littlebalalafairy/go-cursor-help
1
0
Fork 0
mirror of https://github.com/yuaotian/go-cursor-help.git synced 2025-06-08 12:32:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: update GitHub Actions workflows for improved tagging and release process

Browse Source 
- Changed GITHUB_TOKEN reference in auto-tag.yml to use the standard token for better security.
- Added debug steps in both workflows to enhance visibility into the release process and check permissions.
- Updated permissions in release.yml to explicitly define required access levels for contents, packages, and actions.
- Refined the conditional execution for the release job to ensure it only runs when a valid version is generated.
This commit is contained in:
煎饼果子卷鲨鱼辣椒 2024-12-30 18:48:49 +08:00
parent 1e4f2457c2
commit 84cd8c15c7
2 changed files with 38 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
.github/workflows/auto-tag.yml vendored
View File

@ -64,7 +64,7 @@ jobs:
- name: Create new tag - name: Create new tag
env: env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: | run: |
new_tag=${{ steps.get_latest_tag.outputs.version }} new_tag=${{ steps.get_latest_tag.outputs.version }}
git config --global user.name 'github-actions[bot]' git config --global user.name 'github-actions[bot]'
@ -90,13 +90,27 @@ jobs:
echo "---" echo "---"
echo "Direct version value: ${{ steps.get_latest_tag.outputs.version }}" echo "Direct version value: ${{ steps.get_latest_tag.outputs.version }}"
- name: Debug Release Trigger
run: |
echo "Auto-tag completed successfully"
echo "Version to be released: ${{ steps.get_latest_tag.outputs.version }}"
echo "Checking release conditions:"
echo " - Version not empty: ${{ steps.get_latest_tag.outputs.version != '' }}"
echo " - Current job status: ${{ job.status }}"
release: release:
needs: auto-tag needs: auto-tag
permissions:
contents: write
packages: write
actions: write
if: | if: |
always() &&
needs.auto-tag.result == 'success' && needs.auto-tag.result == 'success' &&
needs.auto-tag.outputs.version != '' needs.auto-tag.outputs.version != ''
uses: ./.github/workflows/release.yml uses: ./.github/workflows/release.yml
with: with:
version: ${{ needs.auto-tag.outputs.version }} version: ${{ needs.auto-tag.outputs.version }}
secrets: inherit secrets:
RELEASE_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
PASSPHRASE: ${{ secrets.PASSPHRASE }}

22
.github/workflows/release.yml vendored
View File

@ -21,7 +21,10 @@ on:
tags: tags:
- "v*" - "v*"
permissions: write-all permissions:
contents: write
packages: write
actions: write
jobs: jobs:
goreleaser: goreleaser:
@ -29,6 +32,23 @@ jobs:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
timeout-minutes: 15 timeout-minutes: 15
steps: steps:
- name: Check Permissions
run: |
echo "Checking required permissions..."
TOKEN="${{ secrets.RELEASE_TOKEN }}"
if [ -z "$TOKEN" ]; then
echo "::error::RELEASE_TOKEN is not set"
exit 1
fi
echo "Token permissions check passed"
- name: Debug Workflow Trigger
run: |
echo "Event name: ${{ github.event_name }}"
echo "Ref: ${{ github.ref }}"
echo "Version input: ${{ inputs.version }}"
echo "Token exists: ${{ secrets.RELEASE_TOKEN != '' }}"
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with: