Re: Github Actions
Hi Francis & Builders, On Mon, Aug 12, 2019 at 12:39 AM Francis Chuang wrote: > Regarding automated website builds: Currently, this is only possible on > the ASF git-websites jenkins node as it holds the correct git > credentials to push to the website branch for ASF git repositories. Is > there an official process/workflow for this token to be added as a > secret in Github Actions? >From my early experiments with GitHub actions, a GitHub action has full access to the GitHub repository, that includes pushing to the `asf-site` branch. zoran -- Zoran Regvart
Re: Github Actions
Thanks, Zoran! In our case, our site lives in a separate repository, as we have code in 3 different repositories that pushes to this site repository. I've been playing around with Github Actions, but haven't gotten to the point where I am ready to open a request with INFRA to see if it's possible for the token to be added as a Github Actions secret. Currently I see the following methods being possible candidates: 1. Use a Github token for the ASF github org. This gives write access to all repos under the ASF org, which might be undesirable as there is no way to scope Github tokens to individual repos. 2. Use the Gitbox token that is currently used by the git-websites node which has write access to the asf-site branch of all repos. I think this is probably the more secure way, but it would be nice if the token can be scoped to individual repos. On 13/08/2019 5:21 pm, Zoran Regvart wrote: Hi Francis & Builders, On Mon, Aug 12, 2019 at 12:39 AM Francis Chuang wrote: Regarding automated website builds: Currently, this is only possible on the ASF git-websites jenkins node as it holds the correct git credentials to push to the website branch for ASF git repositories. Is there an official process/workflow for this token to be added as a secret in Github Actions? From my early experiments with GitHub actions, a GitHub action has full access to the GitHub repository, that includes pushing to the `asf-site` branch. zoran
Re: Github Actions
Hi, I've made a simple PoC for the Apache Maven Dependency Plugin on a separate branch. I will try within the next days more features for example Mac OS builds etc. Currently I simply push my changes via gitbox .. maven-dependency-plugin (GITHUB_ACTIONS)$ git remote -v origin https://gitbox.apache.org/repos/asf/maven-dependency-plugin.git (fetch) origin https://gitbox.apache.org/repos/asf/maven-dependency-plugin.git (push) Also I'm interested to use SonarCloud related with GitHub Actions..? Kind regards Karl Heinz Marbaise Apache Maven PMC [1]: https://github.com/apache/maven-dependency-plugin/runs/192633340 [2]: https://github.com/apache/maven-dependency-plugin/blob/66435b225e7885f44b25207e025469f6d5237107/.github/workflows/maven.yml On 12.08.19 00:31, Greg Stein wrote: On Sun, Aug 11, 2019 at 5:15 PM Francis Chuang wrote: ... I think there are quite a few ASF projects using gitbox and Github and this would be a very good complement or replacement for Travis, appvoyer and other CI/CD platforms currently in use. Is there any interest from the ASF to enable this for all Gitbox projects when it becomes fully public? Absolutely. The Infrastructure team would love to see groups try this out, and share the experiences here. If there are any hurdles, then share them and we'll try to knock them down. I am also interested in being able to push to our website automatically using Github Actions. If the git token that can push to a particular website repository is added as a secret [2] to Github Actions, this would be pretty easy to use for projects to automate the building of their websites. Should be possible. Again, comes back to groups trying this and reporting back how well it went. Cheers, Greg Stein Infrastructure Administrator, ASF
