Skip to content

ci: upload QA builds for installer #10479

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
FoxtrotSierra6829 wants to merge 17 commits into
base: master
Choose a base branch
from
Open

ci: upload QA builds for installer #10479

FoxtrotSierra6829 wants to merge 17 commits into from

Conversation

@FoxtrotSierra6829
Copy link
Member

@FoxtrotSierra6829 FoxtrotSierra6829 commented Jan 14, 2026
edited
Loading

Requires (incorporates) #10478

Summary of Changes

  • uploads PRs to Cloudflare CDN
  • updates QA config when PR is opened or updated
  • updates QA config when PR is closed
  • removes CDN files when PR is closed

Screenshots (if necessary)

grafik

References

FoxtrotSierra6829/fbw-aircraft-test#1
FoxtrotSierra6829/fbw-aircraft-test#2
FoxtrotSierra6829/fbw-aircraft-test#3
FoxtrotSierra6829/fbw-aircraft-test#4

Additional context

flybywiresim/installer#537

Secrets are now only accessed when handling code of the trusted targeted branch. Previously, secrets could be accessed on PRs from upstream branches but were inaccessible from PRs from forks.

Discord username (if different from GitHub):
foxtrotsierra

Testing instructions

  1. Download the FlyByWire installer with QA functionality https://github.com/flybywiresim/installer/releases/tag/v3.6.0
  2. Go into Settings.
  3. Hold CTRL+ALT and click on the text Settings (in the navigation bar)
  4. Go into Developer Settings
  5. In QA Configuration URLs click add URL and add https://flybywirecdn.com/installer/qa-config/pull-requests.json
  6. Click Reload Installer
  7. Download/update/change your A32NX and A380X versions to those from the QA builds selection and confirm it works without issues.

NOTE: Clicking the PR title in the description will lead to a different PR, this is not an issue but working as intended. The test PRs are from another repo.

How to download the PR for QA

Every new commit to this PR will cause new A32NX and A380X artifacts to be created, built, and uploaded.

  1. Make sure you are signed in to GitHub
  2. Click on the Checks tab on the PR
  3. On the left side, find and click on the PR Build tab
  4. Click on either flybywire-aircraft-a320-neo, flybywire-aircraft-a380-842 (4K) or flybywire-aircraft-a380-842 (8K) download link at the bottom of the page

@github-project-automation github-project-automation bot moved this to 🟡 Code Review: Ready for Review in Quality Assurance Jan 14, 2026
@FoxtrotSierra6829 FoxtrotSierra6829 added Do Not Merge Not Ready For Review Still draft but needs a GitHub build pr-build-8k Triggers 8K builds of PRs (skipped otherwise) labels Jan 14, 2026
@FoxtrotSierra6829 FoxtrotSierra6829 force-pushed the quality-assurance-installer branch 8 times, most recently from 7cc8626 to 100fa04 Compare January 14, 2026 23:50
@FoxtrotSierra6829 FoxtrotSierra6829 removed the Not Ready For Review Still draft but needs a GitHub build label Jan 15, 2026
@FoxtrotSierra6829 FoxtrotSierra6829 force-pushed the quality-assurance-installer branch from d62d09e to 2ab8f2e Compare January 15, 2026 02:49
@FoxtrotSierra6829 FoxtrotSierra6829 force-pushed the quality-assurance-installer branch from e5b6353 to a987061 Compare January 18, 2026 12:14
tracernz
tracernz reviewed Jan 27, 2026
View reviewed changes
.github/workflows/pr-build-8k.yml
Comment on lines -61 to +69
echo CLIENT_ID=\"${{ secrets.NAVIGRAPH_CLIENT_ID_A380X }}\" >> fbw-a380x/.env
echo CLIENT_SECRET=\"${{ secrets.NAVIGRAPH_CLIENT_SECRET_A380X }}\" >> fbw-a380x/.env
echo CHARTFOX_SECRET=\"${{ secrets.CHARTFOX_SECRET }}\" >> fbw-a380x/.env
echo SENTRY_DSN=\"${{ secrets.SENTRY_DSN }}\" >> fbw-a380x/.env
echo CLIENT_ID=\"\" >> fbw-a380x/.env
echo CLIENT_SECRET=\"\" >> fbw-a380x/.env
echo CHARTFOX_SECRET=\"\" >> fbw-a380x/.env
echo SENTRY_DSN=\"\" >> fbw-a380x/.env
echo AIRCRAFT_PROJECT_PREFIX=${{ env.AIRCRAFT_PROJECT_PREFIX }} >> fbw-a380x/.env
echo AIRCRAFT_VARIANT=${{ env.AIRCRAFT_VARIANT }} >> fbw-a380x/.env
echo BUILD_DIR_NAME=${{ env.BUILD_DIR_NAME }} >> .env
echo LOCALAZY_READ_KEY=${{ secrets.LOCALAZY_READ_KEY }} >> .env
echo LOCALAZY_READ_KEY=\"\" >> .env
Copy link
Member

@tracernz tracernz Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we want to remove these ones? That will prevent us from testing the Navigraph integration?

Copy link
Member Author

@FoxtrotSierra6829 FoxtrotSierra6829 Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Additional context

Secrets are now only accessed when handling code of the trusted targeted branch. Previously, secrets could be accessed on PRs from upstream branches but were inaccessible from PRs from forks.

This is running untrusted code which can potentially leak secrets. Previously the secrets just weren't available on fork PRs but now since the context is the target branch but except for the workflow file we are running PR code until later, these secrets would be available to be dumped.

FozzieHi
FozzieHi reviewed Jan 28, 2026
View reviewed changes
@FozzieHi FozzieHi mentioned this pull request Jan 29, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tracernz tracernz tracernz left review comments

@pdellaert pdellaert Awaiting requested review from pdellaert

+1 more reviewer

@FozzieHi FozzieHi FozzieHi left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

Do Not Merge pr-build-8k Triggers 8K builds of PRs (skipped otherwise)

Projects

Quality Assurance
Status: 🟡 Code Review: Ready for Review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@FoxtrotSierra6829 @tracernz @FozzieHi