Fix PRs from forks #556
Fix PRs from forks #556
Conversation
|
Waiting for approval from someone in the solo-io org to start testing. |
| @@ -1,16 +1,17 @@ | |||
| name: pull_request | |||
| name: Code format check | |||
There was a problem hiding this comment.
Having two very unrelated workflows with the same name wasn't terribly helpful.
| steps: | ||
| - name: Cancel Previous Actions | ||
| uses: styfle/cancel-workflow-action@0.11.0 | ||
| uses: styfle/cancel-workflow-action@0.12.1 |
There was a problem hiding this comment.
I've upgraded each action as there doesn't appear to be any particular reason to use old actions
| access_token: ${{ github.token }} | ||
| - name: Free disk space | ||
| run: | | ||
| : Free disk space |
There was a problem hiding this comment.
This is a fancy hack I've learned that makes reading GitHub action logs better
| - uses: google-github-actions/setup-gcloud@a48b55b3b0eeaf77b6e1384aab737fbefe2085ac | ||
|
|
||
| - name: Gcloud login | ||
| if: ${{ env.has_auth }} | ||
| uses: google-github-actions/auth@v2 |
There was a problem hiding this comment.
Google refactored their actions a long time ago so that the login step is done by this other action.
| if: ${{ env.has_auth }} | ||
| uses: google-github-actions/auth@v2 | ||
| with: | ||
| version: '290.0.1' | ||
| project_id: ${{ secrets.GCP_PROJECT_ID }} | ||
| service_account_key: ${{ secrets.GCP_SA_KEY }} | ||
| export_default_credentials: true | ||
| name: Gcloud Login | ||
| credentials_json: ${{ secrets.GCP_SA_KEY }} | ||
| create_credentials_file: true | ||
| env: | ||
| has_auth: ${{ secrets.GCP_PROJECT_ID && secrets.GCP_SA_KEY && 1 }} |
There was a problem hiding this comment.
In order to not try to auth when you don't have credentials, you have to bend over backwards because GitHub doesn't give you access to secrets in if
|
|
||
| It("can read changelog file", func() { | ||
| changelogFile, err := reader.ReadChangelogFile(ctx, "changelog/v0.1.1/1.yaml") | ||
| changelogFile, err := reader.ReadChangelogFile(ctx, fmt.Sprintf("changelog/v0.1.1/%s", log)) |
There was a problem hiding this comment.
Since I found a similar v0.1.1, I'm using Sprintf to select the filename -- I could have left the entire string in the variables above, but this seemed slightly easier to understand. (Apparently changelog/{rev}/ is a thing.)
| if os.Getenv("SKIP_GCLOUD_TESTS") == "" { | ||
| Context("builders", func() { |
There was a problem hiding this comment.
This stuff needs Gcloud, and it's. incredibly dangerous to let foreign code run with credentials, so the safest thing to do is not to run it.
| if os.Getenv("HAS_CLOUDBUILD_GITHUB_TOKEN") == "" { | ||
| repo = "reporting-client" | ||
| repoWithoutReleasesName = "unik-hub" | ||
| sha = "af5d207720ee6b548704b06bfa6631f9a2897294" | ||
| commitsInSha = 2 | ||
| commit1 = "7ef898bc3df32db0e1ed2dee70a838c955a7b422" | ||
| commit2 = "f47eacc21bd62e6bc8bb8954af0dc1817079af0d" | ||
| tagWithSha = "v0.1.2" | ||
| shaForTag = "a1c75ffaa40ea2b89368bfc338dc3f6f990b6df2" | ||
| } |
There was a problem hiding this comment.
a bunch of tests needed alternates. So these are the alternates
| Context("With write token", func() { | ||
| BeforeEach(func() { | ||
| if os.Getenv("HAS_CLOUDBUILD_GITHUB_TOKEN") == "" { | ||
| Skip("Needs write token") | ||
| } | ||
| }) |
There was a problem hiding this comment.
As with the Gcloud stuff, these need write tokens and you can't safely give out write tokens to random people, so they have to be skipped. This is a problem, but, there isn't really a better approach. If it matters, a member should make their own branch based on the contributor's branch and make a new PR from that.
| GINKGO_VERSION ?= $(shell echo $(shell go list -m github.com/onsi/ginkgo/v2) | cut -d' ' -f2) | ||
| GINKGO_ENV ?= GOLANG_PROTOBUF_REGISTRATION_CONFLICT=ignore ACK_GINKGO_DEPRECATIONS=$(GINKGO_VERSION) | ||
| GINKGO_FLAGS ?= -v -tags=purego -compilers=4 -fail-fast -race -randomize-suites -randomize-all -skip-package=./installutils/kubeinstall,./debugutils/test | ||
| GINKGO_FLAGS ?= -v -tags=purego -compilers=4 $(shell [ -z "${CI}" ] && echo '-fail-fast') -race -randomize-suites -randomize-all -skip-package=./installutils/kubeinstall,./debugutils/test |
There was a problem hiding this comment.
It took me a lot of round trips to GitHub to find and fix all of the items here. It would have been much less painful if -fail-fast was omitted. So, let's omit it for CI builds.
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Google split auth out of setup-gcloud... Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
|
Issues linked to changelog: |
1 participant
BOT NOTES:
resolves Fix PRs from forks #556