Some time ago we migrated all Puppet module CI jobs from Travis-CI to GitHub Actions. We’re now in the process to do the same for all of our Rubygems. We had some internal discussions and ended up with the following template for our tests:
--- name: Test on: - pull_request - push jobs: test: runs-on: ubuntu-latest strategy: fail-fast: false matrix: ruby: - '2.5' - '2.6' - '2.7' - '3.0' steps: - uses: actions/[email protected] - name: Install Ruby $ uses: ruby/[email protected] with: ruby-version: $ bundler-cache: true env: BUNDLE_WITHOUT: release - name: Run tests run: bundle exec rake spec
This generates a Test matrix based on the current Ruby version 2.5 to 3.0.
The interesting part comes afterwards: We also do our releases through GitHub Actions:
--- name: Release on: create: ref_type: tag jobs: release: runs-on: ubuntu-latest if: github.repository_owner == 'voxpupuli' steps: - uses: actions/[email protected] - name: Install Ruby 3.0 uses: ruby/[email protected] with: ruby-version: '3.0' env: BUNDLE_WITHOUT: release - name: Build gem run: gem build *.gemspec - name: Publish gem to rubygems.org run: gem push *.gem env: GEM_HOST_API_KEY: '$' - name: Setup GitHub packages access run: | mkdir -p ~/.gem echo ":github: Bearer $" >> ~/.gem/credentials chmod 0600 ~/.gem/credentials - name: Publish gem to GitHub packages run: gem push --key github --host https://rubygems.pkg.github.com/voxpupuli *.gem
The release process is basically:
- someone bumps the version in the gemspec
- the changelog is generated with the GitHub Changelog Generator Rubygem based on closed PRs/issues since the last release
- the changes are provided as a PR
- after that’s approved and merged, a maintainer creates a gpg-signed git tag and pushes that to GitHub
- the Release action posed above will build the gem on Ruby 3.0 and publishes it to rubygems and to GitHub packages
secrets.GITHUB_TOKEN is available within the action by default, secrets.RUBYGEMS_AUTH_TOKEN is a custom secret defined on the GitHub org level
Besides creating the yaml file and the
secrets.RUBYGEMS_AUTH_TOKEN secret, no additional configuration is required to publich to RubyGems/GitHub packages.