mocha icon indicating copy to clipboard operation
mocha copied to clipboard

Published 20 hours ago verified publisher icon mochajs

🛠️ Repo: Switch automations to GitHub Actions (GHA)

Open craigtaub opened this issue 5 years ago • 8 comments

Can we make some of the manual processes which are time consuming (and limited to those with an OS which can run the required tasks) automated via Githubs actions?

Look at:

  1. NPM release
  2. Documentation website release (See https://github.com/netlify/actions)

Note only mocha repository collaborators will have permission create workflows.

craigtaub avatar Dec 03 '19 09:12 craigtaub

release might be problematic. we should be using npm's 2FA, which--last time I checked--means a machine cannot publish. I'll poke around and see what that looks like.

tbh, I'm interested in moving the entire build to GH actions. I've been using it in my other projects, and it's nice & fast. not sure what the SauceLabs integration looks like though.

boneskull avatar Dec 03 '19 20:12 boneskull

I'll poke around and see what that looks like.

Thanks man. In fact that sounds likely 😔. Let's break it down and see where the issues are.

craigtaub avatar Dec 03 '19 20:12 craigtaub

We can use Actions to trigger Netlify( #3644 ) and replace AppVeyor for windows testing ( #4013 )

outsideris avatar Dec 10 '19 08:12 outsideris

Regarding publishing and 2FA: could Wombat evtl. be a solution?

juergba avatar Jan 12 '20 10:01 juergba

Moving to Github Actions means running everything in docker, which conveniently means a consistent environment for running stuff locally, too. So e.g. folks on Windows can publish as long as they have docker installed.

For publishing, you can tell npm to publish a pre-built tarball https://docs.npmjs.com/cli/publish This means Github Actions could do the entire build, version bump, prepare the release notes, push git tags, then post the tarball for a maintainer to publish. The maintainer would run a (dockerized) publication script on their machine that downloads the tarball from Github and runs npm publish downloaded-tarball.tar.gz

cspotcode avatar Jan 18 '20 01:01 cspotcode

@cspotcode Interesting. On my Windows I have WSL2.0 / Ubuntu / VSCode WSL-extension installed. As an alternative to your docker solution, I just need to install npm on Ubuntu side, then I could run npm publish downloaded-tarball.tar.gz. Right?

juergba avatar Jan 18 '20 06:01 juergba

Even on Windows without WSL, that should work correctly.

On Sat, Jan 18, 2020, 1:41 AM Juerg B. [email protected] wrote:

@cspotcode https://github.com/cspotcode Interesting. On my Windows I have WSL2.0 / Ubuntu / VSCode WSL-extension installed. As an alternative to your docker solution, I just need to install npm on Ubuntu side, then I could run npm publish downloaded-tarball.tar.gz. Right?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/mochajs/mocha/issues/4117?email_source=notifications&email_token=AAC35OHG7VAVXVLCYEJXHH3Q6KQCLA5CNFSM4JUU33GKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEJJR2IQ#issuecomment-575872290, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAC35ODOJIQB6JS6XJFKJADQ6KQCLANCNFSM4JUU33GA .

cspotcode avatar Jan 18 '20 16:01 cspotcode

we should be using npm's 2FA, which--last time I checked--means a machine cannot publish.

Yes we should. And you can set up NPM with 2FA and still publish. You have to log into NPM with the publishing account and set up an Access Token, which you save in GitHub as a secret. Then you configure a GHA as I've done in this example.

msimerson avatar Feb 08 '24 23:02 msimerson