-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
adding breaking change label to container #1809
base: main
Are you sure you want to change the base?
adding breaking change label to container #1809
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1809 +/- ##
==========================================
- Coverage 57.93% 50.35% -7.58%
==========================================
Files 50 70 +20
Lines 3119 4180 +1061
==========================================
+ Hits 1807 2105 +298
- Misses 1154 1843 +689
- Partials 158 232 +74 ☔ View full report in Codecov by Sentry. |
4a65cb0
to
831689d
Compare
Signed-off-by: Javan lacerda <javanlacerda@google.com>
831689d
to
ddad4b2
Compare
run: | | ||
FORMATED_LABELS="--image-label commit-hash=$GITHUB_SHA" | ||
|
||
BRANCH_NUMBER=$(gh pr list --state all --search "sha:$GITHUB_SHA" --label "breaking-change" | awk '{print $1}') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we check if we need to create a PAT for this or if the default token is fine? We sometimes hit rate limits when querying GitHub. I’d rather not manage another token but just wanna check.
Cc @cpanato
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One other idea is to change this to fire on PR closure, like what’s documented in https://stackoverflow.com/questions/71523153/github-actions-on-pull-request-merged-with-specific-labels
You could then checkout from HEAD based on the git sha.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Eh, that might not work - commit shas will differ after being squashed to merge to HEAD.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it should be fine as I tested this same action in my fork and it worked properly. https://github.com/javanlacerda/fulcio/actions/runs/10997017464/job/30531560844. Just hadn't the authorization to push the image, what is expected.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i see this and will reply tomorrow (25/sept/2024) sorry !
- name: container | ||
run: KO_PREFIX=gcr.io/projectsigstore/fulcio/ci/fulcio make sign-keyless-ci | ||
run: | | ||
echo "Formated Label: ${{ steps.labels.outputs.FORMATED_LABELS }}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could tackle this in the next PR, but I think we also need to handle labeling containers with merge times such that we can sort them and deploy only the latest commit. Otherwise if we merge two PRs at the same time, and the earlier GitHub action completes after the later GitHub action, then we would deploy an older commit.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be good. but we can also look to the repo's commit history and check the order, right?
run: | | ||
FORMATED_LABELS="--image-label commit-hash=$GITHUB_SHA" | ||
|
||
BRANCH_NUMBER=$(gh pr list --state all --search "sha:$GITHUB_SHA" --label "breaking-change" | awk '{print $1}') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thinking about how this will be used in PGI: Have you thought about how we will handle if multiple PRs are merged in a short period with only one labeled as a breaking change? Are we going to search back through all containers built after the last deployment?
Summary
It checks and adds the
breaking-change
label to the container that is created by thebuild-container
action.It also adds a label with the
commit-hash
to the container.Release Note
Documentation