Compare commits
12 Commits
v2
...
ruetz-auto
| Author | SHA1 | Date | |
|---|---|---|---|
|
2722cfb5c8 | ||
|
|
0b5bf555f1 | ||
|
|
cca0f55ece | ||
|
|
baa29d5bd0 | ||
|
|
7ffac7f68a | ||
|
|
1b0b59a7a7 | ||
|
|
da98918135 | ||
|
|
e99f0139fe | ||
|
|
82b420f3b7 | ||
|
|
d36634f96f | ||
|
|
a8494ee438 | ||
|
|
904025a654 |
44
.github/workflows/release.yml
vendored
Normal file
44
.github/workflows/release.yml
vendored
Normal file
@@ -0,0 +1,44 @@
|
||||
name: Release
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
# TODO: This branch is for PR testing purposes; update branch to "main" if we proceed with this PR.
|
||||
- ruetz-automate-releases
|
||||
# Specify that this "Release" workflow depends on the other workflows below completing successfully.
|
||||
workflow_run:
|
||||
workflows: ["Lint", "Run acceptance tests"]
|
||||
types:
|
||||
- completed
|
||||
|
||||
permissions:
|
||||
contents: read # for checkout
|
||||
|
||||
jobs:
|
||||
release:
|
||||
name: Release
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: write # to be able to publish a GitHub release
|
||||
issues: write # to be able to comment on released issues
|
||||
pull-requests: write # to be able to comment on released pull requests
|
||||
id-token: write # to enable use of OIDC for npm provenance
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: "lts/*"
|
||||
- name: Install dependencies
|
||||
run: npm clean-install
|
||||
- name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
|
||||
run: npm audit signatures
|
||||
- name: Build codebase
|
||||
run: npm run build
|
||||
- name: Release
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: npx semantic-release
|
||||
51
CONTRIBUTING.md
Normal file
51
CONTRIBUTING.md
Normal file
@@ -0,0 +1,51 @@
|
||||
# Contributing
|
||||
|
||||
Thank you for your interest in contributing to the 1Password load-secrets-action project 👋! Before you start, please take a moment to read through this guide to understand our contribution process.
|
||||
|
||||
## Testing
|
||||
Unit tests can be run with `npm run test`.
|
||||
|
||||
After following the steps below for signing commits, you can test against your PR with these steps:
|
||||
|
||||
1. Create or use an existing repo to run the `load-secrets` GitHub Action.
|
||||
2. In a workflow yaml file that uses the GitHub Action, modify the `uses: 1Password/load-secrets-action` line to be
|
||||
|
||||
```yaml
|
||||
uses: 1Password/load-secrets-action@<branch-name>
|
||||
```
|
||||
OR
|
||||
```yaml
|
||||
uses: 1Password/load-secrets-action@<commit-hash>
|
||||
```
|
||||
|
||||
3. Trigger the action, which now includes your changes.
|
||||
|
||||
## Documentation Updates
|
||||
|
||||
If applicable, update the [README.md](./README.md) to reflect any changes introduced by the new code.
|
||||
|
||||
## Sign your commits
|
||||
|
||||
To get your PR merged, we require you to sign your commits.
|
||||
|
||||
### Sign commits with 1Password
|
||||
|
||||
You can also sign commits using 1Password, which lets you sign commits with biometrics without the signing key leaving the local 1Password process.
|
||||
|
||||
Learn how to use [1Password to sign your commits](https://developer.1password.com/docs/ssh/git-commit-signing/).
|
||||
|
||||
### Sign commits with ssh-agent
|
||||
|
||||
Follow the steps below to set up commit signing with `ssh-agent`:
|
||||
|
||||
1. [Generate an SSH key and add it to ssh-agent](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)
|
||||
2. [Add the SSH key to your GitHub account](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account)
|
||||
3. [Configure git to use your SSH key for commits signing](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-ssh-key)
|
||||
|
||||
### Sign commits with gpg
|
||||
|
||||
Follow the steps below to set up commit signing with `gpg`:
|
||||
|
||||
1. [Generate a GPG key](https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key)
|
||||
2. [Add the GPG key to your GitHub account](https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-gpg-key-to-your-github-account)
|
||||
3. [Configure git to use your GPG key for commits signing](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-gpg-key)
|
||||
@@ -24,7 +24,7 @@
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
"url": "git+https://github.com/1Password/load-secrets-action.git"
|
||||
"url": "git@github.com:1Password/load-secrets-action.git"
|
||||
},
|
||||
"keywords": [
|
||||
"actions",
|
||||
|
||||
15
release.config.cjs
Normal file
15
release.config.cjs
Normal file
@@ -0,0 +1,15 @@
|
||||
/** @type {import('semantic-release').GlobalConfig} */
|
||||
module.exports = {
|
||||
// TODO: This branch is for PR testing purposes; update branch to "main" if we proceed with this PR.
|
||||
branches: ["ruetz-automate-releases"],
|
||||
// TODO: Remove `dryRun` configuration if we proceed with this PR.
|
||||
dryRun: true,
|
||||
plugins: [
|
||||
"@semantic-release/commit-analyzer",
|
||||
"@semantic-release/release-notes-generator",
|
||||
"@semantic-release/github",
|
||||
],
|
||||
// Use the `https` Git protocol here to prevent semantic-release from erroring
|
||||
// on the SSH protocol used in `repository.url` in the package.json file.
|
||||
repositoryUrl: "https://github.com/1Password/load-secrets-action.git",
|
||||
};
|
||||
Reference in New Issue
Block a user