Add app builds controls to releaser #4105
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: joaquimrocha The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
k8s-ci-robot
added
the
size/XL
There was a problem hiding this comment.
Pull Request Overview
This PR adds CI build workflow management capabilities to the releaser tool, including the ability to trigger app build workflows for specific platforms and list/monitor recent workflow runs. Additionally, it enhances the release start process with optional branch creation.
- Added new
ci appcommand with--buildand--listsubcommands for managing GitHub Actions workflows - Added
--no-branchoption to thestartcommand to optionally skip branch creation - Implemented utility functions for triggering and retrieving GitHub Actions workflow runs
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| tools/releaser/src/utils/github.ts | Adds triggerBuildWorkflows and getLatestAppRuns functions to interact with GitHub Actions API |
| tools/releaser/src/utils/git.ts | Adds git utility functions for branch operations: branchExists, createAndCheckoutBranch, and getCurrentBranch |
| tools/releaser/src/index.ts | Registers new ci app command with build and list options, and adds --no-branch option to start command |
| tools/releaser/src/commands/start.ts | Implements optional branch creation logic with --no-branch flag support |
| tools/releaser/src/commands/get-app-runs.ts | New command to fetch and display app workflow runs with multiple output formats |
| tools/releaser/src/commands/build.ts | New command to trigger app build workflows with platform selection and confirmation |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| export function createAndCheckoutBranch(branchName: string): void { | ||
| try { | ||
| execSync(`git checkout -b ${branchName}`); |
There was a problem hiding this comment.
The branchName parameter is used directly in a shell command without sanitization, creating a potential command injection vulnerability. Use execSync with an array of arguments or sanitize the branch name to prevent command injection.
| execSync(`git checkout -b ${branchName}`); | |
| execSync('git', ['checkout', '-b', branchName]); |
|
|
||
| export function branchExists(branchName: string): boolean { | ||
| try { | ||
| execSync(`git rev-parse --verify ${branchName}`, { stdio: 'ignore' }); |
There was a problem hiding this comment.
The branchName parameter is used directly in a shell command without sanitization, creating a potential command injection vulnerability. Use execSync with an array of arguments or sanitize the branch name to prevent command injection.
| execSync(`git rev-parse --verify ${branchName}`, { stdio: 'ignore' }); | |
| execSync('git', ['rev-parse', '--verify', branchName], { stdio: 'ignore' }); |
2 participants
Summary
This PR:
Related Issue
fixes #3991
Steps to Test
releaser start 1.2.3and verify it creates a branch locally for itreleaser ci app --build mainto verify it triggers apps for main, test the different optionsreleaser ci --listto list the latest builds