Pushplaybang
commented
5 years ago Love this. š no idea where to keep em though.
Closed zeke closed 4 years ago
Pushplaybang
commented
5 years ago Love this. š no idea where to keep em though.
pvinis
commented
5 years ago maybe the config repo?
zeke
commented
5 years ago In the time since I created this issue, GitHub has released some new features that enable new ways to build "sisyphean" workflows:
š There's a new GitHub API for storing secrets on a repo: https://developer.github.com/actions/managing-workflows/storing-secrets/
š GitHub Actions now have a cron-like scheduling feature: https://developer.github.com/actions/changes/2019-04-05-scheduling-workflows/
GitHub DeveloperGet started with one of our guides, or jump straight into the API documentation.
GitHub DeveloperGet started with one of our guides, or jump straight into the API documentation.
I maintain a lot of "data modules". Unlike most npm modules, these modules are datasets, scoured from various corners of the internet on a regular schedule. An example is all-the-package-names, which is updated daily (aspirationally, anyway). For each one of these modules, I run a Heroku app with the Scheduler addon (think
cron) to run some task (usuallynpm run release) every ten minutes, hour, or day.These Heroku apps typically have two environment variables, a GitHub token and an npm Token. These secrets are made available to the running app through the use of buildpacks. The whole thing is outlined in a blog post here: http://zeke.sikelianos.com/npm-and-github-automation-with-heroku
Rather than running and configuring a single Heroku app for every module, I'd rather use a single Probot service to publish all of them.
Probot has a scheduler extension that would work for this... the remaining puzzle piece is how to handle secrets. Where would Probot get an npm token? (See https://github.com/probot/friction/issues/34)