search

webdriverio-community / wdio-electron-service

WebdriverIO service for testing Electron applications
https://webdriver.io
MIT License
34 stars 15 forks source link

CI: `main` branch protection OR working release pipeline - pick one #800

Open goosewobbler opened 6 hours ago

goosewobbler commented 6 hours ago

The release pipeline is unable to push to the main branch when branch protection rules are enforced.

Branch protection rules are desirable to prevent force pushing and require status checks to pass before PR merge.

It is a long-standing known limitation of Github that GA can't be exempted from branch protection rules, however Deploy Keys, Roles and specific Apps can.

The current best solution for this seems to be using a Deploy Key, but this approach currently has issues with release-it, resulting in the following:

 > release-it -VV --ci --npm.skipChecks --no-git.requireCleanWorkingDir "--preRelease=next" "--npm.tag=next"

$ git rev-parse --abbrev-ref HEAD
main
$ git config --get branch.main.remote
origin
$ git remote get-url origin
git@github.com:webdriverio-community/wdio-electron-service.git
$ git fetch
Warning: Identity file /d06a28ed-398b-4f71-a5ac-97168fa6a4b5 not accessible: No such file or directory.
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
goosewobbler commented 6 hours ago

We may be able to use something like the https://github.com/marketplace/actions/ssh-agent-deploy-key action to ensure release-it can use the deploy key.