Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deprecate unapproved GHA used in workflows #89

Closed
alexander-demicev opened this issue May 13, 2024 · 3 comments
Closed

Deprecate unapproved GHA used in workflows #89

alexander-demicev opened this issue May 13, 2024 · 3 comments
Assignees
@yiannistri

Comments

@alexander-demicev
Copy link
Member

Soon only approved GHA will be allowed to be used in our workflows. We have some GHAs which are not approved and don't fit the criteria to be approved:

EKS/AKS/GKE Operators:

https://github.com/rancher/aks-operator/blob/archive/.github/workflows/apidiff.yaml#L14
https://github.com/rancher/aks-operator/blob/archive/.github/workflows/e2e.yaml#L75
https://github.com/rancher-sandbox/highlander-reusable-workflows/blob/main/.github/workflows/update-rancher-charts.yaml#L71

GKE
https://github.com/rancher/gke-operator/blob/main/.github/workflows/update-rancher-charts.yaml#L59

Turtles
https://github.com/rancher/turtles/blob/main/.github/workflows/dependabot.yml#L30
https://github.com/rancher/turtles/blob/main/.github/workflows/nightly-test-release.yaml#L120
https://github.com/rancher/turtles/blob/main/.github/workflows/nightly-test-release.yaml#L158
https://github.com/rancher/turtles/blob/main/.github/workflows/pr-md-link-check.yaml#L18
https://github.com/rancher/turtles/blob/main/.github/workflows/pr_size_labeler.yml#L12
https://github.com/rancher/turtles/blob/main/.github/workflows/pr_type.yaml#L12
https://github.com/rancher/turtles/blob/main/.github/workflows/test_chart.yaml#L59

We need to deprecate these by replacing them with bash scripts or creating an alternative in https://github.com/rancher-sandbox/highlander-reusable-workflows/
@alexander-demicev alexander-demicev moved this to Backlog in CAPI / Turtles May 13, 2024
@yiannistri
Copy link

yiannistri commented May 14, 2024
edited
Loading

In order to create PRs we can use either the gh cli (which should be installed by default on the runner) or the actions/github-script@v7 GHA:

- name: cli
  run: gh pr create -B main -H new-feature --title 'New feature' --body 'Created by Github action'
  env:
    GITHUB_TOKEN: ${{ secrets.CUSTOM_TOKEN }}

vs

- name: action
  uses: actions/github-script@v7
  with:
    github-token: ${{ secrets.CUSTOM_TOKEN }}
    script: |
      github.rest.pulls.create({
          owner: context.repo.owner,
          repo: context.repo.repo,
          head: 'new-feature',
          base: 'main',
          title: 'New feature',
          body: 'Created by Github action'
        })

Thoughts / preferences @alexander-demicev ? My preference would be for the latter (script) unless we want to invoke it via a Makefile target instead.

@alexander-demicev
Copy link
Member Author

@yiannistri Yes, we can use the script action

This was referenced May 20, 2024
Merged
Merged
@yiannistri yiannistri self-assigned this May 22, 2024
@yiannistri yiannistri moved this from Backlog to In Progress (8 max) in CAPI / Turtles May 22, 2024
@yiannistri yiannistri mentioned this issue May 23, 2024
Merged
5 tasks
This was referenced May 23, 2024
Merged
Merged
Merged
@Danil-Grigorev
Copy link
Contributor

From the turtles side there is also needed: rancher/turtles-docs#94

@Danil-Grigorev Danil-Grigorev mentioned this issue May 27, 2024
Merged
@mjura mjura mentioned this issue May 27, 2024
Closed
This was referenced May 28, 2024
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
@yiannistri yiannistri moved this from In Progress (8 max) to PR to be reviewed in CAPI / Turtles Jun 3, 2024
@yiannistri yiannistri mentioned this issue Jun 3, 2024
Merged
5 tasks
@yiannistri yiannistri moved this from PR to be reviewed to Done in CAPI / Turtles Jun 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yiannistri yiannistri

Labels
None yet
Projects
CAPI / Turtles
Archived in project
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yiannistri @alexander-demicev @Danil-Grigorev