Working with CI

[niku]

I tried to publish an elixir package with using mix hex.publish in CI environment. It was succeed. However, I felt it was a little bit hackey. So I have a some question and/or suggestion.

I thought that It was not good to writie a value for hex.config to STDOUT which is logging to files which anyone can read in a CI. Can I suppress writing to STDOUT when I'm setting a value to config of hex? I think It is nice having such option or documentation to the help.

I'm not sure how to execute hex.publish without any key inputs. Can I execute hex.publish to publish hex.pm and hexdocs.pm without key inputs? If I could, I think it is useful for execution command in the CI environment.

[ericmj]

I thought that It was not good to writie a value for hex.config to STDOUT which is logging to files which anyone can read in a CI. Can I suppress writing to STDOUT when I'm setting a value to config of hex? I think It is nice having such option or documentation to the help.

What you can do instead is to build your hex config file locally and copy it to your CI environment, the file is located ad ~/.hex/hex.config.

I'm not sure how to execute hex.publish without any key inputs. Can I execute hex.publish to publish hex.pm and hexdocs.pm without key inputs? If I could, I think it is useful for execution command in the CI environment.

I'm not sure I want to support this because I feel like publishing via CI is the wrong flow. The reason we have the prompt is so that you actually look at the output we show you and accept it. If you just automatically publish you can just ignore this information.

[niku]

to build your hex config file locally and copy it to your CI environment, the file is located ad ~/.hex/hex.config.

Ah, it seems better than my way. I'll try it later. Thank you for your advice 😃

The reason we have the prompt is so that you actually look at the output we show you and accept it.

I strongly agree with you about I have to accept it manually when I look at the first time.
However, for convenience, I will be happy if I can skip it from the next time.
I think CI environment isn't the first time of hex.publish usually.

So, I wonder adding a (verbose) command line option is useful something like: mix hex.publish --i-have-already-confirmed-with-codeofconduct.

[ericmj]

It's less about accepting the code of conduct and more about confirming that you want to publish after we have showed the details about what you are publishing. But iirc we have converted all warnings to errors so I think we can add a --force, --no-confirm or similar.

[asgoel]

@ericmj would this apply to the key decryption step as well? or is there a way to auto store the password for the account so you don't have to type it in every time.

[ericmj]

You should be able to use mix hex.user passphrase and give an empty password to remove your password from the auth key. This is not recommended though.

[asgoel]

yeah I'm planning on using this for some private packages that we have that we would use a CI to automatically push to a self hosted repository, not hexpm. If that's the only way then that's probably what I'll do, since this will all be self contained within our own network.