Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: fix npm-publish dependencies and add provenance #3099

Merged
merged 1 commit into from
Dec 2, 2024
Merged

chore: fix npm-publish dependencies and add provenance #3099

merged 1 commit into from
Dec 2, 2024

Conversation

legendecas
Copy link
Member

@legendecas legendecas commented Dec 2, 2024
edited
Loading

The npm-publish steps depends on output variable release-please.outputs.release_created. Without this variable the steps are skipped, e.g. https://github.com/nodejs/node-gyp/actions/runs/12087642317.

Adds npm provenance statements: https://docs.npmjs.com/generating-provenance-statements#example-github-actions-workflow.

The release-please bot created PR needs an additional token to trigger CI runs:

When you use the repository's GITHUB_TOKEN to perform tasks, events triggered by the GITHUB_TOKEN will not create a new workflow run. This prevents you from accidentally creating recursive workflow runs.
https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/triggering-a-workflow#triggering-a-workflow-from-a-workflow

Removing the always skipped release tests for now.

@legendecas legendecas mentioned this pull request Dec 2, 2024
Closed
@legendecas
Copy link
Member Author

@nodejs/node-gyp would you mind taking a look at this so that we can release v10.3.0? Thank you!

cclauss
cclauss reviewed Dec 2, 2024
View reviewed changes
.github/workflows/tests.yml
@@ -19,7 +19,8 @@ jobs:
steps:
- uses: actions/checkout@v4
- run: pip install --user ruff
- run: ruff check --output-format=github --select="E,F,PLC,PLE,UP,W,YTT" --ignore="E721,PLC1901,S101,UP031" --target-version=py38 .
# Excluding `/gyp` directory as it is been checked in https://github.com/nodejs/gyp-next/ already
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This assumption does not make me comfortable. When you vendor-in source code, it becomes your code, and you should run your own tests on it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we run two separate checks? It would be great to surface issues in /gyp because we do vendor it. But in the past it has created friction because a linting error in /gyp code would fail all of CI.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@legendecas Can we revert this part and re-open as a new PR? It would be nice to unblock the release from CI and figure out python linting in a separate discussion.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is added because the ruff check is failing in this repo: https://github.com/nodejs/node-gyp/actions/runs/12087642318/job/33709509643. But the ruff check is not failing on the gyp-next repo.

There are differences on the ruff configurations between the two repos. I'm fine with reverting this one but we will have to merge this PR with failing CIs.

Copy link
Member

@lukekarrys lukekarrys Dec 2, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the explanation @legendecas, I didn't realize CI was failing. I think this change should be landed to make CI green and a new issue/PR opened to get two different ruff checks running, each with the correct configuration.

lukekarrys
lukekarrys approved these changes Dec 2, 2024
View reviewed changes
Copy link
Member

@lukekarrys lukekarrys left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved but I think the ruff check changes should move to a separate PR discussion.

@legendecas legendecas force-pushed the fix-release branch 2 times, most recently from 057d4ee to b2f127c Compare December 2, 2024 20:20
@lukekarrys lukekarrys merged commit 6dded88 into nodejs:main Dec 2, 2024
34 checks passed
@github-actions github-actions bot mentioned this pull request Dec 2, 2024
Merged
@legendecas legendecas deleted the fix-release branch December 2, 2024 20:36
@legendecas legendecas mentioned this pull request Dec 2, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cclauss cclauss cclauss left review comments

@lukekarrys lukekarrys lukekarrys approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@legendecas @lukekarrys @cclauss