Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

In generate-screenshots workflow, use commit action for generating signing commits #8683

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

In generate-screenshots workflow, use commit action for generating signing commits #8683

wants to merge 3 commits into from

Conversation

angusbayley
Copy link
Contributor

@angusbayley angusbayley commented Dec 13, 2024
edited
Loading

Ticket here

Uses the ghcommit action to make a verified commit for the generated screenshots.

In this PR we replace our manual git commands for creating a commit with the ghcommit action, which makes a request to the Github API to create a commit instead. In this PR we use that action, but provide the GITHUB_TOKEN to authenticate the request. The GITHUB_TOKEN is locally scoped to just that workflow run (i.e. short lived), and is generated by Github. When Github receives the request it parses the GITHUB_TOKEN and recognises the commit as originating from the repo's own actions, marking it as Verified on this basis. Verification that the commit is generated within the repo's actions is sufficient because 3rd parties (people outside the Ledger organisation) cannot initiate a generate-screenshots run.

Test PR for this is #8806, with the workflow run here. 🟢, commit generated and verified

Screenshot 2025-01-06 at 10 39 33

During this work 2 other approaches were tried

  1. using swinton/commit, suggested in this comment. Contrary to that comment, that action is not implemented anywhere in the earn repo. I tried this action and it works fine for single-file commits but it doesn't have a documented way of adding multiple files simultaneously. It's a single-developer effort (perhaps explains the lack of support for common use cases) and isn't actively maintained. Even if I had found a hack for adding multiple files I wasn't comfortable introducing this to the team - not clean enough, high risk of it being hard to work with in the future
  2. using GPG encryption with live-github-bot's credentials. This didn't work because live-github-bot's email address contains [ and ] characters, which GPG does not recognise as valid characters in an email address

@vercel Vercel
Copy link

vercel bot commented Dec 13, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

4 Skipped Deployments
Name Status Preview Comments Updated (UTC)
ledger-live-github-bot ⬜️ Ignored (Inspect) Visit Preview Jan 6, 2025 10:27am
native-ui-storybook ⬜️ Ignored (Inspect) Visit Preview Jan 6, 2025 10:27am
react-ui-storybook ⬜️ Ignored (Inspect) Visit Preview Jan 6, 2025 10:27am
web-tools ⬜️ Ignored (Inspect) Visit Preview Jan 6, 2025 10:27am

@live-github-bot live-github-bot bot added desktop Has changes in LLD tools Has changes in tools labels Dec 13, 2024
@angusbayley angusbayley changed the title Support/signed screenshot gh commits swinton [Experimental] Generate screenshots, use swinton for signing commits Dec 13, 2024
@live-github-bot live-github-bot bot added the screenshots Screenshots have been updated label Dec 16, 2024
@angusbayley angusbayley force-pushed the support/signed-screenshot-gh-commits-swinton branch from 4445fae to 4a4f0a2 Compare December 16, 2024 16:03
@live-github-bot live-github-bot bot added automation CI/CD stuff screenshots Screenshots have been updated and removed screenshots Screenshots have been updated labels Dec 16, 2024
@angusbayley angusbayley force-pushed the support/signed-screenshot-gh-commits-swinton branch from 9d16423 to e792d4b Compare December 16, 2024 16:21
@live-github-bot live-github-bot bot removed the screenshots Screenshots have been updated label Dec 16, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 1, 2025

There as been no activity on this PR for the last 14 days. Please consider closing this PR.

@github-actions github-actions bot added the Stale label Jan 1, 2025
@angusbayley angusbayley force-pushed the support/signed-screenshot-gh-commits-swinton branch from 4333726 to c807106 Compare January 2, 2025 18:07
@live-github-bot live-github-bot bot removed the automation CI/CD stuff label Jan 2, 2025
@angusbayley angusbayley mentioned this pull request Jan 2, 2025
Closed
@live-github-bot live-github-bot bot added the automation CI/CD stuff label Jan 2, 2025
@angusbayley angusbayley force-pushed the support/signed-screenshot-gh-commits-swinton branch 5 times, most recently from 2416902 to d4fa67a Compare January 6, 2025 10:04
@live-github-bot live-github-bot bot removed the desktop Has changes in LLD label Jan 6, 2025
@angusbayley angusbayley force-pushed the support/signed-screenshot-gh-commits-swinton branch from d4fa67a to f3e5116 Compare January 6, 2025 10:05
@angusbayley angusbayley force-pushed the support/signed-screenshot-gh-commits-swinton branch from a3b7bcf to 6b6e751 Compare January 6, 2025 10:08
@angusbayley angusbayley changed the title [Experimental] Generate screenshots, use swinton for signing commits Generate screenshots, use commit action for generating signing commits Jan 6, 2025
@angusbayley angusbayley mentioned this pull request Jan 6, 2025
Draft
2 tasks
@angusbayley angusbayley marked this pull request as ready for review January 6, 2025 10:48
@angusbayley angusbayley changed the title Generate screenshots, use commit action for generating signing commits In generate-screenshots workflow, use commit action for generating signing commits Jan 6, 2025
themooneer
themooneer approved these changes Jan 6, 2025
View reviewed changes
Copy link
Contributor

@themooneer themooneer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@themooneer themooneer themooneer approved these changes

Assignees

@angusbayley angusbayley

Labels
automation CI/CD stuff Stale tools Has changes in tools
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@angusbayley @themooneer