Releases: CleverCloud/clever-cloud-review-app
v2.0.1
This minor update enables to turn off comments on PRs.
This can be useful when mixing this action with other actions to avoid conflicts, or to use a different action than the one used in this one.
v2.0.0
V2 Overview
This version brings an improved interface for the comment section on deployments, as well as updated security practices in names and docs.
Comment section
Depending on the state of the PR, a unique comment will be updated (see an example). For this, it uses:
- create or update comment action
- find-comment (from the same author) to update comment in new workflows on the same PR
Breaking changes?
None. Users who switch to the new version will see the updated version of the comment on the opened PR.
Security
Some inputs have been removed, to reduce risks. Even if the owner chooses the inputs for composite actions, reducing risks of injections attack, we decided to reduce free inputs from users overall, to reduce any potential risk.
Breaking changes?
For users using the name, the workflow might break while using this version. Removing it from the workflow file should solve the issue.
v1.1.1
Fixes bug that prevented custom domain input instead of the default generated one from GitHub variables.
v1.1.0
Conditional comments depending on the actions performed on the PR (deploy, update, delete).
v1.0.0
Automate the action to make it composite, to ease the integration into users repositories.
Use GitHub variable for app-name input
- Previous version: user had to manually input the
app-nameto set application name, application alias and review app domain. - This version: the workflow uses the repository name by default to automatically input the
app-namevalue.
Variable used: ${{ github.event.pull_request.base.repo.name }}
Improved Security Update
Goal
Allow external contribution while limiting external user generated input in the script
Changes
Scripts don't use BRANCH_NAME but github.event.number (#PR, GitHub generated).
Security update
This release contains a general security update with the following:
- Sourcing secrets in the step memory instead of yaml templating in shell script
- Guide on how to generate throwaway
CLEVER_SECRETandCLEVER_TOKENonly for GitHub Actions
v0.2.0
PRs from forks can now trigger a review app deployment.
v0.1.0 - Initial Release
First release for Clever Cloud Review Apps GitHub Action.
This action uses clever-tools to deploy review apps every time a PR is opened, redeploys on changes and delete it on PR closing (merged or not).
It currently works with branches pushed on the same repository and not across forks.