Automate Github releases with Drone.
Last update: Dec 24, 2021
If you have a project on github that has releases for code or binaries for example it might be a good idea to automate it. Not only this saved a lot of clicks and time, but also it makes releases predictable and therefore less prone to errors in the process.
For this article I will take my own project as the example here, but of course this can be applied to any project, written in whatever language and/or framework.
Also I will base this guide on Drone. But I’m sure there is the same workflow for jenkins/circle/whatever CI/CD system you are using.
This means I’m assuming you have a repository already running with Drone.
The first thing we will need is an access token for the Github API.
You can get them here https://github.com/settings/tokens. I called my
Drone and you need to check the permissions for the repos as follows.
Copy the token and save it somewhere safe. You will see it only once.
We will add this token to our Drone repository settings. For that navigate to your drone instance and open the settings for the repository in question.
I’ve called my secret
github and I have not allowed it in PRs. Otherwise a PR made by some random user could trigger a release. We don’t want that.
Now it’s time to edit our drone file and make everything automatic. The flow at the end will be as follows.
- Code, commit and develop
- When you are ready for the next release we create a tag
- Once a tag is created and pushed drone will automatically build and release that code attached to the tag.
Simple right? Lets see how!
# .drone.yml --- kind: pipeline name: default steps: - name: build image: node pull: always commands: - yarn - yarn run bin when: event: tag - name: publish image: plugins/github-release pull: always settings: api_key: from_secret: github files: bin/* checksum: - sha512 note: CHANGELOG.md when: event: tag --- kind: signature hmac: 3b1f235f6a6f0ee1aa3f572d0833c4f0eec931dbe0378f31b9efa336a7462912 ...
Lets understand what is happening here:
First I’m building my project. In this case this is a standalone typescript executable build by pkg. The build binaries will be emitted into the
./bin folder. But it really does not matter. Could be anything.
Secondly we tell the Github release plugin what files we want to include in the release. In my case this was everything inside the
bin folder. This can also be an array.
files: - dist/* - bin/binary.exe
api_key includes the token, which we load from a secret so that we don’t simply put in the
.drone.yml file, which could be a huge security issue!
checksum setting is also amazing because as the name suggests the plugin automatically generates checksums for all the files. That is amazingly practical and there is no reason not to do that. You can choose a few hash functions but I would suggest simply going with
So how do a trigger a release now?
Simple! First tag your code with the following command
git tag 1.2.3
Now push the tag and drone will be on its way
git push --tags
Thats it! Hope it made your release journey easier 🙂