GHA workflow to automate creation of GH releases & tags

[glennmoy]

Closes #161 and #207

• deletes upload/download_tarballs.jl and associated code
• updates docs
• updates CI.yml to not run on tags
• updates artifacts_CI.yml to only run on tags (rename to Tag.yml?)
• creates Release.yml that is manually triggered to create (pre-)releases
• replaces Artifacts.toml on main with a dummy entry (to be used with Overrides.toml)

[codecov]

Codecov Report

Merging #194 (1eb7229) into main (38b631e) will increase coverage by 0.72%.
Report is 6 commits behind head on main.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main     #194      +/-   ##
==========================================
+ Coverage   95.63%   96.35%   +0.72%     
==========================================
  Files          12       13       +1     
  Lines         595      631      +36     
==========================================
+ Hits          569      608      +39     
+ Misses         26       23       -3     

Flag	Coverage Δ
Ray.jl	96.35% <ø> (+0.72%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 9 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[glennmoy]

Ok, following up after a test run the pre-release and tag were correctly made but the downstream workflow that was supposed to run on push: tag didn't run.

This is because GitHub precludes workflows which are triggered by a GITHUB_TOKEN (github actions bot) as a precaution to prevent endless workflow loops.

Looking into a few recommended solutions, one was to create a PAT, which I don't think is suitable as it's scoped to the user, while the other was to create a Deploy key which is slightly better as it's scoped to the repo.

Testing the latter sadly didn't work either :/ . I expected it to at least run the artifacts_CI on main but no luck. So I'm going change tack slightly to make a simpler solution favouring #194

In other words, the new workflow will be to create PRs as normal, then trigger a manual "Create Pre-Release" workflow. This circumvents the GITHUB_TOKEN restrictions as it's nominally triggered by the user: https://github.blog/changelog/2022-09-08-github-actions-use-github_token-with-workflow_dispatch-and-repository_dispatch/

I've tested the Pre-release workflow on this branch on: push and then manually triggerd the Artifacts CI workflow to promote the pre-release to a Release. See below

[glennmoy]

i.e. can only be manually triggered and allows for triggering of downstream workflows, e.g. artifacts_CI.yml on tag creation

[kleinschmidt]

does this run any risk of multiple PRs being merged and picking up either too old or too new artifacts?

[glennmoy]

actually yeah I think that's a risk if we use branch dawidd6/action-download-artifact#240

but if we use commit it should be deterministic

[omus]

I believe there is a definite danger here of making a release with the wrong tarballs

[glennmoy]

even with commit? in the linked issue there's confounding variables as the OP is using check_artifacts and search_artifacts which have fallback behaviour

[omus]

Just curious if you tried git fetch --tags? If that works then you can change the check later to !(project.version in tags) to support backports

[glennmoy]

yeah I think it worked - I'll do it as a follow up. Afraid of accidentally breaking things now...

[omus]

Left another round of suggestions. I'd prefer if the Pre-release workflow was automatically triggered but this will do.

I believe the issue you ran into with the push not re-triggering the workflow is this: https://github.community/t/push-from-action-does-not-trigger-subsequent-action/16854. I don't think we need to take care of that in this PR and can look into this as a follow up.