Add attestation to releases#170
Merged
Merged
Conversation
David Elner (delner)
requested review from
Abhijeet Prasad (AbhiPrasad),
Matt Perpick (clutchski) and
Luca Forstner (lforst)
David Elner (delner)
assigned
Andrew Kent (realark) and unassigned
Andrew Kent (realark)
David Elner (delner)
requested review from
Stephen Belanger (Qard),
Andrew Kent (realark) and
Cedric / ViaDézo1er (viadezo1er)
Cedric / ViaDézo1er (viadezo1er)
left a comment
Cedric / ViaDézo1er (viadezo1er)
left a comment
There was a problem hiding this comment.
Maybe ubuntu-24.04 instead of ubuntu-latest so if things break down with 26.04 we're not taken by surprise?
|
|
David Elner (delner)
had a problem deploying
to
rubygems-publish-dry-run
GitHub Actions
Error
David Elner (delner)
force-pushed
the
ci/attestation
branch
2 times, most recently
from
67ea76b to
0f3a4ac
Compare
David Elner (delner)
had a problem deploying
to
rubygems-publish-dry-run
GitHub Actions
Failure
David Elner (delner)
force-pushed
the
ci/attestation
branch
from
0f3a4ac to
42f8c17
Compare
David Elner (delner)
temporarily deployed
to
rubygems-publish-dry-run
GitHub Actions
Inactive
David Elner (delner)
force-pushed
the
ci/attestation
branch
2 times, most recently
from
1a11e80 to
ce9cf33
Compare
David Elner (delner)
force-pushed
the
ci/attestation
branch
from
ce9cf33 to
8c98f05
Compare
David Elner (delner)
had a problem deploying
to
rubygems-publish-dry-run
GitHub Actions
Error
David Elner (delner)
temporarily deployed
to
rubygems-publish-dry-run
GitHub Actions
Inactive
David Elner (delner)
force-pushed
the
ci/attestation
branch
from
ea8fd8d to
8c98f05
Compare
Luca Forstner (lforst)
approved these changes
Jun 1, 2026
| # Called by rubygems/release-gem in the release workflow. | ||
| # Follows Bundler convention: build, push gem, push tag. | ||
| # GitHub release creation is handled separately by the workflow. | ||
| task release: ["release:publish", "release:push_tag"] do |
There was a problem hiding this comment.
hmm, are we sure we want to follow conventions here? I would prefer if we had a tag first then publish. But not blocking here.
Collaborator
Author
There was a problem hiding this comment.
Given that tagging then failing leaves an artifact, and tagging is conventional for Ruby, I prefer what we have here. Less friction.
Same does not need to be true for other release processes if circumstances are different.
David Elner (delner)
temporarily deployed
to
rubygems-publish-dry-run
GitHub Actions
Inactive
Abhijeet Prasad (AbhiPrasad)
approved these changes
Jun 1, 2026
David Elner (delner)
force-pushed
the
ci/attestation
branch
from
6204067 to
5e0ad9f
Compare
Collaborator
Author
|
Good feedback Abhijeet Prasad (@AbhiPrasad). Thanks! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request further overhauls the release process by: