Merge pull request #13629 from electron/use-dot-env

docs: use .env (and .env.example) for tokens used in release
2018-07-17 11:57:42 -04:00 · 2018-07-17 11:57:42 -04:00 · 05538aa32c
commit 05538aa32c
parent 6edbb3e3ed 6ea0e73b47
7 changed files with 23 additions and 12 deletions
--- a/.env.example
+++ b/.env.example
@ -0,0 +1,7 @@
+# These env vars are only necessary for creating Electron releases.
+# See docs/development/releasing.md
+
+APPVEYOR_TOKEN=
+CIRCLE_TOKEN=
+ELECTRON_GITHUB_TOKEN=
+VSTS_TOKEN=
--- a/docs/development/releasing.md
+++ b/docs/development/releasing.md
@ -8,11 +8,10 @@ upload an Electron release. Contact a team member for more
 information.

 There are a handful of `*_TOKEN` environment variables needed by the release
-scripts. Once you've generated these per-user tokens, you may want to keep
-them in a local file that you can `source` when starting a release.
+scripts:
+
 * `ELECTRON_GITHUB_TOKEN`:
-Create as described at https://github.com/settings/tokens/new,
-giving the token repo access scope.
+Create this by visiting https://github.com/settings/tokens/new?scopes=repo
 * `APPVEYOR_TOKEN`:
 Create a token from https://windows-ci.electronjs.org/api-token
 If you don't have an account, ask a team member to add you.
@ -26,6 +25,11 @@ with the scope of `Build (read and execute)`.
 * `ELECTRON_S3_SECRET_KEY`:
 If you don't have these, ask a team member to help you.

+Once you've generated these tokens, put them in a `.env` file in the root directory
+of the project. This file is gitignored, and will be loaded into the 
+environment by the release scripts.
+
+
 ## Determine which branch to release from

 - **If releasing beta,** run the scripts below from `master`.
--- a/script/ci-release-build.js
+++ b/script/ci-release-build.js
@ -1,3 +1,5 @@
+require('dotenv-safe').load()
+
 const assert = require('assert')
 const request = require('request')
 const buildAppVeyorURL = 'https://windows-ci.electronjs.org/api/builds'
@ -44,7 +46,6 @@ async function makeRequest (requestOptions, parseResponse) {
 }

 async function circleCIcall (buildUrl, targetBranch, job, options) {
-  assert(process.env.CIRCLE_TOKEN, 'CIRCLE_TOKEN not found in environment')
  console.log(`Triggering CircleCI to run build job: ${job} on branch: ${targetBranch} with release flag.`)
  let buildRequest = {
    'build_parameters': {
@ -77,7 +78,6 @@ async function circleCIcall (buildUrl, targetBranch, job, options) {
 }

 function buildAppVeyor (targetBranch, options) {
-  assert(process.env.APPVEYOR_TOKEN, 'APPVEYOR_TOKEN not found in environment')
  const validJobs = Object.keys(appVeyorJobs)
  if (options.job) {
    assert(validJobs.includes(options.job), `Unknown AppVeyor CI job name: ${options.job}.  Valid values are: ${validJobs}.`)
@ -139,7 +139,6 @@ async function buildVSTS (targetBranch, options) {
    assert(vstsJobs.includes(options.job), `Unknown VSTS CI job name: ${options.job}. Valid values are: ${vstsJobs}.`)
  }
  console.log(`Triggering VSTS to run build on branch: ${targetBranch} with release flag.`)
-  assert(process.env.VSTS_TOKEN, 'VSTS_TOKEN not found in environment')
  let environmentVariables = {}

  if (!options.ghRelease) {
--- a/script/find-release.js
+++ b/script/find-release.js
@ -1,3 +1,5 @@
+require('dotenv-safe').load()
+
 const GitHub = require('github')
 const github = new GitHub()

--- a/script/prepare-release.js
+++ b/script/prepare-release.js
@ -1,10 +1,10 @@
 #!/usr/bin/env node

+require('dotenv-safe').load()
 require('colors')
 const args = require('minimist')(process.argv.slice(2), {
  boolean: ['automaticRelease', 'notesOnly', 'stable']
 })
-const assert = require('assert')
 const ciReleaseBuild = require('./ci-release-build')
 const { execSync } = require('child_process')
 const fail = '\u2717'.red
@ -19,7 +19,6 @@ const versionType = args._[0]
 // TODO (future) automatically determine version based on conventional commits
 // via conventional-recommended-bump

-assert(process.env.ELECTRON_GITHUB_TOKEN, 'ELECTRON_GITHUB_TOKEN not found in environment')
 if (!versionType && !args.notesOnly) {
  console.log(`Usage: prepare-release versionType [major | minor | patch | beta]` +
     ` (--stable) (--notesOnly) (--automaticRelease) (--branch)`)
--- a/script/release.js
+++ b/script/release.js
@ -1,8 +1,8 @@
 #!/usr/bin/env node

+require('dotenv-safe').load()
 require('colors')
 const args = require('minimist')(process.argv.slice(2))
-const assert = require('assert')
 const fs = require('fs')
 const { execSync } = require('child_process')
 const GitHub = require('github')
@ -18,8 +18,6 @@ const temp = require('temp').track()
 const { URL } = require('url')
 let failureCount = 0

-assert(process.env.ELECTRON_GITHUB_TOKEN, 'ELECTRON_GITHUB_TOKEN not found in environment')
-
 const github = new GitHub({
  followRedirects: false
 })
--- a/script/upload-to-github.js
+++ b/script/upload-to-github.js
@ -1,3 +1,5 @@
+require('dotenv-safe').load()
+
 const GitHub = require('github')
 const github = new GitHub()
 github.authenticate({type: 'token', token: process.env.ELECTRON_GITHUB_TOKEN})