Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add simple 'checks' workflow for PR and Merge events #10

Merged
merged 1 commit into from
Oct 12, 2023
Merged

Add simple 'checks' workflow for PR and Merge events #10

merged 1 commit into from
Oct 12, 2023

Conversation

seanconroy2021
Copy link
Contributor

@seanconroy2021 seanconroy2021 commented Oct 6, 2023
edited
Loading

This workflow automates the following tasks:

  1. On pull requests to the 'main' branch, it runs a basic CI check.

  2. On pushes or merges to the 'main' branch, it runs the CI check. If successful, it triggers the 'release' job, which performs the following actions:

    • Deletes the 'latest' release and its associated tag.
    • Determines the current version (e.g., v1.0.1) and increments it to create a new version (e.g., v1.0.2).
    • Creates a new version release with the updated tag (e.g., v1.0.2).
    • Create or updates the 'latest' EC Validate Release resolves: HACBS-2725

@seanconroy2021 seanconroy2021 mentioned this pull request Oct 6, 2023
Merged
@lcarva
Copy link
Member

lcarva commented Oct 9, 2023
edited
Loading

Do we need a "latest" release? Can it just be inferred from the release with the highest version? Someone could always use @main if they want. I guess latest is a little bit better, since it's gated by testing. But I don't really like that there's a window where the "latest" release disappears. This would break users.

Suggestion: Just stick to semver for releases.

lcarva
lcarva reviewed Oct 9, 2023
View reviewed changes
.github/workflows/checks.yaml Outdated Show resolved Hide resolved
.github/workflows/checks.yaml Outdated Show resolved Hide resolved
.github/workflows/checks.yaml Outdated Show resolved Hide resolved
.github/workflows/checks.yaml Outdated Show resolved Hide resolved
.github/workflows/checks.yaml Show resolved Hide resolved
@seanconroy2021
Copy link
Contributor Author

@lcarva Thanks for the review. I have fixed the problems 👍🏻

simonbaird
simonbaird reviewed Oct 10, 2023
View reviewed changes
.github/workflows/checks.yaml
# image: quay.io/redhat-appstudio/ec-golden-image:latest
# key: ${{ vars.PUBLIC_KEY }}
# policy: " " #TODO Ignore until image is fixed
# extra-params: --ignore-rekor
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's explain more clearly in comments why this is commented out.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done hopefully more clear now 👍🏻

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if this change fixed it: enterprise-contract/golden-container#129

As a side note. Usually, a comment like this would go as the first line of the commented out block so it is obvious to the reader, e.g.:

    # FIXME Commented out because ...
    # - name : Run EC Validate (Long_Lived)
    #   uses: ./
    #   with:

Copy link
Contributor Author

@seanconroy2021 seanconroy2021 Oct 11, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is now a warning I am going try fix it. I think we will leave it commented out for time being

 warnings:
  - metadata:
      code: slsa_source_correlated.source_code_reference_provided
    msg: Expected source code reference was not provided for verification

@seanconroy2021
Add simple 'checks' workflow for PR and Merge events
c76a600 
This workflow automates the following tasks:

1. On pull requests to the 'main' branch, it runs a basic CI check.

2. On pushes or merges to the 'main' branch, it runs the CI check. If successful, it triggers the 'release' job, which performs the following actions:
   - Determines the current version (e.g., v1.0.1) and increments it to create a new version (e.g., v1.0.2).
   - Creates a new version release with the updated tag (e.g., v1.0.2).
resolves: HACBS-2725
Signed-off-by: Sean Conroy [email protected]
lcarva
lcarva approved these changes Oct 11, 2023
View reviewed changes
Copy link
Member

@lcarva lcarva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's merge this so we can see it in action and address any wrinkles later.

@seanconroy2021 seanconroy2021 merged commit a06d1df into enterprise-contract:main Oct 12, 2023
2 checks passed
seanconroy2021 added a commit that referenced this pull request Oct 12, 2023
@seanconroy2021
Merge pull request #10 from seanconroy2021/main
bb370fb 
Add simple  'checks' workflow for PR and Merge events
zregvart pushed a commit that referenced this pull request Oct 18, 2023
@seanconroy2021 @zregvart
Merge pull request #10 from seanconroy2021/main
5edfc50 
Add simple  'checks' workflow for PR and Merge events
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lcarva lcarva lcarva approved these changes

@simonbaird simonbaird Awaiting requested review from simonbaird

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@seanconroy2021 @lcarva @simonbaird