[DRAFT] wordpress.org release (SPP-91) #228
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,103 @@ | ||
| # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json | ||
|
|
||
| name: wordpress.org publishing | ||
|
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| SVN_PLUGIN_SLUG: | ||
| description: "Plugin slug in the SVN repository. E.g. if plugin URL is https://wordpress.org/plugins/payoneer-checkout, slug is payoneer-checkout." | ||
| type: string | ||
| required: true | ||
|
|
||
| TEST_MODE: | ||
|
||
| description: "In test mode no commit to the SVN repository happens. Instead, files from trunk are provided as an artifact." | ||
| type: boolean | ||
| default: false | ||
| required: false | ||
|
|
||
| secrets: | ||
| SVN_USERNAME: | ||
| required: true | ||
|
|
||
| SVN_PASSWORD: | ||
| required: true | ||
|
|
||
| jobs: | ||
| update_svn_from_git: | ||
| # TODO: Set env vars here and remove an extra step. | ||
| # This works in real GH Actions but act doesn't support runner context at job level, so we had to create an extra step | ||
| # Desired format: | ||
| # env: | ||
| # SVN_REPO_PATH: "${{ runner.workspace }}/svn_repository" | ||
| # SVN_REPO_ROOT: "${{ runner.workspace }}/svn_repository/${{ inputs.SVN_PLUGIN_SLUG }}" | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| #TODO: remove this step (see the comment above for details) | ||
| - name: Configure paths | ||
| run: | | ||
|
Check failure on line 38 in .github/workflows/wordpress-org-release.yml
|
||
| echo "SVN_REPO_PATH=${{ runner.workspace }}/svn_repository" >> $GITHUB_ENV | ||
| echo "SVN_REPO_ROOT=${{ runner.workspace }}/svn_repository/${{ inputs.SVN_PLUGIN_SLUG }}" >> $GITHUB_ENV | ||
|
|
||
| - name: Install required tools | ||
| run: | | ||
| sudo apt-get update -y | ||
| sudo apt-get install -y subversion rsync | ||
|
|
||
| - name: Checkout git repository | ||
| uses: actions/checkout@v4 | ||
Biont marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| - name: Checkout SVN repository | ||
| run: | | ||
| set -euo pipefail | ||
| mkdir -p $SVN_REPO_PATH && cd $SVN_REPO_PATH | ||
| svn checkout "https://plugins.svn.wordpress.org/${{ inputs.SVN_PLUGIN_SLUG }}" | ||
|
|
||
| - name: Synchronize SVN repository with Git | ||
| run: | | ||
| set -euo pipefail | ||
|
|
||
| touch .distignore | ||
|
|
||
| rsync -rc \ | ||
| --delete \ | ||
| --delete-excluded \ | ||
| --exclude='.git' \ | ||
| --exclude='.svn' \ | ||
| --exclude='auth.json' \ | ||
| --exclude='.env' \ | ||
| --exclude='.env.*' \ | ||
| --exclude='composer.json' \ | ||
| --exclude='composer.lock' \ | ||
| --exclude='package.json' \ | ||
| --exclude='package-lock.json' \ | ||
| --exclude='yarn.lock' \ | ||
| --exclude='node_modules' \ | ||
| --exclude='.github' \ | ||
| --exclude='.ddev' \ | ||
| --exclude-from='.distignore' \ | ||
|
Member
There was a problem hiding this comment. question: And again: If we are intending to sync production artifacts from a build branch anyway, should we even dabble with bespoke exclude lists in the first place? Or are you explicitly aiming to support "simple" plugin publishing workflows directly off a dev branch? Is this something we need?
Contributor
Author
There was a problem hiding this comment. I'm assuming we don't know when/how this reusable workflow will be used. Not all projects use The exclusions provide sensible defaults ( What's the intended scope? I'd keep it as it is, but I'm open to removing exclusions if you are sure they are pointless.
Member
There was a problem hiding this comment. To me this is less about build&distribute in particular and more about the question if this workflow should be about publishing or about postprocessing and publishing My gut reaction what that "whatever lands here is intentionally in that state": If the release artifact wants to include the That said, I could be sacrificing security for ontologic purity. A pragmatic safety net against erroneously pushing sensitive stuff is hard to really argue against. suggestion: Perhaps though, a I would like others to weigh in on this as well. For me it's not a blocker, but I do see room for improvements.
Contributor
Author
There was a problem hiding this comment. After thinking a bit, I agree that excluding files like composer.json is probably too much. How about the middle ground like this:
? |
||
| "$GITHUB_WORKSPACE/" "$SVN_REPO_ROOT/trunk/" | ||
|
|
||
| - name: Update SVN tracking | ||
| run: | | ||
| set -euo pipefail | ||
|
|
||
| cd $SVN_REPO_ROOT | ||
| svn add . --force | ||
| svn status | grep '^!' | cut -c9- | while IFS= read -r file; do | ||
| svn delete "$file@" # @ suffix handles files with @ in name | ||
| done | ||
|
|
||
| - name: Commit changes to SVN repository | ||
| if: inputs.TEST_MODE != true | ||
| run: | #TODO: do SVN commit here | ||
| echo 'Committing...' | ||
|
|
||
| - name: Compress and upload trunk contents as an artifact | ||
| if: inputs.TEST_MODE == true | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: ${{ inputs.SVN_PLUGIN_SLUG }} | ||
| path: ${{ runner.workspace }}/svn_repository/${{ inputs.SVN_PLUGIN_SLUG }}/trunk | ||
| include-hidden-files: true | ||
| compression-level: 1 | ||
Uh oh!
There was an error while loading. Please reload this page.