Commit Graph

68 Commits

Author SHA1 Message Date
riya-singhal31
1bc090d975 ci: update github actions for k8s 1.27
Signed-off-by: riya-singhal31 <rsinghal@redhat.com>
2023-04-21 08:18:33 +00:00
Madhu Rajanna
60248ce811 ci: remove kubernetes 1.23 from github action
Removed kubernetes 1.23 from github action
as 1.23 is not supported anymore.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-04-21 06:46:30 +00:00
dependabot[bot]
cb05525d4f rebase: Bump peter-evans/create-or-update-comment from 2 to 3
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 2 to 3.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v2...v3)

---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-13 08:46:07 +00:00
dependabot[bot]
ac5d58f30e rebase: Bump actions/stale from 7 to 8
Bumps [actions/stale](https://github.com/actions/stale) from 7 to 8.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v7...v8)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-28 07:10:20 +00:00
Niels de Vos
c84b4a15ba ci: only run test-retest-action if the PR modifies the action
There is no need to run the `test-retest-action` GitHub Workflow if
there are no changes under the `actions/retest` directory.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2023-02-21 10:58:52 +00:00
Niels de Vos
3325e5045e ci: do not run commitlint GitHub Action on dependabot PRs
Currently commitlint is only skipped for PR at the time dependabot
creates them. Once Mergify rebases them, commitlint is started anyway.
This causes failed CI runs, which then need to be ignored. It is cleaner
to not run commitlint on any PR that dependabot owns.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2023-02-21 10:58:52 +00:00
Niels de Vos
773d2df564 ci: no need to run multi-arch-build for /actions/retest
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2023-02-20 14:18:15 +00:00
Niels de Vos
3a28b0f370 ci: add /api to dependabot configuration
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2023-02-20 14:18:15 +00:00
Niels de Vos
48822d942d ci: use context.issue.number for removing ok-to-test
`github.event.pull_request.number` does not seem to be valid as a script
object/variable.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2023-02-20 12:34:15 +00:00
Niels de Vos
3252c1e782 ci: remove ok-to-test label after commenting
Once the comments have been added, the `ok-to-test` label can be
removed. This makes it possible to simplify the Mergify configuration.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2023-02-20 11:10:23 +01:00
Niels de Vos
c3bc1f720b ci: add Kubernetes 1.26 as default version to test
Kubernetes 1.26 has been released at the end of 2022 and should be
tested frequently.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2023-01-31 08:30:38 +00:00
dependabot[bot]
911bc6eabc rebase: bump actions/stale from 6 to 7
Bumps [actions/stale](https://github.com/actions/stale) from 6 to 7.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-04 09:45:15 +00:00
dependabot[bot]
f0cc5a0ef8 rebase: bump actions/dependency-review-action from 2 to 3
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 2 to 3.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-17 13:00:22 +00:00
Humble Chirammal
95dac056f2 ci: fix formatting for the interval in dependabot configuration
as per the documentation `""` has to be mentioned for the schedule
interval value field. This commit ensures it and make it consistent.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-15 03:34:37 +00:00
Niels de Vos
38c4832665 ci: do not leave testing comments on merged PRs
A PR with status `github.event.pull_request.merged == true` does not
need to be tested again.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-11-11 11:35:05 +00:00
Madhu Rajanna
f19805a40b ci: consider kubernetes 1.25 for tests
As we have successful runs with kubernetes
1.25 Marking is as default for CI jobs and
required for merging PR.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-28 15:57:05 +02:00
Madhu Rajanna
4039bf5063 ci: remove kubernetes 1.22 tests
As we need to test with last 3 Kubernetes
releases removing Kubernetes 1.22
as we have 1.23, 1.24 and 1.25

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-28 15:57:05 +02:00
Madhu Rajanna
659567cfdc ci: add github action to trigger E2E
based on the discussion on the slack
channel. we are adding a github action
to trigger the CI jobs when a ok-to-test
label is added on the PR.

This action is based on below github action
https://github.com/peter-evans/create-or-update-comment

Sample Demo avaiable at
https://github.com/Madhu-1/
\label-commentor-action-testing/pull/4

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 06:59:22 +00:00
dependabot[bot]
5c8564c69d rebase: bump actions/stale from 5 to 6
Bumps [actions/stale](https://github.com/actions/stale) from 5 to 6.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-04 06:40:14 +00:00
Madhu Rajanna
842279b811 ci: use ubuntu-latest for stale job
Currently, we use the Ubuntu 18.04 actions runner
for stale job. This runner will be deprecated
and removed in the beginning of Dec.
So should change the runner to use latest ubuntu.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-08-16 07:00:44 +00:00
dependabot[bot]
05ccb31a45 rebase: bump actions/dependency-review-action from 1 to 2
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 1 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-24 08:17:57 +00:00
Naveen
60281fab40 ci: included dependency review
Dependency Review GitHub Action in your repository to enforce dependency
reviews on your pull requests.

Signed-off-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-24 06:48:22 +00:00
Niels de Vos
bbecb81d4f ci: add ci/skip/multi-arch-build label
If the `ci/skip/multi-arch-build` label is set on a PR, the GitHub
Workflow only builds for the local architecture. This makes it possible
to merge PRs faster.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-05-10 06:08:22 +00:00
dependabot[bot]
6d23e750be rebase: bump docker/login-action from 1 to 2
Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-10 05:02:33 +00:00
Madhu Rajanna
b4ff3884f1 ci: remove set-safe-directory from commitlint
Removed set-safe-directory option from the
commitlint.yaml as its not working as expected.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-05-09 05:57:14 +00:00
Niels de Vos
9533889b64 ci: do not set safe.directory for commitlint checkout
Commitlint fails with errors like:

```
git fetch -v origin devel
fatal: unsafe repository ('/go/src/github.com/ceph/ceph-csi' is owned by
someone else)
To add an exception for this directory, call:

	git config --global --add safe.directory /go/src/github.com/ceph/ceph-csi
make: *** [Makefile:153: commitlint] Error 128
```

By not setting the option with actions/checkout@v3, the error should not
happen anymore.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-05-09 03:10:04 +00:00
naveen
2672fad90a ci: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way,
 even if the attackers will succeed in compromising your workflow,
 they won’t be able to do much.

- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 20:21:15 +05:30
dependabot[bot]
b1a0f42b31 rebase: bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 12:47:46 +00:00
dependabot[bot]
194db3edd5 rebase: bump actions/stale from 3 to 5
Bumps [actions/stale](https://github.com/actions/stale) from 3 to 5.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v3...v5)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 10:29:39 +00:00
Naveen
09f8ee0f3f ci: Included githubactions in the dependabot config
This should help with keeping the GitHub actions updated on new
releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure:
https://docs.github.com/en/code-security/dependabot

GitHub actions up to dat: e
https://docs.github.com/en/code-security/dependabot/ \
  working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

dependency-update-tool:
https://github.com/ossf/scorecard/blob/main/docs/checks.md

Signed-off-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 09:57:57 +00:00
Rakshith R
6dd5fe9360 ci: use CEPH_CSI_BOT token for retest action
For retest action's comment `@Mergifyio refresh`
to be accepted by mergifyio,
the bot should have write permissions to the repo.
Therefore, use Ceph-csi-bot instead of github actions
bot.

Signed-off-by: Rakshith R <rar@redhat.com>
2022-03-18 05:27:49 +00:00
Humble Chirammal
73ecf06f97 ci: rename golangci linter github action file to proper name
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-07 09:12:10 +00:00
Rakshith R
8488d6bec2 ci: fix helm chart push for release branches
Currently BRANCH_NAME for release branches is not set causing
the source in helm chart to be set as
sources:
  - https://github.com/ceph/ceph-csi/tree//charts/ceph-csi-cephfs

Current change fixes it.

Signed-off-by: Rakshith R <rar@redhat.com>
2021-11-22 07:55:59 +00:00
Niels de Vos
5c59a89b02 ci: add actions/retest to dependabot checks
Adding actions/retest to the dependabot configuration makes sure all
vendored packages will get updated when new releases are available.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-11-18 07:52:29 +00:00
Madhu Rajanna
0a5bd09a61 ci: fix branch name in retest action
updated the branch name from main to
devel in retest action workflow.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-17 05:50:43 +00:00
Madhu Rajanna
b62de1376d ci: update github workflow to test docker build
updated github action to test a retest action
docker build workflow.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-17 05:50:43 +00:00
Madhu Rajanna
f9f465073f ci: add github action to build retest
added basic github action for
retest building.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-16 12:03:36 +00:00
Madhu Rajanna
ed6d28a1fc ci: add action to retest failed approved PR's
Adding github action to retest the failed
approved PR's. sample output is available
at https://github.com/Madhu-1/retest-action/pull/3

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-16 12:03:36 +00:00
Rakshith R
191b603974 ci: remove gh action gosec linter,since it is already part of golangci
This commit removes gosec standalone linter and related parts,
since golangci linter runs gosec linter too.

Signed-off-by: Rakshith R <rar@redhat.com>
2021-11-16 12:29:56 +01:00
Niels de Vos
b95f3cdcbc ci: do not let dependabot automatically rebase
When dependabot creates a PR, and an other gets merged, the bot
automatically triggers a rebase. This will drop any approvals, causing
delays in the review/merge process.

The project uses Mergify to automatically rebase when needed, and
approvals are retained when Mergify rebases PR. By disabling the
auto-rebasing done by dependabot, fewer rebases should be needed,
contributors only need to review once, and CI jobs are triggered less
often.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-11-03 03:25:08 +00:00
Niels de Vos
97525f5e74 ci: add make go-test-api to GitHub Action
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-10-05 11:26:50 +00:00
Yati Padia
1cf14cd83c cleanup: rework on naming conventions
This commits replaces cephfs -> cephFS
to maintain consistency throughout the
codebase

Updates: #1465

Signed-off-by: Yati Padia <ypadia@redhat.com>
2021-09-24 06:17:17 +00:00
Niels de Vos
28899a36c8 ci: do not run commitlint GitHub Action for dependabot
The commit messages that Dependabot (@app/dependabot) creates are not
always accepted by the commitlint check. The configuration for
dependabot does not give a lot of options to customize the message, so
instead of adjusting the message to pass commitlint, just skip the check
(Mergify does not require commitlint status either).

See-also: #2460
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-09-01 15:02:18 +02:00
Niels de Vos
e08d184984 ci: ignore k8s.io/kubernetes dependencies
These dependencies are pulled in by k8s.io/kubernetes with version
v0.0.0. It is therefore required to use 'replace' in go.mod to select a
compatible version of the additional k8s.io packages.

Dependabot does not seem to update packages listed in 'replace', only
under 'require'. That means, the version updates done by Dependabot do
not have any effect, as the contents is replaced with a different
version anyway. Ignoring these packages prevents the creation of
non-functional PRs.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-08-31 09:03:12 +00:00
Niels de Vos
c17b3f69bd ci: add dependabot config for updating vendored packages
Vendored dependencies need updating on regular basis. This is currently
done manually by developers, but it can be automated by Dependabot. By
dropping the dependabot.yml config file in the .github/ directory the
bot should get enabled.

See-also: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-08-30 13:51:49 +00:00
Madhu Rajanna
2036b587d7 ci: add github workflow for stale
added github action to check for the
stale issues and PRs. the action will
get scheduled everydata at 21:00 UTC.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-08-26 11:00:30 +05:30
Madhu Rajanna
630798d95e ci: remove stale bot configuration
This commit removes the stale bot
configration as stale bot repo is not actively
maintained anymore.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-08-26 11:00:30 +05:30
Yati Padia
e077c1fdf5 cleanup: run codespell on containerized testing
This commit adds a new target codespell to the
make containerized-test.

Fixes: #2229

Signed-off-by: Yati Padia <ypadia@redhat.com>
2021-08-12 09:42:54 +05:30
Prasanna Kumar Kalever
ebe4e1f944 ci: ignore spell check for design proposal images
To avoid failures triggered by checking SVG image formats.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-07-28 11:54:59 +05:30
Madhu Rajanna
9fde4f7f18 ci: disable push artifacts on fork repos
disabling push artifacts github action on the
fork repos as it doesnot makes sense to run push
actions on the fork repo.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-17 10:11:13 +02:00