Skip to content

Fix release workflow to trigger changelog workflow #40654

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 27, 2025
Merged

Fix release workflow to trigger changelog workflow #40654

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions .github/workflows/dist.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ jobs:
CAN_DEPLOY: ${{ secrets.SAGEMATH_PYPI_API_TOKEN != '' && github.event_name != 'pull_request' }}
steps:
- uses: actions/checkout@v4

- name: Setup Conda environment
uses: conda-incubator/setup-miniconda@v3
with:
Expand Down Expand Up @@ -141,14 +141,14 @@ jobs:
path: dist
- name: Create release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_PAT: ${{ secrets.RELEASE_CREATION_TOKEN }}
Copy link
Contributor

@tobiasdiez tobiasdiez Aug 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How is the PAT created (eg is it's Volkers)? Will it expire?

Copy link
Collaborator Author

@kwankyu kwankyu Aug 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is mine. No expiration.

Copy link
Contributor

@tobiasdiez tobiasdiez Aug 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay. If I understand it correctly, then the releases would be then associated to your account. I don't have a very strong opinion about this, but prefer how it's currently says "github-actions" as the creator - makes it very clear that the release was automatically created.

Copy link
Contributor

@user202729 user202729 Aug 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually if you mean the committer in https://github.com/sagemath/website/commits/master/ , it's set in the workflow rather than by the owner of the token. So this change wouldn't affect the committer.

Copy link
Contributor

@tobiasdiez tobiasdiez Aug 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With these changes the releases created in https://github.com/sagemath/sage/releases will appear as if they were created manually by @kwankyu.

I still don't get why it's not better to simple put the script that triggers the website update here in the dist workflow.

Copy link
Contributor

@user202729 user202729 Aug 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually, maybe you're right. I don't think it's an issue though.

Copy link
Collaborator Author

@kwankyu kwankyu Aug 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With these changes the releases created in https://github.com/sagemath/sage/releases will appear as if they were created manually by @kwankyu.

@vbraun You may set your own PAT (Personal Access Token) to the "RELEASE_CREATION_TOKEN" secret, any time before the next stable release.

(but if we ever worry a leak of PAT, then putting my PAT is less destructive than one of the repo owners.)

I still don't get why it's not better to simple put the script that triggers the website update here in the dist workflow.

Perhaps we may need some time delay between "releasing" and "creating changelogs". And triggering the website update seems to be out of concern of the "dist" workflow.

But I have no strong opinion. You may experiment your idea after we check that the change of the present PR works well on the next release.

Copy link
Contributor

@tobiasdiez tobiasdiez Aug 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(but if we ever worry a leak of PAT, then putting my PAT is less destructive than one of the repo owners.)

Just to check, do you actually have the rights to create a new release? (I.e. can you do this manually?)

Copy link
Collaborator Author

@kwankyu kwankyu Aug 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. I have "admin" role.

run: |
latest_release_tag=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases \
| jq -r 'sort_by(.created_at) | last(.[]).tag_name')
release_notes=$(curl -s \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $GITHUB_TOKEN" \
-H "Authorization: Bearer $GITHUB_PAT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/${{ github.repository }}/releases/generate-notes \
-d "{
Expand All @@ -160,7 +160,7 @@ jobs:
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $GITHUB_TOKEN" \
-H "Authorization: Bearer $GITHUB_PAT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/${{ github.repository }}/releases \
-d "{
Expand All @@ -174,6 +174,8 @@ jobs:
files: |
dist/*
upstream/*
token: ${{ secrets.GITHUB_TOKEN }}
tag_name: ${{ github.ref_name }}
permissions:
contents: write

Expand Down
Loading