-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consume GitHub releases #785
Comments
One of the issues found when deploying the reusable workflow into our pipelines is the fact that a workflow cannot be triggered by other workflow if the token used is the default GitHub token. That provoked that the More information regarding the issue can be found here: https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow This does not mean the workflow does not work, it only means that in order to be triggered by another workflow it needs to use a personal access token, manual releases of course trigger the workflow. We need to update the documentation to reflect this edge case. |
Should we support workflow dispatch? That one seems to be supported. |
Additionally to the How do you think it would be the flow for our use case? Once |
basically, the reusable workflow uses a tag as input. Then this workflow can be used from different parent jobs, either by being triggered explicitly or in a workflow that reacts to the Either way, the reusable workflow is the same but gets triggered/loaded in two different contexts, does it make sense? |
Closing this task in favor of its follow up one: #869 Additionally the following issues should be considered once tackling that task since they were not part of this one: |
We want to be able to attest a gitHub release in an easy way.
Ideally, we could have a reusable workflow/action that reacts to a
release
event and performs an attestation of all the published artifacts.As explained here #772 (comment) we can download all the artifacts using the GH CLI, and then we could push them to Chainloop by using a
CHAINLOOP_TOKEN
We could even automatically create a workflow if needed using also our new reusable workflow for that purpose cc/ @jiparis
Tasks
The text was updated successfully, but these errors were encountered: