search

LaurentRDC / pandoc-plot

Render and include figures in Pandoc documents using your plotting toolkit of choice
https://laurentrdc.github.io/pandoc-plot/
GNU General Public License v2.0
216 stars 8 forks source link

Changed SHA256 sum of Release 1.2.3 #28

Closed syntonym closed 3 years ago

syntonym commented 3 years ago

Hey Laurent,

when version 1.2.3 released the file pandoc-plot-Linux-x86_64.zip had the SHA256 sum 2c84a366724496bc60f22d4c0ec945d891f19390f8c5ec6311a5e5614aef1e05 while now it has the SHA256 sum 108b70fb4120126fbf2f836d2a9d980deeff364c5f95f61873a5fa10e877712d . I think commit a6de079 triggered the CI to upload a new file under the release 1.2.3. In the past files of a release never changed as far as I noticed.

Now with the CI in place is pandoc-plot going to change the "release strategy" and updating releases with the newest current commit? Or was this more of a one-time occurence due to the change in packaging?

I'm asking because I'm maintaining the pandoc-plot-bin PKGBUILD in the archlinux user repository . Currently I'm semiautomatically downloading pandoc-plot on every release, verify that it's working and update the PKGBUILD with the sha256 sum. If the file of a version changes the sha256 sum doesn't match anymore and a user has to manually override it. If a file of a release changing will occur more often in the feature I'll either skip the sha256 verification or will have to automate calculating the sha256 whenever that happens.

Thanks! Syntonym

LaurentRDC commented 3 years ago

Hey Syntonym,

Oups! I'm sorry about that. It was a one-time thing.

I had to replace the release artifacts because the zipped executables were packaged with extra directory structure, which broke other workflows (e.g. conda packaging). a6de079 fixed that but didn't upload anything. I re-packaged the executables from release 1.2.3 by hand.

This won't happen again. Release 1.2.3 was the first release using automatic CI uploads. I'm sorry for the inconvenience!

syntonym commented 3 years ago

Thanks for the quick answer! That's what I thought, just wanted to confirm.

LaurentRDC commented 3 years ago

@syntonym, thanks for maintaining the ArchLinux package!

I'm working to automate things as much as possible. For example, there's an executable that allows to update winget packages automatically.

Is there a way to do the same for the Archlinux package? Let me know and I can include it in the release pipeline.

syntonym commented 3 years ago

Automatically generating the PKGBUILD should be very easy, the complete PKGBUILD is:

# Maintainer: syntonym <syntaar@gmail.com>
pkgname=pandoc-plot-bin
pkgver=1.2.3
pkgrel=3
epoch=
pkgdesc="Render and include figures in Pandoc documents using your plotting toolkit of choice"
arch=('x86_64')
url="https://github.com/LaurentRDC/pandoc-plot"
license=('GPL2')
source=("https://github.com/LaurentRDC/pandoc-plot/releases/download/$pkgver/pandoc-plot-Linux-$CARCH.zip")
sha256sums=('108b70fb4120126fbf2f836d2a9d980deeff364c5f95f61873a5fa10e877712d'')

package() {
    install -D pandoc-plot-Linux-x86_64/pandoc-plot ${pkgdir}/usr/bin/pandoc-plot
}

The only component that regularly changes is the sha256sum, I'm already using a script to automatically generate the checksum. The complete process could easily be fully automated, but I think it's nice to have a human in the loop. I check each release against some of my own files to see if they still render correctly and I check the changelog/commits to scan for any surprises, which takes in total 5 minutes. As it's such a low amount of work already I'd keep it that way.

If there should be things improved with the packaging (like also packaging man pages - as far as I know there currently are none) let me know. If you want to have more control over the packaging I can also give ownership of the package on AUR to you.

LaurentRDC commented 3 years ago

All right, thanks for your help!