found, action cancelled..."
exit 1
fi
- uses: andymckay/cancel-action#0.2
if: ${{ env.GIT_TAG }} != v*
- run: npm install
- run: npm publish --access public
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
there is action result I cannot figure out what is the problem,
here the lastest failed action: https://github.com/sametcelikbicak/enum2array/runs/3513521031?check_suite_focus=true
I found the solution finally after too many tried. I changed my mind and try to run shell script and it works :)
Just add that line in my yml file
- name: Check Git Tag to continue publish
run: ./scripts/publish.sh
and I created a sh file for control the commit tag. You can find the latest script and yml file definitions below
Here is my lastest yml file, npm-publish.yml
name: NPM Publish
on:
push:
branches:
- master
jobs:
build:
name: Build 🏗 & Publish 🚀
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v1
- uses: actions/setup-node#v2.4.0
with:
node-version: 12
registry-url: https://registry.npmjs.org/
- name: Check Git Tag to continue publish
run: ./scripts/publish.sh
- run: npm install
- run: npm publish --access public
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
Here is my script file, publish.sh
#!/usr/bin/env bash
GIT_COMMIT=$(git rev-parse --short HEAD)
GIT_TAG=$(git describe --tags --exact-match $COMMIT || :)
if [[ ${GIT_TAG} == v* ]] ; then
echo "$GIT_TAG Tag found..."
else
echo "No git tag found, action cancelled..."
exit 1
fi
For the time being, there isn't an official action to cancel the current workflow. There is, however, an official GitHub API and a third-party action that invokes it. You could combine it with an if conditional and the github context to achieve what you want:
steps:
- uses: andymckay/cancel-action#0.2
if: startsWith(github.ref, 'refs/tags')
Be aware that cancelling a workflow through the API is an asynchronous operation, which means that later steps might still get executed until the workflow runner handles the request.
A much more solid approach would be to put a condition on your publishing step to only run when the workflow was triggered by a new tag:
steps:
- run: npm publish --access public
if: startsWith(github.ref, 'refs/tags')
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
I have defined a little github action workflow, which is supposed to compile a kss-styleguide from scss.
The steps of that workflow basically trigger building the resulting css and the respective kss-styleguide.
When I run the build process locally on my dev machine the built styleguide is written to the styleguide folder located in the root of my project.
However on github, despite everything being marked off green, I don't know, what or where the resulting files are being written to.
How can I deploy the generated styleguide, if I don't know where it is?
Here's my yaml file for this workflow:
name: Node.js CI
on:
push:
branches: [ mk-node-ci ]
pull_request:
branches: [ mk-node-ci ]
jobs:
build:
name: Build Styleguide
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [14.x]
steps:
- uses: actions/checkout#v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node#v1
with:
node-version: ${{ matrix.node-version }}
- uses: borales/actions-yarn#v2.0.0
with:
cmd: install
env:
NODE_ENV: development
- name: "build CSS files"
uses: borales/actions-yarn#v2.0.0
with:
cmd: "build:css"
- name: "build styleguide files"
uses: borales/actions-yarn#v2.0.0
with:
cmd: "build:styleguide"
Updated 2020.10.14 19:25 GMT
GitHub Actions are performed on a separate "clean" Runner Machine.
actions/checkout#v2 is an action that copies your repository to that machine — typically, to perform tests etc.
In order to get produced results (like modified files) from runner machine back to the original repository, we can use:
(1) upload-artifact action.
(2) git push.
For example, here is my script to modify files from the source directory and put them into the output directory (I run it as an action (bash script): - run: wrap.sh). The script wrap.sh:
echo "Copy directory structure from 'in' to 'out':";
find ./in -type d | while read i;
do
if [ ! -d "${i/in/out}" ]; then
mkdir "${i/in/out}"
echo "${i/in/out}";
fi
done
echo "Wrap files:";
find ./in -type f -name "*" | while read i;
do
echo "${i/in/out}";
cat ./tpl/header.html "$i" ./tpl/footer.html >"${i/in/out}"
git add "${i/in/out}"
done
git config user.name "chang-zhao"
git commit . -m "Wrapping"
git push origin main
Here git add "${i/in/out}" is adding to git a new file with that name. git config user.name "..." is required for the commit to work. git commit . -m "Wrapping" is the commit that puts new files into the repository ("Wrapping" is a name I gave to such commits).
This way files produced on a runner server get pushed to the original repository.