Add GitHub Actions for deploys to WordPress.org #13
Conversation
|
Note that I didn't say this PR |
|
Nice work 👍🏻 |
|
@jeffpaul This would be really neat. I'm just a bit wary about the SVN username and password - of course it's needed, but I'm not sure what we could do here. I personally at least rather wouldn't provide mine. |
|
@felixarntz the SVN username and password are encrypted GitHub secrets, so if your concern is someone else gaining access to your credentials that seems like a low probability. If your concern relates to the account being tied to you instead of some generic core/committer account, then maybe see if someone from Systems or Meta could have the .org @wordpressdotorg account's SVN credentials added as GitHub secrets (or some similar account)? |
|
To avoid storing the credentials of a personal account, I recommend setting up a bot account for the purpose. I use peterwilsoncc-syncbot on wp.org, for example. It will allow you to give the account minimum required permissions, I certainly recommend against storing the credentials of an account with core commit in the GH secrets. To reenforce @jeffpaul's point, not even the account that added them can see the secrets once they're stored.
|
| - name: WordPress Plugin Deploy | ||
| uses: 10up/action-wordpress-plugin-deploy@master | ||
| env: | ||
| SVN_PASSWORD: ${{ secrets.SVN_PASSWORD }} |
There was a problem hiding this comment.
Setting up same for peterwilsoncc/rapid-canoncial-urls I needed to include GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} for the commit to work in each of these config files. I'm not sure why but I think it may have something to do with re-checkout. 🤷🏻♂️
4 participants
Description of the Change
masterthat only affecting readme and asset files on GitHub to WordPress.ORG SVNBenefits
Possible Drawbacks
SVN_USERNAMEandSVN_PASSWORDsecret be set within the Settings of thiswp-lazy-loadingGitHub repowp-lazyloading` WordPress.ORG SVN repoApplicable Issues
Relates to #1