Automate uploading of package_esp8266_index.json, add release process doc #4999
Conversation
package/README.md
Outdated
|
|
||
| 4. Check that the package index downloaded from http://arduino.esp8266.com/stable/package_esp8266_index.json contains an entry for the new version (it may not be the first one). | ||
|
|
||
| 5. Edit release description, paste release notes. Remove "draft" status of the release and publish it. |
There was a problem hiding this comment.
I assume this means in github, in the "Releases" tab -> Edit button?
There was a problem hiding this comment.
Yes, i'll update the wording
|
I won't be able to review this deeply until tonight, but doesn't the including of a SSH key in the scripts mean that anyone can now upload to the server just by copying the key? I'm thinking of recent hacks where miscreants were able to put up malicious packages in real repos... |
|
@earlephilhower Included in the repo are:
|
igrr
force-pushed
the
feature/deploy_json_index
branch
from
df6855e
to
d4ccf5e
Compare
|
|
||
| 5. Travis CI also uploads package index .json file to `http://arduino.esp8266.com/stable/package_esp8266_index.json`, i.e. well-known URL used by most users. | ||
|
|
||
| 6. When the draft release is created, maintainer edits release description and inserts changelog into the description field, unmarks the release as draft, and publishes the release. |
There was a problem hiding this comment.
I think I understand everything except this. How/where is this draft release created?
* ci: work around tagging issue in Travis CI deployment When `draft: true` is set, incorrect commit/tag information is sent to Github. Override tag/target fields for correct behavior. Ref. https://github.com/travis-ci/travis-ci/issues/9852 * doc: clarify some points in the release process
http://arduino.esp8266.com/stable/package_esp8266_index.json will now be updated in Travis CI automatically
Document describing release process (for maintainers) is added