From 1e4f2457c21f565b524a8883616d31e7e630bbe2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=85=8E=E9=A5=BC=E6=9E=9C=E5=AD=90=E5=8D=B7=E9=B2=A8?= =?UTF-8?q?=E9=B1=BC=E8=BE=A3=E6=A4=92?= Date: Mon, 30 Dec 2024 18:47:06 +0800 Subject: [PATCH] chore: update GitHub Actions workflows for improved error handling and version validation - Downgraded actions in both auto-tag.yml and release.yml to v3 and v4 respectively for compatibility. - Enhanced error handling in the auto-tag workflow by adding checks for git fetch failures and validating version format. - Introduced additional validation for version numbers to ensure they remain within acceptable ranges. - Added a verification step in the release workflow to confirm Go installation, improving reliability. --- .github/workflows/auto-tag.yml | 18 +++++++++++++++--- .github/workflows/release.yml | 17 +++++++++++++---- 2 files changed, 28 insertions(+), 7 deletions(-) diff --git a/.github/workflows/auto-tag.yml b/.github/workflows/auto-tag.yml index 01aba01..3857d71 100644 --- a/.github/workflows/auto-tag.yml +++ b/.github/workflows/auto-tag.yml @@ -15,18 +15,22 @@ permissions: write-all jobs: auto-tag: runs-on: ubuntu-22.04 + timeout-minutes: 10 outputs: version: ${{ steps.get_latest_tag.outputs.version }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v3 with: fetch-depth: 0 - name: Get latest tag id: get_latest_tag run: | - set -e - git fetch --tags || exit 1 + set -euo pipefail + git fetch --tags --force || { + echo "::error::Failed to fetch tags" + exit 1 + } latest_tag=$(git tag -l 'v*' --sort=-v:refname | head -n 1) if [ -z "$latest_tag" ]; then new_version="v0.1.0" @@ -42,12 +46,20 @@ jobs: - name: Validate version run: | + set -euo pipefail new_tag="${{ steps.get_latest_tag.outputs.version }}" echo "Validating version: $new_tag" if [[ ! $new_tag =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then echo "::error::Invalid version format: $new_tag" exit 1 fi + major=$(echo $new_tag | cut -d. -f1 | tr -d 'v') + minor=$(echo $new_tag | cut -d. -f2) + patch=$(echo $new_tag | cut -d. -f3) + if [[ $major -gt 99 || $minor -gt 99 || $patch -gt 999 ]]; then + echo "::error::Version numbers out of valid range" + exit 1 + fi echo "Version validation passed" - name: Create new tag diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7a5cbd9..4ba69df 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,23 +27,24 @@ jobs: goreleaser: environment: production runs-on: ubuntu-22.04 + timeout-minutes: 15 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: fetch-depth: 0 lfs: true submodules: recursive - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v4 with: go-version: "1.21" cache: true - name: Import GPG key id: import_gpg - uses: crazy-max/ghaction-import-gpg@v6 + uses: crazy-max/ghaction-import-gpg@v5 with: gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} passphrase: ${{ secrets.PASSPHRASE }} @@ -52,8 +53,15 @@ jobs: git_commit_gpgsign: true git_tag_gpgsign: true + - name: Verify Go installation + run: | + go version || { + echo "::error::Go installation failed" + exit 1 + } + - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@v4 with: distribution: goreleaser version: latest @@ -62,5 +70,6 @@ jobs: GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} VERSION: ${{ inputs.version }} + continue-on-error: false if: github.event_name == 'workflow_call' || startsWith(github.ref, 'refs/tags/v')