releasify icon indicating copy to clipboard operation
releasify copied to clipboard
verified publisher icon fastify

Release automation per Fastify org

Open Eomm opened this issue 5 years ago • 3 comments

🚀 Feature Proposal

The manual trigger on github action with easy input of parameter. This lets us build an action on GH that will run releasify and input the OTP: so we could release without the needs of a laptop.

Questions:

  • Will the OTP expires during the workflow?
  • Who is authorized to run the action?

Eomm avatar Jul 17 '20 20:07 Eomm

Will the OTP expires during the workflow?

Unlikely, worst case you can try again. It'd be good to use an "early" OTP.. one that was newly generated.

Who is authorized to run the action?

I think anybody that has commit access to master. This would be ok for plugins, less so for fastify. However most of the tedius work is plugins.. so I think that's ok.

mcollina avatar Jul 17 '20 22:07 mcollina

I was working on it but I didn't think that if I want to release with npm publish I must:

  • login to npm, running npm login
  • provide an NPM TOKEN (that doesn't require OTP) - via github secrets

So do we want to generate this dangerous token?

Eomm avatar Jul 19 '20 13:07 Eomm

I think the token should require OTP to publish, or maybe I misunderstood the docs.

mcollina avatar Jul 19 '20 15:07 mcollina