Automate release with Github actions #302
Conversation
miry
force-pushed
the
github-actions-dockr-push
branch
from
2bac280 to
19b6b6e
Compare
miry
force-pushed
the
github-actions-dockr-push
branch
from
19b6b6e to
68cdc7b
Compare
| release: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: write |
There was a problem hiding this comment.
Noice - I like how this drops privileges 😍.
There was a problem hiding this comment.
It requires for release to Github.
| steps: | ||
| - | ||
| name: Checkout | ||
| uses: actions/checkout@v2 |
There was a problem hiding this comment.
Idea: did you consider using the commit/digest, instead of tracking a mutable tag?
Maybe just for goreleaser/goreleaser-action? The first party actions/* actions are less important, but pinning third party actions is a best practice.
I'm a fan of pinning to immutable digests, then using Dependabot to follow v2.3.3 -> v2.3.4, instead of following the mutable v2 tag.
There was a problem hiding this comment.
Good catch. Thank you for the full clarification.
There was a problem hiding this comment.
I am going to keep the official actions like actions/checkout@v2 and actions/setup-go@v2, because there are no maintainers to merge Dependbot's PRs and it was suggested by Github.
miry
changed the title
The current process according the README is manual. It requires to have access users to DockerHub. After small investigation, found that DockerHub is not actively internaly used and decided to switch container registry to Github. The relase part was done with [goreleaser](https://github.com/goreleaser/goreleaser). It can create Release in Github, Container registries and Homebrew. Update documentation to use Github container registry for new versions.
miry
force-pushed
the
github-actions-dockr-push
branch
from
d173bec to
e5daf06
Compare
Use Github Container registry instead of DockerHub.