Automating plugin release process via GitHub Actions
6 views
Skip to first unread message
Radek Antoniuk
Mar 27, 2020, 3:15:54 PM3/27/20
to Jenkins Developers
I'm thinking about automating the plugin release process using GH Actions:
It seems that the process for setting this up for releasing on GH is quite straightforward.
The issue is uploading the new artifact to the Artifactory, for what we need the credentials that are managed through:
There are two problems here:
- what user should be used in GH action to push to Artifactory
- the GH secrets can be only created by GH org owners
Do you think it's a good idea to try this out?
For me the benefits are:
For me the benefits are:
- the release process will be done in a standard environment defined by the used docker image (obviously could be done locally but that's the point not to do have the need to do it in docker locally)
- the process can be automated, e.g. "do a release at the last day of month if there were any new PRs merged" - that would increase transparency and predictability on the releases
Cheers,
Radek
Matt Sicker
Mar 27, 2020, 3:29:32 PM3/27/20
to jenkin...@googlegroups.com
This sounds like it might relate well to a reproducible builds project
of some sort. Ideally we'd be able to do that in ci.jenkins.io, though
credentials management is a little less fine-grained there, so doing
so that way would likely required a trusted CI/CD environment.
Whether it's in Jenkins, GitHub Actions, or elsewhere, what I've
always done is create dedicated CD credentials while limiting said
credentials' access scopes as much as possible.
> --
> You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/a799d799-6015-4252-8eb6-8d7f06a76609%40googlegroups.com.
--
Matt Sicker
Senior Software Engineer, CloudBees
of some sort. Ideally we'd be able to do that in ci.jenkins.io, though
credentials management is a little less fine-grained there, so doing
so that way would likely required a trusted CI/CD environment.
Whether it's in Jenkins, GitHub Actions, or elsewhere, what I've
always done is create dedicated CD credentials while limiting said
credentials' access scopes as much as possible.
> You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/a799d799-6015-4252-8eb6-8d7f06a76609%40googlegroups.com.
--
Matt Sicker
Senior Software Engineer, CloudBees
Slide
Mar 27, 2020, 3:32:18 PM3/27/20
to Jenkins Developer List
There has been some discussion about automating plugin releases in the past. I think it would make more sense to do something on ci.jenkins.io, but you'd run into similar issues with user creds for upload.
Jesse Glick
Mar 27, 2020, 4:22:37 PM3/27/20
to Jenkins Dev
On Fri, Mar 27, 2020 at 3:32 PM Slide <slide...@gmail.com> wrote:
> There has been some discussion about automating plugin releases in the past.
https://jenkins.io/jep/221
> There has been some discussion about automating plugin releases in the past.
and a working PoC
https://github.com/jenkinsci/log-cli-plugin/tree/master/.github/workflows
but for general usage we had discussed using a dedicated private
Jenkins server, not GitHub Actions.
Radosław Antoniuk
Mar 27, 2020, 5:33:58 PM3/27/20
to jenkin...@googlegroups.com
Thanks Jesse for this links, very interesting.
I like the idea that is proposed in JEP and even though I am a fan of GitOps, I think that in the current GH organisation plugin layout, the JEP #221 approach is a better first step.
I would probably drop the customisation of the plugin versioning and enforce a standarization (gitflow, master branch) to ensure we have a common approach among all plugins.
As you mentioned, I suppose that I should not take the PoC setup to implement it in jira-plugin as it should be handled by the infra invisibly..
So as the status of this JEP is a proposal, what's the next step for making this happen?
--
You received this message because you are subscribed to a topic in the Google Groups "Jenkins Developers" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/jenkinsci-dev/dNzLGbm36mQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to jenkinsci-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr0ctfepOARVexG2eNEAeE5SMe7-M1qWK8KrCzJS%3DDWuyQ%40mail.gmail.com.
Jesse Glick
Mar 27, 2020, 6:28:25 PM3/27/20
to Jenkins Dev
On Fri, Mar 27, 2020 at 5:33 PM Radosław Antoniuk
<radek.a...@gmail.com> wrote:
> So as the status of this JEP is a proposal, what's the next step for making this happen?
Karl Shultz was hoping to find time to move it along. Needs effort
<radek.a...@gmail.com> wrote:
> So as the status of this JEP is a proposal, what's the next step for making this happen?
from Jenkins infra people, which is a scarce resource.
Reply all
Reply to author
Forward
0 new messages