Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: helper scripts for updating chocolatey #1360

Merged
merged 4 commits into from
Mar 12, 2020
Merged

chore: helper scripts for updating chocolatey #1360

merged 4 commits into from
Mar 12, 2020

Conversation

hacdias
Copy link
Member

@hacdias hacdias commented Feb 24, 2020

This PR creates an helper script to help with the chocolatey update procedure. After releasing a version, wait for the binaries to be available on the releases page. Then:

  1. node pkgs/chocolatey/update.js $version
  2. git commit -m "chore: update choco [pubchoco]" - the pubchoco part must be there
  3. git push and wait for AppVeyor which should publish the package.

Obviously I could not test this. The script for updating the nuspec file works well. We just need to test the third step on the next release.

@hacdias hacdias requested a review from lidel February 24, 2020 18:46
lidel
lidel requested changes Feb 24, 2020
View reviewed changes
Copy link
Member

@lidel lidel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, automating this is super useful!
Before we merge, I want to address a small concern below.

lidel
lidel reviewed Feb 24, 2020
View reviewed changes
appveyor.yml Outdated
@@ -22,4 +22,14 @@ build_script:
- npm run test:e2e
- npm run build

on_success:
- ps: |
if ($env:APPVEYOR_REPO_COMMIT_MESSAGE -Match "pubchoco") {
Copy link
Member

@lidel lidel Feb 24, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ugh, github lost my comment, so writing again...

@hacdias Appveyor runs on every PR. In theory someone could PR a downgrade attack with nuspec pointing at older version. What would Cocolatey do in that case? Reject? Override latest version with old one?

Perhaps we could harden this to run only if branch name is master and build is not a PR

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changed. However, couldn't someone just change the code? And mame a PR and hijack the releases anyways? There's a way to define scripts that does not include .appveyor.yml (see docs). However, someone with enough knowledge could trigger the update too...

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually not, if we define like they do on the docs (on the UI itself), it won't be on .appveyor.yml thus it will be locked to master.

@hacdias
Copy link
Member Author

hacdias commented Feb 26, 2020

@lidel so I removed that bit from .appveyor.yml and added it to the interface:

image

This way no one can change it!

@hacdias hacdias requested a review from lidel February 27, 2020 19:02
@hacdias @lidel
chore: add chocolatey magic
30d5c1a 
License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
@hacdias @lidel
fix: indentation
e589e28 
License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
@hacdias @lidel
check if it's mater
4a733b2
@hacdias @lidel
do not change appveyor
333bae2
@lidel lidel force-pushed the chore/semi-auto-choco branch 2 times, most recently from 6c4f075 to 333bae2 Compare March 12, 2020 16:33
@lidel lidel changed the title chore: helper scripts for chocolatey update chore: helper scripts for updating chocolatey Mar 12, 2020
@lidel lidel merged commit 167751c into master Mar 12, 2020
@lidel lidel deleted the chore/semi-auto-choco branch March 12, 2020 16:43
@lidel
Copy link
Member

lidel commented Mar 12, 2020

@hacdias I tried pubchoco in c23ff54 in but did not seem to publish new version at https://chocolatey.org/packages/ipfs-desktop

I know you don't have bandwidth for looking into this, so let's leave automation for now.
Do you mind publishing 0.10.4 manually, in spare time?

@hacdias
Copy link
Member Author

hacdias commented Mar 13, 2020

@lidel done. I'm sad it didn't work. Looking at the logs, it doesn't even seem that the script was executed...

lidel added a commit that referenced this pull request Sep 25, 2020
@lidel
docs: update chocolatey checklist
11486a6 
Automation set up on AppVeyor is broken, let's go with manual steps for now:
#1360 (comment)

License: MIT
Signed-off-by: Marcin Rataj <lidel@lidel.org>
@lidel lidel mentioned this pull request Sep 25, 2020
Merged
jessicaschilling pushed a commit that referenced this pull request Sep 28, 2020
@lidel
docs: update chocolatey checklist (#1655)
05ee3b4 
Automation set up on AppVeyor is broken, let's go with manual steps for now:
#1360 (comment)

License: MIT
Signed-off-by: Marcin Rataj <lidel@lidel.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lidel lidel Awaiting requested review from lidel

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hacdias @lidel