apricote/releaser-pleaser
1
0
Fork 0
mirror of https://github.com/apricote/releaser-pleaser.git synced 2026-02-11 12:17:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: apricote:4946ec4cc05a5748c28aab50c896e534dbbd7c3f
Branches Tags
apricote:main
apricote:renovate/codecov-codecov-action-digest
apricote:renovate/actions-setup-go-digest
apricote:renovate/actions-checkout-digest
apricote:renovate/jdx-mise-action-digest
apricote:abort-when-pr-changed
apricote:v0.7.1
apricote:v0.7.0
apricote:v0.6.1
apricote:v0.6.0
apricote:v0.5.1
apricote:v0.5.0
apricote:v0.4.2
apricote:v0.4.1
apricote:v0.4.0
apricote:v0.4.0-beta.1
apricote:v0.4.0-beta.0
apricote:v0.3.0
apricote:v0.2.0
apricote:v0.2.0-beta.2
apricote:v0.2.0-beta.1
apricote:v0.2.0-beta.0
apricote:v0.1.0
...
compare: apricote:4736202e36e036869bf82e859fe8d626e99ecf5f
Branches Tags
apricote:main
apricote:renovate/codecov-codecov-action-digest
apricote:renovate/actions-setup-go-digest
apricote:renovate/actions-checkout-digest
apricote:renovate/jdx-mise-action-digest
apricote:abort-when-pr-changed
apricote:v0.7.1
apricote:v0.7.0
apricote:v0.6.1
apricote:v0.6.0
apricote:v0.5.1
apricote:v0.5.0
apricote:v0.4.2
apricote:v0.4.1
apricote:v0.4.0
apricote:v0.4.0-beta.1
apricote:v0.4.0-beta.0
apricote:v0.3.0
apricote:v0.2.0
apricote:v0.2.0-beta.2
apricote:v0.2.0-beta.1
apricote:v0.2.0-beta.0
apricote:v0.1.0

3 commits
4946ec4cc0 ... 4736202e36

Author SHA1 Message Date
Julian Tölle
4736202e36
Merge 0190e46c72 into 2567f0ae8b 2024-08-25 15:17:55 +00:00
releaser-pleaser
0190e46c72 chore(main): release v0.2.0 2024-08-25 15:17:52 +00:00
Julian Tölle
2567f0ae8b
ci: run on pr updates from main branch (#30) 
With `pull_request`, we run in the context of the pull request branch.

- This means we run with the code from the PR branch, possibly breaking
  the current release PR for this repo with in-progress, unreviewed changes.
- This means that the secret is not available on Pull Requests from
  forks.

Switching to `pull_request_target` means we always run in the scope of
the original repository. The secret is available and the code is checked
out from our main branch.

`pull_request_target` has security considerations, but they do not apply
here as we do not check out or run code from the (external, malicious) PR.
 2024-08-25 17:16:43 +02:00
3 changed files with 18 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
.github/workflows/releaser-pleaser.yaml vendored
View file

@ -3,8 +3,8 @@ name: releaser-pleaser
on:
push:
branches: [main]
# TODO: use pull_request_target to avoid tainting the actual release PR with code from open feature pull requests
pull_request:
# Using pull_request_target to avoid tainting the actual release PR with code from open feature pull requests
pull_request_target:
types:
- edited
- labeled
@ -14,10 +14,13 @@ permissions: {}
jobs:
releaser-pleaser:
# TODO: if: push or pull_request.closed
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: main
- name: Set up Go
uses: actions/setup-go@v5

12
CHANGELOG.md
View file

@ -1,5 +1,17 @@
# Changelog
## [v0.2.0](https://github.com/apricote/releaser-pleaser/releases/tag/v0.2.0)
### Features
- update version references in any files (#14)
- **cli**: add --version flag (#29)
### Bug Fixes
- **ci**: building release image fails (#21)
- **ci**: ko pipeline permissions (#23)
- **action**: invalid quoting for extra-files arg (#25)
## [v0.2.0-beta.2](https://github.com/apricote/releaser-pleaser/releases/tag/v0.2.0-beta.2)
### Features

2
action.yml
View file

@ -19,7 +19,7 @@ inputs:
outputs: {}
runs:
using: 'docker'
image: ghcr.io/apricote/releaser-pleaser:v0.2.0-beta.2 # x-releaser-pleaser-version
image: ghcr.io/apricote/releaser-pleaser:v0.2.0 # x-releaser-pleaser-version
args:
- run
- --forge=github