Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI: Adjust FOSSA API secret name #14918

Merged
merged 2 commits into from
Jan 12, 2024
Merged

Conversation

mattlord
Copy link
Contributor

@mattlord mattlord commented Jan 9, 2024

Description

This is a follow-up to: #14333

You can see that the run on the merge to main failed: https://github.com/vitessio/vitess/actions/runs/7466472041/job/20317903610

The FOSSA part of the workflow only runs on main so there's no other way to test it than to merge:

- name: Run FOSSA scan and upload build data
# Fails on pull requests when using the API key secret.
# In order to run it on pull requests we would need to
# generate a push only token and specify that as plain
# text here:
# https://github.com/fossa-contrib/fossa-action#push-only-api-token
if: github.ref == 'refs/heads/main'
uses: fossa-contrib/fossa-action@v2
with:
fossa-api-key: ${{secrets.fossaApiKey}}

We have an open discussion with CNCF to get a push-only API token so that we can enable the scan for pull-requests as well using that: https://github.com/fossa-contrib/fossa-action#push-only-api-token

Related Issue(s)

Checklist

  • "Backport to:" labels have been added if this change should be back-ported to release branches
  • If this change is to be back-ported to previous releases, a justification is included in the PR description
  • Tests were added or are not required
  • Did the new or modified tests pass consistently locally and on CI?
  • Documentation was added or is not required

Copy link
Contributor

vitess-bot bot commented Jan 9, 2024

Review Checklist

Hello reviewers! 👋 Please follow this checklist when reviewing this Pull Request.

General

  • Ensure that the Pull Request has a descriptive title.
  • Ensure there is a link to an issue (except for internal cleanup and flaky test fixes), new features should have an RFC that documents use cases and test cases.

Tests

  • Bug fixes should have at least one unit or end-to-end test, enhancement and new features should have a sufficient number of tests.

Documentation

  • Apply the release notes (needs details) label if users need to know about this change.
  • New features should be documented.
  • There should be some code comments as to why things are implemented the way they are.
  • There should be a comment at the top of each new or modified test to explain what the test does.

New flags

  • Is this flag really necessary?
  • Flag names must be clear and intuitive, use dashes (-), and have a clear help text.

If a workflow is added or modified:

  • Each item in Jobs should be named in order to mark it as required.
  • If the workflow needs to be marked as required, the maintainer team must be notified.

Backward compatibility

  • Protobuf changes should be wire-compatible.
  • Changes to _vt tables and RPCs need to be backward compatible.
  • RPC changes should be compatible with vitess-operator
  • If a flag is removed, then it should also be removed from vitess-operator and arewefastyet, if used there.
  • vtctl command output order should be stable and awk-able.

@vitess-bot vitess-bot bot added NeedsBackportReason If backport labels have been applied to a PR, a justification is required NeedsDescriptionUpdate The description is not clear or comprehensive enough, and needs work NeedsIssue A linked issue is missing for this Pull Request NeedsWebsiteDocsUpdate What it says labels Jan 9, 2024
@mattlord mattlord marked this pull request as ready for review January 9, 2024 23:32
@mattlord mattlord removed NeedsDescriptionUpdate The description is not clear or comprehensive enough, and needs work NeedsWebsiteDocsUpdate What it says NeedsBackportReason If backport labels have been applied to a PR, a justification is required labels Jan 9, 2024
@github-actions github-actions bot added this to the v19.0.0 milestone Jan 9, 2024
@mattlord mattlord removed the Skip CI Skip CI actions from running label Jan 9, 2024
Signed-off-by: Matt Lord <[email protected]>
@mattlord mattlord removed the NeedsIssue A linked issue is missing for this Pull Request label Jan 9, 2024
@mattlord mattlord changed the title CI: Adjust FOSSA secret name CI: Adjust FOSSA API secret name Jan 9, 2024
This is the same runner type used by the other unit test
workflows.

Signed-off-by: Matt Lord <[email protected]>
@@ -9,7 +9,7 @@ permissions: read-all
jobs:
test:
name: Code Coverage
runs-on: ubuntu-22.04
runs-on: gh-hosted-runners-4cores-1
Copy link
Contributor Author

@mattlord mattlord Jan 12, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is unrelated, but should make the codecov workflow more reliable/stable.

Copy link

codecov bot commented Jan 12, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (9df71e0) 47.26% compared to head (d564d17) 47.29%.
Report is 7 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main   #14918      +/-   ##
==========================================
+ Coverage   47.26%   47.29%   +0.02%     
==========================================
  Files        1136     1137       +1     
  Lines      238484   238657     +173     
==========================================
+ Hits       112721   112865     +144     
- Misses     117158   117172      +14     
- Partials     8605     8620      +15     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@deepthi deepthi merged commit c534201 into vitessio:main Jan 12, 2024
102 checks passed
@deepthi deepthi deleted the fossa_update branch January 12, 2024 19:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants