roang-zero1 / github-create-release-action Goto Github PK

View Code? Open in Web Editor NEW

42.0 42.0 10.0 53 KB

Create a GitHub release from a Tag

License: MIT License

Dockerfile 7.40% Shell 92.60%

actions ci continuous-integration release-automation

github-create-release-action's People

Contributors

Stargazers

Watchers

Forkers

serucee mvkvl wirecard alvarotor djpm05 vlucas-caylent toumash dflorness-circle ann-aot dongmamopay

github-create-release-action's Issues

Release description ends with %0A

My CHANGELOG.md contains the text:

$ cat CHANGELOG.md
# Changelog

## v1.0.0

Initial Release.

The created release contains description: Initial Release.%0A. It contains additional %0A characters at the end.

on:
  push:
    branches: [ main ]
    tags:
      - 'v*.*.*'

jobs:
  build:
    ...
  release:
    name: "Create release"
    needs: build
    runs-on: ubuntu-latest
    if: contains(github.ref, '/tags/v')

    steps:
      - uses: actions/checkout@v3

      - name: Create GitHub release
        uses: Roang-zero1/github-create-release-action@v3
        with:
          version_regex: ^v[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

$ hexdump -C CHANGELOG.md 
00000000  23 20 43 68 61 6e 67 65  6c 6f 67 0a 0a 23 23 20  |# Changelog..## |
00000010  76 31 2e 30 2e 30 0a 0a  49 6e 69 74 69 61 6c 20  |v1.0.0..Initial |
00000020  52 65 6c 65 61 73 65 2e                           |Release.|
00000028

Tried with and without a newline (\n = 0x0A) at the end of the file.

Any suggestion?

CHANGELOG.md is not detecting

I have CHANGELOG.md file in my root.

but its not detecting by the action, and its throwing the below error.

Error building Dockerfile

I just got this issue on a pipeline that was running for a good ~year.
Should we just make a PR to update the Dockerfile with newer curl and jq?
Would the maintainer accept it?

Step 1/6 : FROM alpine:3.16 as base
   ---> 9c6f07244728
  Step 2/6 : RUN apk add --no-cache jq=1.6-r1 curl=7.83.1-r2
   ---> Running in [redacted github repo url]
  fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/main/x86_64/APKINDEX.tar.gz
  fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz
  ERROR: unable to select packages:
    curl-7.83.1-r3:
      breaks: world[curl=7.83.1-r2]
  The command '/bin/sh -c apk add --no-cache jq=1.6-r1 curl=7.83.1-r2' returned a non-zero code: 1
  Warning: Docker build failed with exit code 1, back off 2.884 seconds before retry.

Repro steps

Run the following shell script on a machine with git & docker installed.

git clone [email protected]:Roang-zero1/github-create-release-action.git
cd .\github-create-release-action\
docker build .

You will get an error

[+] Building 3.5s (6/8)
 => [internal] load build definition from Dockerfile                                                               0.1s
 => => transferring dockerfile: 494B                                                                               0.0s
 => [internal] load .dockerignore                                                                                  0.0s
 => => transferring context: 2B                                                                                    0.0s
 => [internal] load metadata for docker.io/library/alpine:3.16                                                     0.7s
 => CACHED [1/4] FROM docker.io/library/alpine:3.16@sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8  0.0s
 => [internal] load build context                                                                                  0.1s
 => => transferring context: 5.44kB                                                                                0.0s
 => ERROR [2/4] RUN apk add --no-cache jq=1.6-r1 curl=7.83.1-r2                                                    2.7s
------
 > [2/4] RUN apk add --no-cache jq=1.6-r1 curl=7.83.1-r2:
#4 0.395 fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/main/x86_64/APKINDEX.tar.gz
#4 1.098 fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz
#4 2.649 ERROR: unable to select packages:
#4 2.669   curl-7.83.1-r3:
#4 2.669     breaks: world[curl=7.83.1-r2]
------
executor failed running [/bin/sh -c apk add --no-cache jq=1.6-r1 curl=7.83.1-r2]: exit code: 1

Have changelog as output

Since this action scrapes the changelog it would be nice to have that text as output for slack notifications etc.

Thanks

Ouput update url for further assets update

Hope to output the release update url just like actions/create-release.

conventional changelog support

https://github.com/conventional-changelog/conventional-changelog/blob/master/packages/conventional-changelog/CHANGELOG.md

tag: v1.0.0
markdown:

## [1.0.0](https://github.com/angular/angular/compare/v1.0.0...v0.0.0) (2019-09-08)

1.0.0 (2019-09-08)

how to config this?

Add option to pass tag from other action

As seen on https://github.com/serucee/github-create-release-action, it should be possible to pass the tag from another action

@serucee: Would you be interested in creating a pull request with an optional input for the tag?

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Update alpine Docker tag to v3.20

Detected dependencies

dockerfile

Dockerfile

alpine 3.16

Check this box to trigger a request for Renovate to run again on this repository

Is this possible for this action not to fail if push wasn't a tag?

I can see how this will drown my mailbox in spam... why does it have to fail if a push wasn't a tag?

How can I use tag message as description?

Hello!

How can I use tag message (git tag -a v0.0.1 -m "message") as a description for my release? Does your action have this function?

GITHUB_TOKEN permissions used by this action

At https://github.com/step-security/secure-workflows we are building a knowledge-base (KB) of GITHUB_TOKEN permissions needed by different GitHub Actions. When developers try to set minimum token permissions for their workflows, they can use this knowledge-base instead of trying to research permissions needed by each GitHub Action they use.

Below you can see the KB of your GITHUB Action.

name: "GitHub Create Tag Release"
github-token:
  environment-variable-name: GITHUB_TOKEN
  permissions:
    contents: write
    contents-reason: to create new releases #Checkout: https://github.com/Roang-zero1/github-create-release-action/blob/master/entrypoint.sh#L115
    
#Fixes #694

If you think this information is not accurate, or if in the future your GitHub Action starts using a different set of permissions, please create an issue at https://github.com/step-security/secure-workflows/issues to let us know.

This issue is automatically created by our analysis bot, feel free to close after reading :)

References:

GitHub asks users to define workflow permissions, see https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/ and https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token for securing GitHub workflows against supply-chain attacks.

Setting minimum token permissions is also checked for by Open Source Security Foundation (OpenSSF) Scorecards. Scorecards recommend using https://github.com/step-security/secure-workflows so developers can fix this issue in an easier manner.