Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

new action release workflow to build, tag, and publish #23

Closed
wants to merge 9 commits into from
Closed

new action release workflow to build, tag, and publish #23

wants to merge 9 commits into from

Conversation

h0tw1r3
Copy link
Contributor

@h0tw1r3 h0tw1r3 commented May 16, 2024
edited
Loading

@h0tw1r3 h0tw1r3 mentioned this pull request May 16, 2024
Merged
@h0tw1r3
Copy link
Contributor Author

h0tw1r3 commented May 16, 2024

On gem publishing is it possible to enforce MFA, so GitHub actions you'd have to enter the OTP to publish a new release?

@mfazekas The only way I know of doing that is using a step that provides an MFA gate:
https://github.com/step-security/wait-for-secrets

@mfazekas
Copy link
Contributor

mfazekas commented May 19, 2024
edited
Loading

On gem publishing is it possible to enforce MFA, so GitHub actions you'd have to enter the OTP to publish a new release?

@mfazekas The only way I know of doing that is using a step that provides an MFA gate: https://github.com/step-security/wait-for-secrets

Thanks much, tried to use GitHub actions input and the GEM_HOST_OTP_CODE variable. That works but somehow the

        NET_SSH_BUILDGEM_SIGNED=1 GEM_HOST_OTP_CODE=${{ inputs.one_time_password }} bundle exec rake release
        NET_SSH_BUILDGEM_SIGNED=1 GEM_HOST_OTP_CODE=${{ inputs.one_time_password }} bundle exec rake gem:release

gem:release fails.

bcrypt_pbkdf 1.1.1.rc1 built to pkg/bcrypt_pbkdf-1.1.1.rc1.gem.
Tag v1.1.1.rc1 has already been created.
Pushing gem to https://rubygems.org.../
Successfully registered gem: bcrypt_pbkdf (1.1.1.rc1)
Pushed bcrypt_pbkdf 1.1.1.rc1 to rubygems.org
gem push pkg/bcrypt_pbkdf-1.1.1.rc1-arm64-darwin.gem
ERROR:  While executing gem ... (Gem::Package::FormatError)
    No such file or directory @ rb_sysopen - pkg/bcrypt_pbkdf-1.1.1.rc1-arm64-darwin.gem
rake aborted!
Command failed with status (1): [gem push pkg/bcrypt_pbkdf-1.1.1.rc1-arm64-darwin.gem]
/home/runner/work/net-ssh-release/net-ssh-release/bcrypt_pbkdf-ruby/Rakefile:71:in `block (4 levels) in <top (required)>'
/home/runner/work/net-ssh-release/net-ssh-release/bcrypt_pbkdf-ruby/Rakefile:86:in `block (3 levels) in <top (required)>'
/home/runner/work/net-ssh-release/net-ssh-release/bcrypt_pbkdf-ruby/Rakefile:85:in `each'
/home/runner/work/net-ssh-release/net-ssh-release/bcrypt_pbkdf-ruby/Rakefile:85:in `block (2 levels) in <top (required)>'
/opt/hostedtoolcache/Ruby/3.1.0/x64/bin/bundle:25:in `load'
/opt/hostedtoolcache/Ruby/3.1.0/x64/bin/bundle:25:in `<main>'

Nevermind I've not built the gem:all the platform specific gems

@mfazekas
Copy link
Contributor

@h0tw1r3 I've added release actions into a private repo. I've released 1.1.1.rc2 https://rubygems.org/gems/bcrypt_pbkdf pls test and let me know

@mfazekas mfazekas closed this May 19, 2024
@h0tw1r3
Copy link
Contributor Author

h0tw1r3 commented May 19, 2024

@mfazekas looks good to me! Tested with puppet Bolt puppetlabs/bolt#3317

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@h0tw1r3 @mfazekas