From 14d29b711eef890f0050c55f3b23e297412a87ba Mon Sep 17 00:00:00 2001 From: Cameron Dutro Date: Mon, 28 Aug 2023 10:45:35 -0700 Subject: [PATCH 1/8] Ok, try decrypting the access token --- .github/workflows/release.yml | 30 +++++++++++++++++++++++++----- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d8e711cccc6..3d53232f4c3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,6 +6,8 @@ on: - main - next-major + workflow_dispatch: + jobs: get-access-token: runs-on: ubuntu-latest @@ -18,23 +20,41 @@ jobs: client-id: ${{ vars.PRIMER_APP_CLIENT_ID_SHARED }} client-secret: ${{ secrets.PRIMER_APP_CLIENT_SECRET_SHARED }} installation-id: ${{ vars.PRIMER_APP_INSTALLATION_ID_SHARED }} + encrypt: true + + decrypt-access-token: + runs-on: ubuntu-latest + needs: get-access-token + steps: + - id: decrypt-access-token + uses: actions/github-script@v6 + with: + script: | + const crypto = require('crypto') + const encryptedToken = Buffer.from(process.env.ACCESS_TOKEN, 'base64') + const token = crypto.privateDecrypt(process.env.PRIVATE_KEY, encryptedToken).toString() + return token + result-encoding: string + env: + PRIVATE_KEY: ${{ secrets.PRIMER_APP_PRIVATE_KEY_SHARED }} + ACCESS_TOKEN: ${{ needs.get-access-token.steps.get-access-token.outputs.access-token }} release-main: - if: github.ref_name == 'main' + # if: github.ref_name == 'main' name: Main - needs: get-access-token + needs: decrypt-access-token uses: primer/.github/.github/workflows/release.yml@main secrets: - gh_token: ${{ needs.get-access-token.steps.get-access-token.outputs.access-token }} + gh_token: ${{ needs.decrypt-access-token.steps.decrypt-access-token.outputs.result }} npm_token: ${{ secrets.NPM_AUTH_TOKEN_SHARED }} release-next-major: if: github.ref_name == 'next-major' name: Next major - needs: get-access-token + needs: decrypt-access-token uses: primer/.github/.github/workflows/release.yml@main with: title: Release tracking (next major) secrets: - gh_token: ${{ needs.get-access-token.steps.get-access-token.outputs.access-token }} + gh_token: ${{ needs.decrypt-access-token.steps.decrypt-access-token.outputs.result }} npm_token: ${{ secrets.NPM_AUTH_TOKEN_SHARED }} From c425c1361d5c526ecec2e20db8fc6d2ea98505f2 Mon Sep 17 00:00:00 2001 From: Cameron Dutro Date: Mon, 28 Aug 2023 10:46:56 -0700 Subject: [PATCH 2/8] Dang, can't use workflow_dispatch --- .github/workflows/release.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3d53232f4c3..bc96576597a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,10 +3,9 @@ name: Release on: push: branches: - - main - - next-major - - workflow_dispatch: + - github_token_release + # - main + # - next-major jobs: get-access-token: From bd9acb301ffd999b48c6a76cb866f175f1027de4 Mon Sep 17 00:00:00 2001 From: Cameron Dutro Date: Mon, 28 Aug 2023 10:57:16 -0700 Subject: [PATCH 3/8] Print out len of secrets to make sure they exist --- .github/workflows/release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bc96576597a..e902d9b3447 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,6 +29,8 @@ jobs: uses: actions/github-script@v6 with: script: | + console.log(process.env.ACCESS_TOKEN.length) + console.log(process.env.PRIVATE_KEY.length) const crypto = require('crypto') const encryptedToken = Buffer.from(process.env.ACCESS_TOKEN, 'base64') const token = crypto.privateDecrypt(process.env.PRIVATE_KEY, encryptedToken).toString() From c7521bc654b97fbf3fbf84f0dbfc2858710129e3 Mon Sep 17 00:00:00 2001 From: Cameron Dutro Date: Mon, 28 Aug 2023 11:08:10 -0700 Subject: [PATCH 4/8] Map step output to job output --- .github/workflows/release.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e902d9b3447..c70ef977063 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,6 +10,8 @@ on: jobs: get-access-token: runs-on: ubuntu-latest + outputs: + access-token: ${{ steps.get-access-token.outputs.access-token }} steps: - id: get-access-token uses: camertron/github-app-installation-auth-action@v1 @@ -38,7 +40,7 @@ jobs: result-encoding: string env: PRIVATE_KEY: ${{ secrets.PRIMER_APP_PRIVATE_KEY_SHARED }} - ACCESS_TOKEN: ${{ needs.get-access-token.steps.get-access-token.outputs.access-token }} + ACCESS_TOKEN: ${{ needs.get-access-token.outputs.access-token }} release-main: # if: github.ref_name == 'main' From 46b568ab4a2ce73e7f4e50714a16c93ba939fa7f Mon Sep 17 00:00:00 2001 From: Cameron Dutro Date: Mon, 28 Aug 2023 11:12:07 -0700 Subject: [PATCH 5/8] Ah wait, I'm an idiot --- .github/workflows/release.yml | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c70ef977063..0a47aff46f3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ jobs: get-access-token: runs-on: ubuntu-latest outputs: - access-token: ${{ steps.get-access-token.outputs.access-token }} + access-token: ${{ steps.decrypt-access-token.outputs.result }} steps: - id: get-access-token uses: camertron/github-app-installation-auth-action@v1 @@ -22,11 +22,6 @@ jobs: client-secret: ${{ secrets.PRIMER_APP_CLIENT_SECRET_SHARED }} installation-id: ${{ vars.PRIMER_APP_INSTALLATION_ID_SHARED }} encrypt: true - - decrypt-access-token: - runs-on: ubuntu-latest - needs: get-access-token - steps: - id: decrypt-access-token uses: actions/github-script@v6 with: @@ -40,24 +35,24 @@ jobs: result-encoding: string env: PRIVATE_KEY: ${{ secrets.PRIMER_APP_PRIVATE_KEY_SHARED }} - ACCESS_TOKEN: ${{ needs.get-access-token.outputs.access-token }} + ACCESS_TOKEN: ${{ steps.get-access-token.outputs.access-token }} release-main: # if: github.ref_name == 'main' name: Main - needs: decrypt-access-token + needs: get-access-token uses: primer/.github/.github/workflows/release.yml@main secrets: - gh_token: ${{ needs.decrypt-access-token.steps.decrypt-access-token.outputs.result }} + gh_token: ${{ needs.get-access-token.outputs.access-token }} npm_token: ${{ secrets.NPM_AUTH_TOKEN_SHARED }} release-next-major: if: github.ref_name == 'next-major' name: Next major - needs: decrypt-access-token + needs: get-access-token uses: primer/.github/.github/workflows/release.yml@main with: title: Release tracking (next major) secrets: - gh_token: ${{ needs.decrypt-access-token.steps.decrypt-access-token.outputs.result }} + gh_token: ${{ needs.get-access-token.outputs.access-token }} npm_token: ${{ secrets.NPM_AUTH_TOKEN_SHARED }} From 9063d1d03f577220f518aca6a1b280f450576148 Mon Sep 17 00:00:00 2001 From: Cameron Dutro Date: Mon, 28 Aug 2023 11:41:56 -0700 Subject: [PATCH 6/8] Put token grabbing action in .github repo directly --- .github/workflows/release.yml | 49 ++++++++++------------------------- 1 file changed, 13 insertions(+), 36 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0a47aff46f3..3a846815f24 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,51 +8,28 @@ on: # - next-major jobs: - get-access-token: - runs-on: ubuntu-latest - outputs: - access-token: ${{ steps.decrypt-access-token.outputs.result }} - steps: - - id: get-access-token - uses: camertron/github-app-installation-auth-action@v1 - with: - app-id: ${{ vars.PRIMER_APP_ID_SHARED }} - private-key: ${{ secrets.PRIMER_APP_PRIVATE_KEY_SHARED }} - client-id: ${{ vars.PRIMER_APP_CLIENT_ID_SHARED }} - client-secret: ${{ secrets.PRIMER_APP_CLIENT_SECRET_SHARED }} - installation-id: ${{ vars.PRIMER_APP_INSTALLATION_ID_SHARED }} - encrypt: true - - id: decrypt-access-token - uses: actions/github-script@v6 - with: - script: | - console.log(process.env.ACCESS_TOKEN.length) - console.log(process.env.PRIVATE_KEY.length) - const crypto = require('crypto') - const encryptedToken = Buffer.from(process.env.ACCESS_TOKEN, 'base64') - const token = crypto.privateDecrypt(process.env.PRIVATE_KEY, encryptedToken).toString() - return token - result-encoding: string - env: - PRIVATE_KEY: ${{ secrets.PRIMER_APP_PRIVATE_KEY_SHARED }} - ACCESS_TOKEN: ${{ steps.get-access-token.outputs.access-token }} - release-main: - # if: github.ref_name == 'main' + if: github.ref_name == 'main' name: Main - needs: get-access-token - uses: primer/.github/.github/workflows/release.yml@main + uses: primer/.github/.github/workflows/release_with_app.yml@main secrets: - gh_token: ${{ needs.get-access-token.outputs.access-token }} npm_token: ${{ secrets.NPM_AUTH_TOKEN_SHARED }} + app-id: ${{ vars.PRIMER_APP_ID_SHARED }} + private-key: ${{ secrets.PRIMER_APP_PRIVATE_KEY_SHARED }} + client-id: ${{ vars.PRIMER_APP_CLIENT_ID_SHARED }} + client-secret: ${{ secrets.PRIMER_APP_CLIENT_SECRET_SHARED }} + installation-id: ${{ vars.PRIMER_APP_INSTALLATION_ID_SHARED }} release-next-major: if: github.ref_name == 'next-major' name: Next major - needs: get-access-token - uses: primer/.github/.github/workflows/release.yml@main + uses: primer/.github/.github/workflows/release_with_app.yml@main with: title: Release tracking (next major) secrets: - gh_token: ${{ needs.get-access-token.outputs.access-token }} npm_token: ${{ secrets.NPM_AUTH_TOKEN_SHARED }} + app-id: ${{ vars.PRIMER_APP_ID_SHARED }} + private-key: ${{ secrets.PRIMER_APP_PRIVATE_KEY_SHARED }} + client-id: ${{ vars.PRIMER_APP_CLIENT_ID_SHARED }} + client-secret: ${{ secrets.PRIMER_APP_CLIENT_SECRET_SHARED }} + installation-id: ${{ vars.PRIMER_APP_INSTALLATION_ID_SHARED }} From 972174cb485d10d629f35012475c39aba4370861 Mon Sep 17 00:00:00 2001 From: Cameron Dutro Date: Mon, 28 Aug 2023 11:42:25 -0700 Subject: [PATCH 7/8] Test --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3a846815f24..78e5f88b0ae 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,7 +9,7 @@ on: jobs: release-main: - if: github.ref_name == 'main' + # if: github.ref_name == 'main' name: Main uses: primer/.github/.github/workflows/release_with_app.yml@main secrets: From 02f433b3b4e847109fd0fd9825ce6e9a96bbb5ab Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 28 Aug 2023 18:44:21 +0000 Subject: [PATCH 8/8] Version Packages --- .changeset/grumpy-maps-shave.md | 7 ------- .changeset/lazy-eyes-bow.md | 7 ------- .changeset/silly-dots-lick.md | 7 ------- CHANGELOG.md | 18 ++++++++++++++++++ package.json | 2 +- 5 files changed, 19 insertions(+), 22 deletions(-) delete mode 100644 .changeset/grumpy-maps-shave.md delete mode 100644 .changeset/lazy-eyes-bow.md delete mode 100644 .changeset/silly-dots-lick.md diff --git a/.changeset/grumpy-maps-shave.md b/.changeset/grumpy-maps-shave.md deleted file mode 100644 index 2bd49b0acb2..00000000000 --- a/.changeset/grumpy-maps-shave.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -'@primer/react': patch ---- - -Update type exports to prevent missing export warnings - - diff --git a/.changeset/lazy-eyes-bow.md b/.changeset/lazy-eyes-bow.md deleted file mode 100644 index 6103291c1de..00000000000 --- a/.changeset/lazy-eyes-bow.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@primer/react": patch ---- - -Use `control` CSS var with fallback for form component border-color - - diff --git a/.changeset/silly-dots-lick.md b/.changeset/silly-dots-lick.md deleted file mode 100644 index dc22c64df64..00000000000 --- a/.changeset/silly-dots-lick.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@primer/react": minor ---- - -Update ActionList checkbox styles to form checkbox styles (impacts ActionMenu and SelectPanel) - - diff --git a/CHANGELOG.md b/CHANGELOG.md index d29c1e43e08..5ff3b37b7f5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,23 @@ # @primer/components +## 35.29.0 + +### Minor Changes + +- [#3607](https://github.com/primer/react/pull/3607) [`c0e22fc1`](https://github.com/primer/react/commit/c0e22fc14697627c81c8a21137c72350e8d1a703) Thanks [@langermank](https://github.com/langermank)! - Update ActionList checkbox styles to form checkbox styles (impacts ActionMenu and SelectPanel) + + + +### Patch Changes + +- [#3662](https://github.com/primer/react/pull/3662) [`2ca670a8`](https://github.com/primer/react/commit/2ca670a882925ce2cbd447d52f1ac390efe29253) Thanks [@joshblack](https://github.com/joshblack)! - Update type exports to prevent missing export warnings + + + +- [#3654](https://github.com/primer/react/pull/3654) [`556d826a`](https://github.com/primer/react/commit/556d826af1dd9cc74f8bf22e7f0f521d185a87d2) Thanks [@langermank](https://github.com/langermank)! - Use `control` CSS var with fallback for form component border-color + + + ## 35.28.0 ### Minor Changes diff --git a/package.json b/package.json index 0919a0d3920..c201231d275 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@primer/react", - "version": "35.28.0", + "version": "35.29.0", "description": "An implementation of GitHub's Primer Design System using React", "main": "lib/index.js", "module": "lib-esm/index.js",