Skip to content

Commit

Permalink
Release v0.10 (#349)
Browse files Browse the repository at this point in the history
* workflows: Construct GH release changelog with awk

Get the GH release chnagelog from docs/CHANGLEOG.md. This is copied
from python-tuf.
* awk is used to find get the changelog entries for this release only
* The upload artifact now contains two paths (dist dir and changelog
  snippet file)
* This changes how the artifact is formed so download-artifact
  has to change as well

* Bump versions for 0.10.0, add changlog entry
  • Loading branch information
jku authored May 27, 2024
1 parent 8c503d9 commit a486e2d
Show file tree
Hide file tree
Showing 5 changed files with 44 additions and 14 deletions.
22 changes: 11 additions & 11 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,18 @@ jobs:
- name: Install build dependencies
run: python3 -m pip install -c build/build-constraints.txt build

- name: Build binary wheel and source tarball
run: PIP_CONSTRAINT=build/build-constraints.txt python3 -m build --sdist --wheel --outdir dist/ signer/
- name: Build release changelog, signer wheel & source tarball
run: |
PIP_CONSTRAINT=build/build-constraints.txt python3 -m build --sdist --wheel --outdir dist/ signer/
awk "/## $GITHUB_REF_NAME/{flag=1; next} /## v/{flag=0} flag" docs/CHANGELOG.md > changelog
- name: Store build artifacts
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: signer-artifacts
path: dist
name: build-artifacts
path: |
dist
changelog
release-pypi:
name: Release Signer on PyPI
Expand All @@ -42,8 +46,7 @@ jobs:
- name: Fetch build artifacts
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: signer-artifacts
path: dist
name: build-artifacts

- name: Publish binary wheel and source tarball on PyPI
if: github.repository == 'theupdateframework/tuf-on-ci'
Expand All @@ -59,8 +62,7 @@ jobs:
- name: Fetch build artifacts
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: signer-artifacts
path: dist
name: build-artifacts

- name: Make a GitHub release
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
Expand All @@ -72,9 +74,7 @@ jobs:
repo: context.repo.repo,
name: '${{ github.ref_name }}',
tag_name: '${{ github.ref }}',
body: 'See [CHANGELOG.md](https://github.com/' +
context.repo.owner + '/' + context.repo.repo +
'/blob/${{ github.ref_name }}/docs/CHANGELOG.md) for details.'
body: fs.readFileSync('changelog', 'utf8'),
})
fs.readdirSync('dist/').forEach(file => {
github.rest.repos.uploadReleaseAsset({
Expand Down
30 changes: 30 additions & 0 deletions docs/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,36 @@

## Unreleased

## v0.10.0

Release includes several new features. It also fixes an issue with TUF keyids,
see issue #292 (note that existing keyids are not automatically made compliant:
`tuf-on-ci-delegate --force-compliant-keyids` can be used in a signing event to
make that happen).

GitHub workflows require no changes (but you may want to add a
`.github/TUF_ON_CI_TEMPLATE/failure.md` file, see below).

**Changes**

* Artifact directories can now be up to 5 levels deep (#238)
* actions: All action requirements are now version pinned (#248)
* actions: `.github/TUF_ON_CI_TEMPLATE/failure.md` can now be used to
define custom content for workflow failure issues (#270)
* `build-repository` action: A human readable repository description
is generated in index.html in the published metadata dir (#313)

**Fixes**

* signer: keyid generation was fixed to be specification compliant (#294)
* A feature was added to fix noncompliant keyids in repositories
where they non-compliant keyids already present (#338)
* `test-repository` action: Use a better default artifact-url (#275),
handle a initial root in more cases (#346)
* `build-repository` action: Delegation tree is now used to decide which
metadata to include in published repo (#344)
* tuf minimum dependency is now correctly set to 3.1 (#329)

## v0.9.0

GitHub Actions users are adviced to upgrade for safer dependency
Expand Down
2 changes: 1 addition & 1 deletion docs/RELEASE.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
1. Ensure `docs/CHANGELOG.md` contains a summary of notable changes since the
prior release. Check that all required changes to workflows that
call our actions are clearly documented.
2. Update version number in `signer/pyproject.toml` and `repo/pyproject.toml`
2. Update version number in `signer/tuf_on_ci_sign/__init__.py` and `repo/tuf_on_ci/_version.py`
3. Create a PR with the updated CHANGELOG and version bumps.
4. Once the PR is merged, create a signed tag for the version number on the merge commit
`git tag --sign vA.B.C -m "vA.B.C"`
Expand Down
2 changes: 1 addition & 1 deletion repo/tuf_on_ci/_version.py
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "0.9.0"
__version__ = "0.10.0"
2 changes: 1 addition & 1 deletion signer/tuf_on_ci_sign/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@
from tuf_on_ci_sign.import_repo import import_repo
from tuf_on_ci_sign.sign import sign

__version__ = "0.9.0"
__version__ = "0.10.0"

__all__ = ["delegate", "import_repo", "sign"]

0 comments on commit a486e2d

Please sign in to comment.