Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade the version of the action steps #27

Merged
merged 1 commit into from
Mar 7, 2024
Merged

Upgrade the version of the action steps #27

merged 1 commit into from
Mar 7, 2024

Conversation

Mystery00
Copy link
Contributor

@Mystery00 Mystery00 commented Mar 6, 2024
edited by ruibaby
Loading

根据Github的相关文档说明,在后期会弃用set-output的方式设置Action的返回值,因此按照文档的方式对设置返回值的逻辑进行修改,同时更新目前使用到的Actions的版本,规避set-output的问题同时修复低版本Actions中可能存在的漏洞

Github文档: GitHub Actions: Deprecating save-state and set-output commands

None

@f2c-ci-robot f2c-ci-robot bot added the do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. label Mar 6, 2024
@f2c-ci-robot f2c-ci-robot bot requested review from guqing and JohnNiang March 6, 2024 12:19
@Mystery00
Copy link
Contributor Author

修改之前:
https://github.com/Mystery00/halo-plugin-telegram-moment/actions/runs/8171712106
image

修改之后:
https://github.com/Mystery00/halo-plugin-telegram-moment/actions/runs/8171822554
image

@Mystery00
Copy link
Contributor Author

长久来看,可以提供一个公开的workflows仓库,将插件的构建流程写到workflows仓库中,starter模板引用workflows仓库的流水线内容,需要自定义的部分以参数的形式提供,以下是相关文档:
Reusing workflows

实践内容可参考: https://github.com/Mystery0Tools/workflows/tree/main/.github/workflows

@ruibaby
Copy link
Member

ruibaby commented Mar 6, 2024

长久来看,可以提供一个公开的workflows仓库,将插件的构建流程写到workflows仓库中,starter模板引用workflows仓库的流水线内容,需要自定义的部分以参数的形式提供,以下是相关文档: Reusing workflows

实践内容可参考: Mystery0Tools/workflows@main/.github/workflows

不错的建议,是有这个计划的,可以 follow:halo-sigs/actions#10

但暂时还没时间弄。

@f2c-ci-robot f2c-ci-robot bot added release-note-none Denotes a PR that doesn't merit a release note. and removed do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. labels Mar 6, 2024
ruibaby
ruibaby reviewed Mar 6, 2024
View reviewed changes
Copy link
Member

@ruibaby ruibaby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

感谢 @Mystery00 的贡献。

/lgtm

@f2c-ci-robot f2c-ci-robot bot added the lgtm Indicates that a PR is ready to be merged. label Mar 6, 2024
@guqing
Copy link
Member

guqing commented Mar 7, 2024

/retitle Upgrade the version of the action steps

@f2c-ci-robot f2c-ci-robot bot changed the title fix: 更新workflows中对应Actions的版本 Upgrade the version of the action steps Mar 7, 2024
@f2c-ci-robot f2c-ci-robot bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 7, 2024
JohnNiang
JohnNiang approved these changes Mar 7, 2024
View reviewed changes
Copy link
Member

@JohnNiang JohnNiang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@f2c-ci-robot f2c-ci-robot
Copy link

f2c-ci-robot bot commented Mar 7, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: guqing, JohnNiang

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@guqing guqing merged commit b317992 into halo-dev:main Mar 7, 2024
1 check passed
@sczhaoqi
Copy link

sczhaoqi commented Apr 3, 2024

@Mystery00 @guqing
uses: actions/github-script@v7 对应 github.repos.uploadReleaseAsset 应该为 github.rest.repos.uploadReleaseAsset
同时 workflow权限需要调整为Read and write permissions

Settings -> Actions -> General -> Workflow permissions -> Read and write permissions

@guqing
Copy link
Member

guqing commented Apr 3, 2024
edited
Loading

@Mystery00 @guqing uses: actions/github-script@v7 对应 github.repos.uploadReleaseAsset 应该为 github.rest.repos.uploadReleaseAsset 同时 workflow权限需要调整为Read and write permissions

Settings -> Actions -> General -> Workflow permissions -> Read and write permissions

Hi @sczhaoqi , 感谢提醒,我们已经提供了新的 workflows 配置可以引用,已经考虑到了这个问题,稍后我会提交一个 PR 来替换 workflow 的配置 , 可以查看 #28

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ruibaby ruibaby ruibaby left review comments

@guqing guqing guqing approved these changes

@JohnNiang JohnNiang JohnNiang approved these changes

Assignees

@ruibaby ruibaby

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Mystery00 @ruibaby @guqing @sczhaoqi @JohnNiang