You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: readme.md
+20-6Lines changed: 20 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -38,7 +38,7 @@ Within the GitHub Actions workflow which deploys your plugin to WordPress.org:
38
38
```
39
39
40
40
> [!WARNING]
41
-
> In order to support plugin release confirmation, which is a manual step, this action will attempt to fetch the zip file from WordPress.org for up to 60 minutes. You can adjust this via the `timeout` input parameter.
41
+
> In order to support [plugin release confirmation](https://developer.wordpress.org/plugins/wordpress-org/release-confirmation-emails/) this action will attempt to fetch the zip file from WordPress.org for up to 60 minutes. You can adjust this via the `timeout` input parameter.
42
42
43
43
## Example workflow
44
44
@@ -76,9 +76,7 @@ This action is specifically for generating an artifact attestation for the ZIP f
76
76
77
77
## Does this work if release confirmation is enabled?
78
78
79
-
The plugin directory on WordPress.org provides a feature called [Release Confirmation](https://developer.wordpress.org/plugins/wordpress-org/release-confirmation-emails/).
80
-
81
-
This action supports release confirmation because it is designed to retry fetching the plugin ZIP from WordPress.org for up to 60 minutes by default, which allows you time to confirm the release.
79
+
Yes, this action supports [plugin release confirmation](https://developer.wordpress.org/plugins/wordpress-org/release-confirmation-emails/) because it will repeatedly attempt to fetch the plugin ZIP from WordPress.org for up to 60 minutes by default, which allows you time to confirm the release.
## How can I test this action without doing a release?
97
+
98
+
Add the steps to a `workflow_dispatch` workflow that checks out a tag, zips it up, and then runs it. You can use the 10up WordPress.org Plugin Deploy action with the `dry-run` input parameter to get the ZIP file path.
99
+
100
+
Optionally use the `dry-run` input parameter for this action to perform all the steps without actually creating and publishing the attestation.
101
+
102
+
## How do I re-run attestation if the action times out before I confirm the release on WordPress.org?
103
+
104
+
See above.
105
+
98
106
## Where can I see the attestations for my plugin?
99
107
100
-
The action will output a link to the attestation within your repo.
108
+
The action will output a link to the attestation.
101
109
102
-
You can also view all the attestations from the Attestations link on the Actions screen of your repo.
110
+
You can also view all attestations from the Actions -> Attestations screen in your repo.
103
111
104
112
## Can I call this action within a reusable workflow?
105
113
106
114
Yes, but be aware that when a consumer verifies an attestation they need to use the name of the repo containing the workflow file that performed the attestation. If the reusable workflow is in the same repo as your plugin then there's no problem, but if your reusable workflow lives in a different repo then they'll need to use the name of that repo.
107
115
116
+
## TODO
117
+
118
+
* Make the `version` input parameter optional
119
+
* Add support for arbitrary remote hosts in addition to wordpress.org
120
+
* Consider how attestations can be used as part of workflows for installing and deploying plugins
0 commit comments