Github Actions Download Release Asset
Ilana Crumley
This endpoint makes use of a Hypermedia relation to determine which URL to access. The endpoint you call to upload release assets is specific to your release. Use the upload_url returned inthe response of the Create a release endpoint to upload a release asset.
Since the main SuperCollider github repository moved to using Github Actions to automatically build, compile and release cross platform, I felt intrigued to use the same technology to do the same for SuperCollider plugins.There is a number of...
For the upload to target the release, all you have to do is set upload_url to the upload_url in the output of the release step. Then likewise you set the asset_path to the artifact to upload, and asset_name to what you want it named in the release.
The end result looks like this: In addition to the Source code (zip) (which does not contain the PHP dependencies), the release assets contain a graphql-api.zip file (which is the deliverable for my GraphQL API for WordPress plugin), which does have the PHP dependencies, and is the actual plugin to install in the WordPress site:
upload-release-asset should have been suitable for my use case, however I couldn't make it work properly, because this action creates a release, which is then uploaded as an asset. However, when tagging the source code (say, with v0.1.5), the release is already created! Hence, this tool would create yet-another release, which is far from ideal. And even worse, it requires parameter tag_name, but this tag can't be the same used for tagging the source code, or it gives a duplicated error. Then, my source code was being tagged twice: first manually as v0.1.5, and then automatically as plugin-v0.1.5. Very far from ideal.
And finally, we make use of JasonEtco/upload-to-release upload the .zip file as a release asset, under the release package which triggered the GitHub action. The secret secrets.GITHUB_TOKEN is implicit, GitHub already sets it up for us:
The question was how to find the upload_url to specify where to upload the assets. The documentation only provides an example workflow which creates a Release by itself in the preceeding step using the create-release action and then retrieves it using steps.create_release.outputs.upload_url.
Step 8 specifically is how I attach our binary builds to the release. Currently, I am building most of the binaries manually, but working on GitHub actions that will build and release them automatically.
@afarnham @tallariel either of you able to make it work with Xcode 13.3 BETA? Because I'm not . I tried with two different repositories and verified that the respective release assets can be downloaded with my /.netrc configuration.
@tomerd from what I understood Xcode 13.3 BETA should support downloading private github release assets, because it adds the application/octet-stream header, correct? I tried both, via the Xcode UI and the command line, no luck. Not sure if I'm still missing something, any help appreciated.
As outlined in this thread the asset url needs to be used and the .netrc file needs to contain an entry for machine api.github.com, GitHub user name for login and a personal access token scoped to access private repos as password.
To make your CI jobs repeatable, it makes more sense to have a hardcoded version of a release asset. Just make sure to update the version every now and then ?. If you just need to download the latest version of a release asset, then the above solution will be perfect!
The end result looks like this: In addition to the Source code (zip) (which does not contain the PHP dependencies), the release assets contain a gatographql.zip file, which does have the PHP dependencies, and is the actual plugin to install in the WordPress site:
Here's another nice way that GitHub Actions has simplified theway that I manage my open source projects: when I create a newrelease, GitHub Actions will run a release build and add thefinal build archive directly to the release itself as an asset.
Now when I create a release in the GitHub UI, I don't have to worryabout uploading any release assets myself. I don't have to rememberthe build property that I need to change to create the proper filename,and I don't have to upload it from my machine. Instead, a GitHubActions workflow run will be queued to take care of all of this for me.
After the release is created by the previous job, we want to upload binaries to it. For that, first, we should create a build strategy. What we can specify is the matrix of environment settings used for each asset build: operating systems, GHC versions, Cabal versions, any other data you find important at this point. Due to the specifics of the projects I initially created the workflow for (it is Stan, we have 3 platforms and 2 GHC versions in our matrix and we also excluded the windows for one of the GHC versions which gives us 3 x 2 - 1 = 5 assets in total.
The default workflow that CodeQL will propose links to the github/codeql-action action, of which a static copy is installed with each Enterprise Server update. This organization is hidden by default, but you can navigate to it with the direct link. The issue here is that these action repos (github/dependabot-action and all repos in the actions org) only have the source code linked and updated with each Enterprise Server update. Since the CodeQL bundle is stored as a release asset, it is missing from the appliance. The bundle contains all CodeQL queries, including the security-extended and security-and-quality query types.
After downloading the codeql-action-sync-tool, you need to make sure you have write access to the github organization. By default you do not have it, so you cannot write to the release assets or anything else in this org. That means we need to promote the user that will execute the syncing to an owner of the github org.
First, we download the file containing our release URL that we created in the createrelease job just before.
Then, using bash, we extract the URL from the file and save it to a variable.
Finally, we upload the packages created in the steps before, i.e. the MacOS and Windows package of our app. For that, we use the URL stored in the variable from before, which points at the location where we can upload assets for the release created before.
There, you can also go into more depth and check the details of your build, e.g. see what commands are executed on the cloud machine. This is helpful when there are issues with the workflow.
In our case, the build was successful. Hence, the new release has been created and the packages for MacOS and Windows have been added as assets to it:
Golo uses a convention where release tags are prefixed with milestone/ and release/. We consequently can test when a GitHub release has to be created because a tag has been pushed (if: startsWith(github.ref, 'refs/tags/')) and when it shall be marked as a release or a pre-release (prerelease: startsWith(github.ref, 'refs/tags/milestone/')).
Note that the GitHub release is created as a draft here because we prefer to make it live manually from the GitHub interface, but you may just directly publish it. You can also define some text / release notes using the actions/create-release action, possibly generated from a script of yours.
Once your tests have run, we then need to know whether we should start a new release. If we're just running the tests in a PR branch for example we don't. This is where our .github/workflows/package.yml file kicks in.
In this demo, we are using a build script to create our final release asset. We do a couple of interesting things for the purpose of the demo which you will find in the comments of the build file. The important thing is though that we are passing the build script the version of the next deployable version and also any release notes that were gleaned from the commits that triggered that new release.
So that's a run through of building and packaging new release assets. If you look in the releases section for the demo repo you can see all the releases created and how the zip file we packaged up is attached.
The build step turned out to be the easiest part of the process since there was a ready made action that worked pretty much out of the box. Publishing the release required a bit more attention, but in the end it was rather simple with the use of the correct actions and some custom scripting.Publish a releaseGiven a set of merged pull requests after the last release, we want to be able create a new release that has the correct version increment and references the pull requests in the release notes. Most of the heavy lifting in this pipeline is done by the release-drafter/release-drafter action. With a bit of additional scripting we can build a system that also commits the new version number in version control, and finally makes the release public.
After configuring main you can also configure the release runner from the actions-runner-release folder. You don't need to re-download, but you will need to create a hew runner on GitHub to get a new token.
Our ultimate goal with the release board is that we want it flashed whenever we do a release from GitHub. Creating a release can be automated with GitHub actions, but I like the release process to have a manual trigger so that a human can:
Returning to the commands, we start with uses: actions/download-artifact@v1 , which downloads an asset of name aab, the same asset our last example uploaded. This means that this first command assumes that a job like the one from our last example is ran beforehand in order to find the required artifacts.
Specifies the files you want to upload as assets of the release. You can use wildcard characters to specify multiple files. For example, use $(Build.ArtifactStagingDirectory)/*.zip for build pipelines or use $(System.DefaultWorkingDirectory)/*.zip for release pipelines.
Specifies the asset upload mode you want to use. Use the delete (Delete existing assets) option to first delete any existing assets in the release and then upload all assets. Use the replace (Replace existing assets) option to replace any assets that have the same name.
df19127ead