Avoid auto-inactivating GitHub Actions deployments

The GitHub REST API docs for deployments say, "When you set the state of a deployment to `success`, then all prior non-transient, non-production environment deployments in the same repository with the same environment name will become `inactive`. To avoid this, you can set `auto_inactive` to `false` when creating the deployment status." GitHub Actions auto-inactivates deployments. When a deployment environment is used from within a GitHub Actions workflow job with the `environment:` configuration syntax, GitHub Actions marks previous deployments to that environment as `inactive`. This behavior is undocumented and there doesn't appear to be a way to configure it, but there are some possible workarounds/hacks. One workaround could be using the GitHub deployment statuses API to reactivate deployments of interest. https://docs.github.com/en/rest/deployments/statuses?apiVersion=2022-11-28 Another workaround for keeping deployments active could be through deployment URLs. A GitHub community discussion comment hints, "If the new Deployment specifies an environment URL in the workflow definition, only previous Deployments with the exact same environment URL will be auto-inactivated." This implies that deployments could stay active if each deployment got its own unique URL. https://github.com/orgs/community/discussions/67982#discussioncomment-7086962 Commit 6e532c6 configured Python package publication to use PyPI OIDC with GitHub Actions deployment environments. This commit will update the GitHub Actions workflow so that each deployment has its own unique URL.
br3ndonland · Apr 9, 2024 · 6d6f5c9 · 6d6f5c9
1 parent 845e8b2
commit 6d6f5c9
Showing 1 changed file with 16 additions and 9 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -16,27 +16,34 @@ jobs:
   setup:
     runs-on: ubuntu-latest
     outputs:
-      environment: ${{ steps.set-env.outputs.environment }}
+      environment-name: ${{ steps.set-env.outputs.environment-name }}
+      environment-url: ${{ steps.set-env.outputs.environment-url }}
     steps:
       - uses: actions/checkout@v4
       - name: Set GitHub Actions deployment environment
         id: set-env
         run: |
           if ${{ github.event_name == 'workflow_dispatch' }}; then
-            environment=${{ inputs.environment }}
+            environment_name=${{ inputs.environment }}
           elif ${{ github.ref_type == 'tag' }}; then
-            environment="PyPI"
+            environment_name="PyPI"
           else
-            environment=""
+            environment_name=""
           fi
-          echo "environment=$environment" >>"$GITHUB_OUTPUT"
+          timestamp="$(date -Iseconds)"
+          url="https://api.github.com/repos/${{ github.repository }}/deployments"
+          environment_url="$url?timestamp=$timestamp"
+          echo "environment-name=$environment_name" >>"$GITHUB_OUTPUT"
+          echo "environment-url=$environment_url" >>"$GITHUB_OUTPUT"
       - name: Create annotation for deployment environment
-        if: steps.set-env.outputs.environment != ''
-        run: echo "::notice::Deployment environment ${{ steps.set-env.outputs.environment }}"
+        if: steps.set-env.outputs.environment-name != ''
+        run: echo "::notice::Deployment environment ${{ steps.set-env.outputs.environment-name }}"
   ci:
     runs-on: ubuntu-latest
     needs: [setup]
-    environment: ${{ needs.setup.outputs.environment }}
+    environment:
+      name: ${{ needs.setup.outputs.environment-name }}
+      url: ${{ needs.setup.outputs.environment-url }}&python=${{ matrix.python-version }}
     permissions:
       id-token: write
     strategy:
@@ -127,7 +134,7 @@ jobs:
         if: >
           github.ref_type == 'tag' &&
           matrix.python-version == '3.11' &&
-          needs.setup.outputs.environment == 'PyPI'
+          needs.setup.outputs.environment-name == 'PyPI'
         uses: pypa/gh-action-pypi-publish@release/v1.8
   changelog:
     if: github.ref_type == 'tag'