Trigger a rebuild of appcast.xml on release

[hannesa2]

It's about Sparkle update mechanism work #279 (comment)

[hannesa2]

I tested the usage of the variables
https://github.com/hannesa2/gitx/runs/5233473422?check_suite_focus=true

[hannesa2]

I tested it with a release on my fork https://github.com/hannesa2/gitx/runs/5234832080?check_suite_focus=true

[claytonrcarter]

What do you know about the GITHUBTOKEN secret? Is it someone's personal access token, or is it different/special? My concern is that, if it's linked to a particular acct, then this might only work when GITHUB_ACTOR matches that account. If this is not the case and GITHUBTOKEN is not limited like that, then this looks totally good.

If it is limited, then we might be able to use the built-in token available within actions, like here: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#example-2-calling-the-rest-api

If I'm reading that correctly, then this could be changed like

- run: curl -u $GITHUB_ACTOR:${{ secrets.GITHUBTOKEN }} -X POST https://api.github.com/repos/$GITHUB_REPOSITORY/pages/builds
+ run: curl --header  'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' -X POST https://api.github.com/repos/$GITHUB_REPOSITORY/pages/builds

(and secrets.GITHUB_TOKEN is apparently also available as just github.token)

BTW, once we get this working, we may be able to alter how we handle the page rebuild (again) in the repo settings. If we're able to rebuild on release, then we don't need to rebuild on every update to master. That means we could point the Pages branch back to gh-pages so that it's not mixed in w/ the main repo. (Although it doesn't really matter, I guess. It would just avoid needless page rebuilds.) I had intended the current option (rebuild on main) to be less effort, but if this API call works, it would be more concise.

[hannesa2]

What do you know about the GITHUBTOKEN secret?

It's my personal one. As long as nobody can read it, I've no problem with it.

if it's linked to a particular acct, then this might only work when GITHUB_ACTOR matches that account.

Your doubts are absolute valid !

• either test if my token works 👍

• or I use my account instead of $GITHUB_ACTOR (not necessary because test above works properly)
• or we generate a gitx token, but I don't know from where we should get it or if this is possible
• use your suggestion 👍

* or keep it like it is 👍

I've no strong opinion, what do you prefer ? I would leave it like it is, because the token works and it's the less work.

BTW, once we get this working, we may be able to alter how we handle the page rebuild (again) in the repo settings

Any solution is not elegant, either having a second branch gh-pages all the time or an other repository to host it

[claytonrcarter]

I've no strong opinion, what do you prefer ? I would leave it like it is, because the token works and it's the less work.

If it works, it works! (I had missed that it had been tested w/ gitx:<token>.) If we run into issues, we know we have another option to try. Thank you!