-
Notifications
You must be signed in to change notification settings - Fork 0
Back Up Instructions
George M. Dias edited this page Mar 8, 2022
·
2 revisions
You may be creating a release of the SAF Action so that it includes the latest SAF CLI node module dependency, includes new updates to the action itself, or both! Check out the following instructions to make sure you include the latest dependencies, any changes you may have committed, and the appropriate tags when making a release.
1. Ensure you have the most recent commits to the SAF Action locally.
- Run
git clone <repo>orgit pullif this repository is already cloned locally.
2. Determine the new SAF Action version.
This version should be the latest version of the SAF Action, found under the "Releases" section of the main GitHub page, with an incremented patch, minor, or major version number depending on the type of change. The SAF Action major version should correspond to the SAF CLI major version in its dependencies. Minor and patch versions need not match.
| UPDATE | NEW SAF Action VERSION NUMBER |
|---|---|
| SAF CLI new patch version | Bump SAF Action patch version |
| SAF CLI new minor version | Bump SAF Action minor version |
| SAF CLI new major version | Bump SAF Action major version |
| SAF Action functionality change | Bump SAF Action according to semantic versioning standards |
3. Update package.json file and node modules.
- Remove old node modules:
rm -rf node_modules/* - Update
package.jsonfile to include the latest SAF CLI version and the new SAF Action version number that you want to release (determined in step 2). - Rebuild node modules:
npm i - add changes:
git add . - commit changes:
git commit -m "Updated node modules to use new SAF CLI version and updated SAF Action version number"
CHOOSE STEP 4 DIRECTIONS:
4. For updating MINOR or PATCH version change:
- Create a release tag with annotations by doing the following. The annotation will be displayed in the release notes.
- (You can view SAF Action tags by writing
git tag) - Add the new release tag from step 2 (ex tag name full:
v1.2.1) with an annotation. This tag name full is the new version of the SAF Action, and is only required to have the same major version number as the SAF CLI, but can have different minor or patch numbers.- Ex:
git tag -a -m "Using SAF CLI verion v1.0.6" <tagNameFull>
- Ex:
- Delete previous major release tag (ex tag name major:
v1) by running- Ex:
git push origin :refs/tags/<tagNameMajor>
- Ex:
- Re-add the major release tag (ex tag name major:
v1) to reference the latest SAF Action semantic version tag. You can use the same annotation. Notice this includes a force flag:-f.- Ex:
git tag -f -a -m "Using SAF CLI verion v1.0.6" <tagNameMajor>
- Ex:
- Push the tags to the remote repository. Branch should be
main.git push --atomic origin <branch name> <tagNameFull> <tagNameMajor>
- (You can view SAF Action tags by writing
4. For updating MAJOR version change:
- Create a release tag with annotations by doing the following. The annotation will be displayed in the release notes.
- (You can view SAF Action tags by writing
git tag) - Add the new release tag from step 2 (ex tag name full:
v1.2.1) with an annotation. This tag name full is the new version of the SAF Action, and is only required to have the same major version number as the SAF CLI, but can have different minor or patch numbers.- Ex:
git tag -a -m "Using SAF CLI verion v1.0.6" <tagNameFull>
- Ex:
- Add the major release tag (ex tagNameMajor:
v1) to reference the latest SAF Action semantic version tag. You can use the same annotation.- Ex:
git tag -f -a -m "Using SAF CLI verion v1.0.6" <tagNameMajor>
- Ex:
- Push the tags to the remote repository.
git push --atomic origin <branch name> <tagNameFull> <tagNameMajor>
- (You can view SAF Action tags by writing
5. Release the newly tagged version.
- Wait for the
draft-releaseworkflow to complete. - Click "Releases"
- Click on the newly drafted release and click the edit button to edit the draft
- Check "Publish this release to the GitHub Marketplace"
- Click "Publish release"
Optional Information: Running Dependabot manually to detect latest dependency updates and update node modules
- Ensure the SAF Action has the latest version of the mitre/saf node module by manually running a dependabot check if necessary.
- From the saf_action GitHub page, click "Insights" from the top menu bar.
- Click "Dependency Graph" on the left menu list
- Click "Dependabot"
- Click "Last checked X days/hours ago"
- Click "Check for updates"
- Wait for the Dependabot check and the "Auto Approve and Merge Dependabot PRs" workflow to complete, building the latest node modules. (This can be seen by clicking the "Actions" option in the top menu.)