Conversation
- added auto-version workflow to automate executing of `auto_version` to update updated packages' tag
There was a problem hiding this comment.
Pull Request Overview
This PR adds a new GitHub Actions workflow to automatically version packages when Go code changes are pushed to the main branch. The workflow runs an auto_version script to update package tags based on detected changes.
- Adds automated versioning triggered by changes to Go files, go.mod, or go.sum
- Configures Git credentials for the GitHub Actions bot to create and push tags
- Includes verification step to display the latest created tags
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | ||
|
|
||
| - name: Run auto_version script | ||
| run: | |
There was a problem hiding this comment.
The workflow assumes the auto_version script exists and is executable, but there's no error handling if the script doesn't exist or fails. Consider adding error checking or using set -e to ensure the workflow fails appropriately if the script encounters issues.
There was a problem hiding this comment.
I think should be okay since the file is also committed in the repo so it will always be present? 🤔
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 # Fetch all history for tags | ||
| token: ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
Using the default GITHUB_TOKEN may not have sufficient permissions to push tags to protected branches or bypass branch protection rules. Consider using a personal access token or GitHub App token with appropriate permissions if the repository has branch protection enabled.
| token: ${{ secrets.GITHUB_TOKEN }} | |
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} |
There was a problem hiding this comment.
This is a good point, what are our branch protection rules for this repo? likely will fail due to requiring a PR
There was a problem hiding this comment.
I also dunno 🤣
Maybe @lei-wego has some idea? But I see from our other(like payments web component) github workflow we only use GITHUB_TOKEN
There was a problem hiding this comment.
payments web component actually used to use something called deploy keys, with a custom branch rule to allow deploy keys to bypass.
I've since made changes to the payments web component workflow files but haven't had a chance to test the new flow yet.
| @@ -0,0 +1,41 @@ | |||
| name: Auto Version Packages | |||
- added workflow_dispatch to specify the version
- removed auto workflow trigger event
.github/workflows/auto-version.yml
Outdated
|
|
||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 |
There was a problem hiding this comment.
For security reasons we should use the commit hash of the tag
Latest v4 is 4.3.0
| uses: actions/checkout@v4 | |
| uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 |
Or we can try using the recently released v5?
https://github.com/actions/checkout/releases/tag/v5.0.0
There was a problem hiding this comment.
will update, I think can use what we are currently using, which is v4
- updated actions/checkout to specific version
2 participants
auto_versionto update updated packages' tag