configure_trusted_publisher 0.1.9 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/configure_trusted_publisher/cli.rb +16 -9
  3. data/lib/configure_trusted_publisher/version.rb +1 -1
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '069cf11b54abc980ac845968c09a93b3779aa4153ca6ae8c4e58093352fd5270'
4
- data.tar.gz: 4da5f62636b14c6837fadb4847f27e3267b13797ba4e4c66a4e9bbbfe35adc48
3
+ metadata.gz: d4063894eb8d32f89d80f648495ec44f371bcc25bf2d99271561fee8f6eb16aa
4
+ data.tar.gz: 0d4614f796f4f458c13ccef078958157cbda475921dc4623ba3d701c22389602
5
5
  SHA512:
6
- metadata.gz: 146c6c690a138f3c837aa7aee7fa39e25b9cbc08a30884a2441fcf796ca46e691814ca1c039d10e2ecc8fe4309b91aebd67152a95fc062e050cb41957f4fe9b9
7
- data.tar.gz: 9aeff4f526331e46da39edba8bacc5eebfea0f6d2ab6b703195032dec8c0c4842ca34136a4cca35e995741864a12ad484a0e99781a941eb1c8ddb4d1f151c1f0
6
+ metadata.gz: 108346ca991c5646cc1254ebf9e3b4de2d2b3022df22d9371f358af971d0a84088c3bdf6376b9c02c964953142a74a5996cb852b58eaa154870fd5f06ba90836
7
+ data.tar.gz: 281d5f2a87faff016123879c0184dae205bd55eec0724128d816ef89ef925673c1ad4e74df6a3e1141fe62e327e897e76090ad2b2c17efcd1351e14e4588a9f0
data/lib/configure_trusted_publisher/cli.rb CHANGED
@@ -169,7 +169,7 @@ module ConfigureTrustedPublisher
169
169
  },
170
170
  terminate_interaction: lambda { |msg|
171
171
  puts
172
- exit msg
172
+ abort msg
173
173
  },
174
174
  otp: options[:otp]
175
175
  )
@@ -253,8 +253,8 @@ module ConfigureTrustedPublisher
253
253
  "prerequisites for the action?")
254
254
 
255
255
  if Bundler.which("gh").nil?
256
- exit "The GitHub CLI (gh) is required to add a GitHub environment. " \
257
- "Please install it from https://cli.github.com/ and try again."
256
+ abort "The GitHub CLI (gh) is required to add a GitHub environment. " \
257
+ "Please install it from https://cli.github.com/ and try again."
258
258
  end
259
259
 
260
260
  env_name = "rubygems.org"
@@ -262,7 +262,7 @@ module ConfigureTrustedPublisher
262
262
  owner, name = github_repository
263
263
  puts "Adding GitHub environment to #{owner}/#{name} to protect the action"
264
264
  if (env = Open3.capture2e("gh", "api", "repos/#{owner}/#{name}/environments").then do |output, status|
265
- exit "Failed to list environments for #{owner}/#{name} using `gh api`:\n#{output}" unless status.success?
265
+ abort "Failed to list environments for #{owner}/#{name} using `gh api`:\n#{output}" unless status.success?
266
266
 
267
267
  JSON.parse(output)["environments"].find { |e| e["name"] == env_name }
268
268
  end)
@@ -273,7 +273,7 @@ module ConfigureTrustedPublisher
273
273
  Open3.capture2e("gh", "api", "--method", "PUT",
274
274
  "repos/#{owner}/#{name}/environments/#{env_name}").then do |output, status|
275
275
  unless status.success?
276
- exit "Failed to create rubygems.org environment for #{owner}/#{name} using `gh api`:\n#{output}"
276
+ abort "Failed to create rubygems.org environment for #{owner}/#{name} using `gh api`:\n#{output}"
277
277
  end
278
278
 
279
279
  env = JSON.parse(output)
@@ -294,10 +294,12 @@ module ConfigureTrustedPublisher
294
294
  def write_release_action(repository, rubygem_name, environment: nil)
295
295
  tag = "Automatically when a new tag matching v* is pushed"
296
296
  manual = "Manually by running a GitHub Action"
297
+ release = "Automatically when a new GitHub release is published"
297
298
  puts
298
299
  response = ask_multiple_choice(
299
300
  "How would you like releases for #{rubygem_name} to be triggered?", [
300
301
  tag,
302
+ release,
301
303
  manual
302
304
  ],
303
305
  default: "2"
@@ -312,7 +314,12 @@ module ConfigureTrustedPublisher
312
314
  "name: Push Gem",
313
315
  nil,
314
316
  "on:",
315
- " #{response == tag ? "push:\n tags:\n - 'v*'" : 'workflow_dispatch:'}",
317
+ (case response
318
+ when tag then " push:\n tags:\n - 'v*'"
319
+ when release then " release:\n types:\n - published"
320
+ when manual then " workflow_dispatch:"
321
+ else raise "Unknown response: #{response.inspect}"
322
+ end),
316
323
  nil,
317
324
  "permissions:",
318
325
  " contents: read",
@@ -331,13 +338,13 @@ module ConfigureTrustedPublisher
331
338
  " steps:",
332
339
  " # Set up",
333
340
  " - name: Harden Runner",
334
- " uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1",
341
+ " uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2",
335
342
  " with:",
336
343
  " egress-policy: audit",
337
344
  nil,
338
- " - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4",
345
+ " - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2",
339
346
  " - name: Set up Ruby",
340
- " uses: ruby/setup-ruby@cacc9f1c0b3f4eb8a16a6bb0ed10897b43b9de49 # v1.176.0",
347
+ " uses: ruby/setup-ruby@a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc # v1.202.0",
341
348
  " with:",
342
349
  " bundler-cache: true",
343
350
  " ruby-version: ruby",
data/lib/configure_trusted_publisher/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module ConfigureTrustedPublisher
4
- VERSION = "0.1.9"
4
+ VERSION = "0.2.0"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: configure_trusted_publisher
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.9
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Samuel Giddins
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-06-14 00:00:00.000000000 Z
11
+ date: 2024-11-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -73,7 +73,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
73
73
  - !ruby/object:Gem::Version
74
74
  version: '3.5'
75
75
  requirements: []
76
- rubygems_version: 3.5.9
76
+ rubygems_version: 3.5.22
77
77
  signing_key:
78
78
  specification_version: 4
79
79
  summary: A small CLI to automate the process of configuring a trusted publisher for