Merge pull request #37 from joinmisskey/main

Release: 2024.6.1
joinmisskey · May 31, 2024 · e90ee65 · e90ee65
2 parents 8bcf8c3 + 8f3cc94
commit e90ee65
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,18 @@
 CHANGELOG
 =======================================
 
+## 2024.6.1
+
+### General
+-
+
+### Client
+-
+
+### Server
+-
+
+
 ## 2024.6.0
 
 ### General

diff --git a/README.md b/README.md
@@ -27,23 +27,44 @@ You must modify line#6 with the default (develop) branch.
 #### ⅲ. release-with-ready.yml
 Release rc when PR becomes ready for review.
 
-## If you have `on: release` workflows...
-If you have workflow(s) with `on: release`, you must create a GitHub App with following settings and set `RELEASE_APP_ID` and `RELEASE_APP_PRIVATE_KEY` as secrets.
+### 3. Create a GitHub App
+You must create a GitHub App with following settings and set `RELEASE_APP_ID` and `RELEASE_APP_PRIVATE_KEY` as secrets.
 
 Please execute following installation: https://github.com/actions/create-github-app-token/tree/v1/?tab=readme-ov-file#usage
 
+- The `Contents` permission is required for the `on: release` workflow to run via automatic release.  
+  The reason is that `on: release` workflows are not triggered for releases created with the default `GITHUB_TOKEN`.
+- The `Pull requests` permission is required to bypass the protect on the stable branch and perform PR merges.
+
 |App Settings||
 |:--|:--|
 |Webhook||
 |Active|disabled|
 |Repository permission||
 |Contents|Read and Write|
+|Pull requests|Read and Write|
 
 Open `Install App` tab and install to the repository or whole the user/organization.
 
 Then set `USE_RELEASE_APP` as `true` [as a repository variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository).
 
-The reason is that `on: release` workflows are not triggered for releases created with the default `GITHUB_TOKEN`.
+### 4. Create a ruleset to protect the stable branch
+To maintain the integrity of the stable branch, it is recommended that it prohibit push by ruleset.
+
+|New Branch Ruleset||
+|:--|:--|
+|Enforcement status|Active|
+|Bypass list||
+|+ Add bypass|GitHub App you created and installed|
+|Targets|
+|Target branches|stable|
+|Branch protections||
+|Restrict creations|Enable|
+|Restrict updates|Enable|
+|Restrict deletions|Enable|
+|Require a pull request before merging|Enable|
+|Required approvals|1|
+|Block force pushes|Enable|
 
 ## Repository secrets and variables
 ### Secrets

diff --git a/package.json b/package.json
@@ -1,4 +1,4 @@
 {
   "name": "sandbox-actions-release",
-  "version": "2024.6.0"
+  "version": "2024.6.1"
 }
diff --git a/packages/misskey-js/package.json b/packages/misskey-js/package.json
@@ -1,4 +1,4 @@
 {
   "name": "sandbox-actions-release-misskey-js",
-  "version": "2024.6.0"
+  "version": "2024.6.1"
 }