Commit Graph

100 Commits

Author SHA1 Message Date
dependabot[bot]
5c8564c69d rebase: bump actions/stale from 5 to 6
Bumps [actions/stale](https://github.com/actions/stale) from 5 to 6.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-04 06:40:14 +00:00
Madhu Rajanna
842279b811 ci: use ubuntu-latest for stale job
Currently, we use the Ubuntu 18.04 actions runner
for stale job. This runner will be deprecated
and removed in the beginning of Dec.
So should change the runner to use latest ubuntu.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-08-16 07:00:44 +00:00
dependabot[bot]
05ccb31a45 rebase: bump actions/dependency-review-action from 1 to 2
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 1 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-24 08:17:57 +00:00
Naveen
60281fab40 ci: included dependency review
Dependency Review GitHub Action in your repository to enforce dependency
reviews on your pull requests.

Signed-off-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-24 06:48:22 +00:00
Niels de Vos
bbecb81d4f ci: add ci/skip/multi-arch-build label
If the `ci/skip/multi-arch-build` label is set on a PR, the GitHub
Workflow only builds for the local architecture. This makes it possible
to merge PRs faster.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-05-10 06:08:22 +00:00
dependabot[bot]
6d23e750be rebase: bump docker/login-action from 1 to 2
Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-10 05:02:33 +00:00
Madhu Rajanna
b4ff3884f1 ci: remove set-safe-directory from commitlint
Removed set-safe-directory option from the
commitlint.yaml as its not working as expected.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-05-09 05:57:14 +00:00
Niels de Vos
9533889b64 ci: do not set safe.directory for commitlint checkout
Commitlint fails with errors like:

```
git fetch -v origin devel
fatal: unsafe repository ('/go/src/github.com/ceph/ceph-csi' is owned by
someone else)
To add an exception for this directory, call:

	git config --global --add safe.directory /go/src/github.com/ceph/ceph-csi
make: *** [Makefile:153: commitlint] Error 128
```

By not setting the option with actions/checkout@v3, the error should not
happen anymore.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-05-09 03:10:04 +00:00
naveen
2672fad90a ci: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way,
 even if the attackers will succeed in compromising your workflow,
 they won’t be able to do much.

- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 20:21:15 +05:30
dependabot[bot]
b1a0f42b31 rebase: bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 12:47:46 +00:00
dependabot[bot]
194db3edd5 rebase: bump actions/stale from 3 to 5
Bumps [actions/stale](https://github.com/actions/stale) from 3 to 5.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v3...v5)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 10:29:39 +00:00
Naveen
09f8ee0f3f ci: Included githubactions in the dependabot config
This should help with keeping the GitHub actions updated on new
releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure:
https://docs.github.com/en/code-security/dependabot

GitHub actions up to dat: e
https://docs.github.com/en/code-security/dependabot/ \
  working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

dependency-update-tool:
https://github.com/ossf/scorecard/blob/main/docs/checks.md

Signed-off-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 09:57:57 +00:00
Rakshith R
6dd5fe9360 ci: use CEPH_CSI_BOT token for retest action
For retest action's comment `@Mergifyio refresh`
to be accepted by mergifyio,
the bot should have write permissions to the repo.
Therefore, use Ceph-csi-bot instead of github actions
bot.

Signed-off-by: Rakshith R <rar@redhat.com>
2022-03-18 05:27:49 +00:00
Humble Chirammal
73ecf06f97 ci: rename golangci linter github action file to proper name
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-07 09:12:10 +00:00
Rakshith R
8488d6bec2 ci: fix helm chart push for release branches
Currently BRANCH_NAME for release branches is not set causing
the source in helm chart to be set as
sources:
  - https://github.com/ceph/ceph-csi/tree//charts/ceph-csi-cephfs

Current change fixes it.

Signed-off-by: Rakshith R <rar@redhat.com>
2021-11-22 07:55:59 +00:00
Niels de Vos
5c59a89b02 ci: add actions/retest to dependabot checks
Adding actions/retest to the dependabot configuration makes sure all
vendored packages will get updated when new releases are available.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-11-18 07:52:29 +00:00
Madhu Rajanna
0a5bd09a61 ci: fix branch name in retest action
updated the branch name from main to
devel in retest action workflow.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-17 05:50:43 +00:00
Madhu Rajanna
b62de1376d ci: update github workflow to test docker build
updated github action to test a retest action
docker build workflow.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-17 05:50:43 +00:00
Madhu Rajanna
f9f465073f ci: add github action to build retest
added basic github action for
retest building.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-16 12:03:36 +00:00
Madhu Rajanna
ed6d28a1fc ci: add action to retest failed approved PR's
Adding github action to retest the failed
approved PR's. sample output is available
at https://github.com/Madhu-1/retest-action/pull/3

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-16 12:03:36 +00:00
Rakshith R
191b603974 ci: remove gh action gosec linter,since it is already part of golangci
This commit removes gosec standalone linter and related parts,
since golangci linter runs gosec linter too.

Signed-off-by: Rakshith R <rar@redhat.com>
2021-11-16 12:29:56 +01:00
Niels de Vos
b95f3cdcbc ci: do not let dependabot automatically rebase
When dependabot creates a PR, and an other gets merged, the bot
automatically triggers a rebase. This will drop any approvals, causing
delays in the review/merge process.

The project uses Mergify to automatically rebase when needed, and
approvals are retained when Mergify rebases PR. By disabling the
auto-rebasing done by dependabot, fewer rebases should be needed,
contributors only need to review once, and CI jobs are triggered less
often.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-11-03 03:25:08 +00:00
Niels de Vos
97525f5e74 ci: add make go-test-api to GitHub Action
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-10-05 11:26:50 +00:00
Yati Padia
1cf14cd83c cleanup: rework on naming conventions
This commits replaces cephfs -> cephFS
to maintain consistency throughout the
codebase

Updates: #1465

Signed-off-by: Yati Padia <ypadia@redhat.com>
2021-09-24 06:17:17 +00:00
Niels de Vos
28899a36c8 ci: do not run commitlint GitHub Action for dependabot
The commit messages that Dependabot (@app/dependabot) creates are not
always accepted by the commitlint check. The configuration for
dependabot does not give a lot of options to customize the message, so
instead of adjusting the message to pass commitlint, just skip the check
(Mergify does not require commitlint status either).

See-also: #2460
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-09-01 15:02:18 +02:00
Niels de Vos
e08d184984 ci: ignore k8s.io/kubernetes dependencies
These dependencies are pulled in by k8s.io/kubernetes with version
v0.0.0. It is therefore required to use 'replace' in go.mod to select a
compatible version of the additional k8s.io packages.

Dependabot does not seem to update packages listed in 'replace', only
under 'require'. That means, the version updates done by Dependabot do
not have any effect, as the contents is replaced with a different
version anyway. Ignoring these packages prevents the creation of
non-functional PRs.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-08-31 09:03:12 +00:00
Niels de Vos
c17b3f69bd ci: add dependabot config for updating vendored packages
Vendored dependencies need updating on regular basis. This is currently
done manually by developers, but it can be automated by Dependabot. By
dropping the dependabot.yml config file in the .github/ directory the
bot should get enabled.

See-also: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-08-30 13:51:49 +00:00
Madhu Rajanna
2036b587d7 ci: add github workflow for stale
added github action to check for the
stale issues and PRs. the action will
get scheduled everydata at 21:00 UTC.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-08-26 11:00:30 +05:30
Madhu Rajanna
630798d95e ci: remove stale bot configuration
This commit removes the stale bot
configration as stale bot repo is not actively
maintained anymore.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-08-26 11:00:30 +05:30
Yati Padia
e077c1fdf5 cleanup: run codespell on containerized testing
This commit adds a new target codespell to the
make containerized-test.

Fixes: #2229

Signed-off-by: Yati Padia <ypadia@redhat.com>
2021-08-12 09:42:54 +05:30
Prasanna Kumar Kalever
ebe4e1f944 ci: ignore spell check for design proposal images
To avoid failures triggered by checking SVG image formats.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-07-28 11:54:59 +05:30
Madhu Rajanna
9fde4f7f18 ci: disable push artifacts on fork repos
disabling push artifacts github action on the
fork repos as it doesnot makes sense to run push
actions on the fork repo.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-17 10:11:13 +02:00
Madhu Rajanna
924a5ab949 build: git config before commit
currently git commit of the helm charts to
csi-chart repo is failing with below error
```
Author identity unknown

*** Please tell me who you are.

Run

git config --global user.email "you@example.com"
git config --global user.name "Your Name"

to set your account's default identity.
Omit --global to set the identity only in this repository.
```
this commit add git config for bot user.

Note:- used ceph.io in github secrets for the bot user
email and its not a valid email id and am also
looking for suggestion if anyone as.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-10 16:03:40 +02:00
Madhu Rajanna
2eebf6b6e0 build: use cephcsi bot token to push helm charts
GITHUB_TOKEN is auto generated for cephcsi repo
and it cannot be used to push helm charts to
different repo. added new secret CEPH_CSI_BOT_TOKEN
to push helm charts.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-10 12:56:10 +05:30
Madhu Rajanna
36db988f73 ci: pushing artifacts using github actions
As Travis CI `https://travis-ci.org/` is getting
shutdown date on June 15th. Either we need to move
to new place https://www.travis-ci.com/ or we can
switch to github action to push image and the helm
charts when a PR is merged.

fixes: #1781

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-10 10:17:19 +05:30
Niels de Vos
538e36f7a7 ci: pass GITHUB_BASE_REF when running commitlint
GitHub Actions include a merge commit for the PR, which will defeat the
commitlint checking of all the commits inside the PR (only the merge
commit is checked).

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-07 18:19:23 +05:30
Niels de Vos
253858c104 doc: rename "master" branch to "devel"
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-03-01 10:51:30 +05:30
Madhu Rajanna
edf6abce99 ci: add github workflows for static checks
adding a github workflow to run static checks
inside a container.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-12-07 12:57:29 +05:30
Madhu Rajanna
00d34fdb2d ci: run github work flow only for pull request
currently github action are getting trigerred for
both pull and push request, this commits removes the
action for push  events.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-12-02 20:09:56 +05:30
Madhu Rajanna
40ae60cbe4 ci: add github action for multiarch build
added a github action for multiarch docker
build.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-11-30 16:27:52 +01:00
Madhu Rajanna
eee49a6e0a ci: add codespell for spell check
adding a github action to check the spelling
mistakes in the code.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-11-29 12:47:46 +05:30
Niels de Vos
eefaf09ade doc: add common bot commands to GitHub PR template
By placing the common bot commands and their description in the PR
template, developers are reminded on their usage. The idea comes from
the Ceph project where this is done too.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-10-28 11:25:34 +00:00
Jakub Kuzelka
9ab197bc63 fix:remove global values and fix closing values on issues
Signed-off-by: Jakub Kuzelka <jakub@kuzelka.pw>
2020-09-22 14:12:25 +00:00
Humble Chirammal
c2d4200bd8 ci: Enable stale bot on issues
The flag to enable this bot on issues was off. This PR enables it

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2020-05-22 09:09:06 +00:00
Humble Chirammal
3be9d99573 bot: Disable semantic bot from the repo
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2020-05-14 07:04:44 +00:00
Niels de Vos
7e303b6e97 ci: add configuration for "Semantic Pull Request" bot
This configuration enforces the format of commits that are part of a
Pull Request. The title of the PR can be checked as well, that will not
be required for now.

The format of a subject of all commit messages needs to be:

    <component>: <description>

For example:

    ci: add configuration for "Semantic Pull Request" bot

The valid components in the commit message are listed in the
.github/semantic.yaml file as 'types'.

See-also: https://github.com/zeke/semantic-pull-requests#semantic-pull-requests
See-also: https://www.conventionalcommits.org
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-11 11:32:25 +00:00
Humble Chirammal
0457fbe851 ci: add initial configuration for stale bot
The rules are defined here which could enable stale bot.

Additional Ref# https://probot.github.io/apps/stale/

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2020-05-11 09:04:32 +00:00
Madhu Rajanna
d7a02b14c2 Doc: Updated github PR template
Updated github PR template about the rules
to be followed when developer is creating a PR

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-05-06 16:54:15 +00:00
Madhu Rajanna
cf4d5e5244 doc: Update github issue template
Added more details about required versions
and what logs need to be included when raising the bug

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-05-06 15:35:35 +00:00
Humble Chirammal
5d98e0cad4 Add PR/Issue/Feature templates
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-05-27 11:43:44 +00:00