-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace sbt-github-packages with call to maven #9
base: main
Are you sure you want to change the base?
Conversation
I am wondering if alternatively we could just set a Scala Steward github token, if that is not being used then most likely any token will do, what do you think? |
That would definitely work in my case. |
I don't want to do anything too complicated for you but I wonder if scala steward could have an optional script entry point letting repositories set stuff like that on your behalf. |
Hmm... that's worth dicussing in the main repository. |
I'm on my phone now, will mention it there when I get back. |
// Publish to GitHub Packages: | ||
githubOwner := "broadinstitute", | ||
githubRepository := artifactId, | ||
githubTokenSource := TokenSource.Environment("GITHUB_TOKEN") || TokenSource.GitConfig("github.token") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you not just set it to some empty default otherwise? Coming to think of it it's a bit weird that env variable needs to be set in order to build the project.
This might also be an issue within sbt-github-packages. This should be checked lazily when publishing.
Setting "GITHUB_TOKEN" in Scala Steward might be a bit of a hack I think.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right, it's definitely an issue within sbt-github-packages
, which absolutely should be loading this value lazily but isn't. It's been noted in issues and even PRs in the repository, but there hasn't been any action there. I assume that TokenSource
doesn't define a Literal
instance in the ADT to prevent people from committing sensitive data in their builds.
That's one of the reasons why this PR is appealing to me - GitHub doesn't really support SBT publishing to the GitHub Package Repository anyway, but it does support using Maven, so publishing this way, while less "scala-like", is more in line with GitHub's expectations.
I was working on this a bit during my spare time on vacation, and at the time, I didn't see an easy way to set a default but I might have been looking in the wrong places. I wonder if SBT has a way to do a conditional assignment somehow, will take a quick look.
Initial attempt to address VirtusLab/scala-steward-repos#98 (comment)
This work is based on the instructions found here:
https://www.stevenskelton.ca/scala-sbt-publishing-to-github-packages/
I have chosen to hard code the
settings.xml
file with most of the details filled in. Only theGITHUB_TOKEN
is filled in from the environment.Unfortunately this will be challenging to test in the wild without simply running a release, however I'm not above publishing a snapshot and removing it later.