Cookie Consent by Free Privacy Policy Generator 📌 Automate Updating Major Release Tag on New Releases of a GitHub Action

🏠 Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeiträge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden Überblick über die wichtigsten Aspekte der IT-Sicherheit in einer sich ständig verändernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch übersetzen, erst Englisch auswählen dann wieder Deutsch!

Google Android Playstore Download Button für Team IT Security



📚 Automate Updating Major Release Tag on New Releases of a GitHub Action


💡 Newskategorie: Programmierung
🔗 Quelle: dev.to

I maintain several GitHub Actions, such as jacoco-badge-generator, generate-sitemap, javadoc-cleanup, and user-statistician. I've also written posts here on DEV about each of these if you'd like more information. GitHub's documentation for GitHub Action developers recommends maintaining a major release tag for the Action so that users can either reference the Action by its specific release tag, such as v1.2.3, or simply by the major release with v1. In fact, it is so commonplace that users will likely assume that your Action supports specifying full version tag or major tag only. Note that some Actions use major release branches (e.g., branch named v1) instead of tags. My intention in this post is not to discuss the advantages/disadvantages of each of these alternative approaches. In the Actions that I maintain, I use major release tags for the simple reason that it is what GitHub's documentation recommends.

It is important to ensure that the major release tags are consistent with the released versions of the Action. For example, if the current version is v1.2.3, then the major release tag v1 should point to the git ref of version v1.2.3. And if a new version v1.2.4 is released, then v1 should be updated to point to that new version. Whenever a new major version is released, such as v2.0.0, you'd want to introduce a corresponding major tag v2. It would be tedious to update the major release tags manually, as well as error prone (e.g., forgetting about it, etc). In this post, I explain how to automate the creation and update of a major release tag using GitHub Actions.

Table of Contents:

  • How to Reference an Action in a Workflow
  • GitHub Actions Release Tags
  • A Workflow for Maintaining Major Release Tags
  • Information About Actions I Maintain
  • Where You Can Find Me

How to Reference an Action in a Workflow

You can skip this section if you are familiar with using GitHub Actions. In a GitHub Actions workflow, there are several ways of referencing an Action that you want to run as one of the steps in your workflow. All of which utilize the user name or organization name of the owner of the Action, as well as the name of the repository of the Action. You then need either a tag, branch, or the full SHA of a commit, such as the following examples:

    steps:

    - uses: user-or-organization/repository-of-action@tag

    - uses: user-or-organization/repository-of-action@branch

    - uses: user-or-organization/repository-of-action@full-sha-of-commit

The above examples assume that the Action has no inputs. It is meant as a simple example of referencing an Action in a workflow.

GitHub Actions Release Tags

When you release an Action to the GitHub Marketplace to make it easy for others to discover and use in their own workflows, you must tag the release. GitHub's documentation recommends using Semantic Versioning, and they also recommend maintaining a major release tag.

In this way, if your latest release is v1.2.3, users can use it in a workflow with something like:

    steps:

    - uses: user-or-organization/[email protected]

Or they can use the following if they want to use the major release tag so that they automatically get non-breaking changes when you release a new version:

    steps:

    - uses: user-or-organization/repository-of-action@v1

But this only works if a v1 tag exists.

A Workflow for Maintaining Major Release Tags

Maintaining a major release tag manually will almost certainly lead to problems (e.g., you might forget to update it). So just automate it in GitHub Actions. Here is a workflow that will accomplish this. Start by creating a major-release-num.yml file (or whatever you want to name it) within your .github/workflows directory. Include the following in that file (put your name and GitHub username in the appropriate places):

name: Move Major Release Tag

on:
  release:
    types: [created]

jobs:
  movetag:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3

    - name: Get major version num and update tag
      run: |
        VERSION=${GITHUB_REF#refs/tags/}
        MAJOR=${VERSION%%.*}
        git config --global user.name 'YOUR NAME'
        git config --global user.email '[email protected]'
        git tag -fa ${MAJOR} -m "Update major version tag"
        git push origin ${MAJOR} --force

The above workflow runs whenever you create a new release. It gets the release tag from the GITHUB_REF environment variable, and sets MAJOR to the part of that tag prior to the first dot. If it is a new major version, then a new major release tag is created; and otherwise it is updated to reference the latest release.

The above workflow is derived from one of my projects. See major-release-num.yml for the original workflow.

Information About Actions I Maintain

If you'd like to learn more about the various GitHub Actions that I maintain, I have a website about them:

Vincent Cicirello - Open source GitHub Actions for workflow automation

Features information on several open source GitHub Actions for workflow automation that we have developed to automate parts of the CI/CD pipeline, and other repetitive tasks. The GitHub Actions featured include jacoco-badge-generator, generate-sitemap, user-statistician, and javadoc-cleanup.

favicon actions.cicirello.org

Where You Can Find Me

Follow me here on DEV:

Follow me on GitHub:

GitHub logo cicirello / cicirello

My GitHub Profile

Vincent A Cicirello

Vincent A. Cicirello

Sites where you can find me or my work
Web and social media Personal Website LinkedIn DEV Profile
Software development Github Maven Central PyPI Docker Hub
Publications Google Scholar ORCID DBLP ACM Digital Library IEEE Xplore ResearchGate arXiv

My bibliometrics

My GitHub Activity

If you want to generate the equivalent to the above for your own GitHub profile, check out the cicirello/user-statistician GitHub Action.




Or visit my website:

Vincent A. Cicirello - Professor of Computer Science

Vincent A. Cicirello - Professor of Computer Science at Stockton University - is a researcher in artificial intelligence, evolutionary computation, swarm intelligence, and computational intelligence, with a Ph.D. in Robotics from Carnegie Mellon University. He is an ACM Senior Member, IEEE Senior Member, AAAI Life Member, EAI Distinguished Member, and SIAM Member.

favicon cicirello.org
...



📌 Automate Updating Major Release Tag on New Releases of a GitHub Action


📈 75.83 Punkte

📌 Medium CVE-2020-15272: Git-tag-annotation-action project Git-tag-annotation-action


📈 32.84 Punkte

📌 Github-Dorks - Collection Of Github Dorks And Helper Tool To Automate The Process Of Checking Dorks


📈 28.13 Punkte

📌 Automate Docker Image Builds and Push to GitHub Registry Using GitHub Actions 🐙


📈 28.13 Punkte

📌 Download Power Automate Desktop for Windows 10 to automate tasks and processes at no additional cost


📈 26.3 Punkte

📌 Automate every Industry using Power Automate with Roma Gupta | #LessCodeMorePower


📈 26.3 Punkte

📌 If you could automate one process what would you automate?


📈 26.3 Punkte

📌 You can now use the Automate tab in Excel for Windows and Mac to automate tasks


📈 26.3 Punkte

📌 Automating Tag and Release Generation with Semantic Release and GitHub Actions for Node.js Applications


📈 26.14 Punkte

📌 Release 0.35.0 of Spellcheck (GitHub) Action - another maintenance release


📈 25.63 Punkte

📌 Release 0.36.0 of Spellcheck (GitHub) Action - another maintenance release


📈 25.63 Punkte

📌 Ear Tag (GTK Audio Tag Editor) Gets a Major Performance Boost


📈 25.5 Punkte

📌 Using semantic-release to automate releases and changelogs


📈 25.22 Punkte

📌 git-tag-annotation-action up to 1.0.0 Environment Variable tag os command injection


📈 24.88 Punkte

📌 HashiCorp vault-action up to 2.1.x GitHub Action log file


📈 23.4 Punkte

📌 Kyndryl releases new tool to help companies streamline and automate business processes


📈 23.06 Punkte

📌 How to Test a GitHub Action with GitHub Actions


📈 22.93 Punkte

📌 Bonus Tip: How to Use GitHub Actions to Test a GitHub Action Whose Output Must be Visually Inspected


📈 22.93 Punkte

📌 CVE-2022-23740 | GitHub Enterprise Server 3.7.0 GitHub Action argument injection


📈 22.93 Punkte

📌 PSA Linux kernel mirror on github stopped updating


📈 22.69 Punkte

📌 No, GitHub's source code wasn't hacked and posted on GitHub, says GitHub CEO


📈 22.46 Punkte

📌 Deploying a Vite app on GitHub Pages using GitHub Actions with GitHub Secrets


📈 22.46 Punkte

📌 GitHub Honors Class of 2021 with 'GitHub Yearbook' and 'GitHub Graduation' Ceremony


📈 22.46 Punkte

📌 GitHub announces the preview of GitHub Copilot Enterprise and general availability of GitHub Copilot Chat


📈 22.46 Punkte

📌 How long after release of a new major release do you wait to put a Linux server into production?


📈 21.69 Punkte

📌 Automate it with GitHub Actions | BOD114


📈 20.64 Punkte

📌 GitHub Adds Features to Automate Vulnerability Code Scanning


📈 20.64 Punkte

📌 How to Use GitHub Actions to Automate Open-Source Projects


📈 20.64 Punkte

📌 Automate Machine Learning Deployment with GitHub Actions


📈 20.64 Punkte

📌 How to Use Cloud Functions to Automate GitHub Moderation


📈 20.64 Punkte

📌 Build and Deploy a ReactJS App to AWS EC2 with Docker, NGINX, and Automate with GitHub Actions.


📈 20.64 Punkte

📌 Datadog and Snyk unveil GitHub integration to automate software development workflow


📈 20.64 Punkte











matomo