Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: required status checks on main for release workflow #52

Merged
merged 10 commits into from
Mar 3, 2023
Merged

test: required status checks on main for release workflow #52

merged 10 commits into from
Mar 3, 2023

Conversation

chris3ware
Copy link
Member

@chris3ware chris3ware commented Mar 1, 2023
edited
Loading

Currently semantic-release runs on pushes to main to bump the release version and update the CHANGELOG. It uses the 3ware-release app for authentication - which is permitted to bypass pull requests. However, due to the required status checks assigned to main branch's protection rule, the app requires Administrator permissions to bypass the checks.

There are number of long running discussions requesting a skip checks feature for this type of workflow:

community/community#13836

GitHub's documentation does provide a solution for Handling Skipped But Required Checks: https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks#handling-skipped-but-required-checks

You can fix this by creating a generic workflow, with the same name, that will return true in any case similar to the workflow below

This pull request removes the [skip ci] syntax from semantic-releases
commit message.

Generic workflows for the pull request title validation and lint workflows have
also been added - as suggested in GitHub's docs.

Admin permissions will be removed from the application for testing the new workflow.

@chris3ware
remove .gitignore
7b14647 
The terraform .gitignore template is not required in this repository.
@chris3ware
fix spelling mistake
43c2bc3
@chris3ware
add words to cspell config file
9d27842
@chris3ware
attempt to run required_status_checks on main
b76aee4 
When semantic-release pushes to main, the previous commit messages
included `[skip ci]` so `required_status_checks` stayed in a pending
state. This has been removed from the commit message so workflows are
triggered.

A generic workflow has been added for the `Validate PR title` workflow
to ensure this check also runs successfully on pushes to main.
@chris3ware chris3ware requested a review from a team as a code owner March 1, 2023 22:25
@chris3ware chris3ware merged commit 3eb8d3d into main Mar 3, 2023
@chris3ware chris3ware deleted the feat/req-checks-main branch March 3, 2023 12:48
@chris3ware
Copy link
Member Author

This does not work. Checks running on main, with the same name as the required check, still results in the error with admin permissions removed:

[semantic-release](https://github.com/3ware/workflows/actions/runs/4323920422/jobs/7548096741#step:4:106)
Error: Command failed with exit code 1: git push --tags ***github.com/3ware/workflows HEAD:main
remote: error: GH006: Protected branch update failed for refs/heads/main.        
remote: error: Commits must have valid signatures. 2 of 2 required status checks are expected.        
To https://github.com/3ware/workflows
 ! [remote rejected] HEAD -> main (protected branch hook declined)
error: failed to push some refs to 'https://github.com/3ware/workflows'

@chris3ware chris3ware restored the feat/req-checks-main branch March 3, 2023 13:37
@chris3ware chris3ware deleted the feat/req-checks-main branch March 3, 2023 13:37
@chris3ware chris3ware changed the title feat: required status checks on main for release workflow test: required status checks on main for release workflow Mar 3, 2023
chris3ware added a commit that referenced this pull request Mar 3, 2023
@chris3ware
test: required status checks on main for release workflow (#52)
62f9885 
Currently semantic-release runs on pushes to main to bump the release
version and update the CHANGELOG. It uses the 3ware-release app for
authentication - which is permitted to bypass pull requests. However,
due to the required status checks assigned to main branch's protection
rule, the app requires Administrator permissions to bypass the checks.

There are number of long running discussions requesting a *skip checks*
feature for this type of workflow:

community/community#13836

GitHub's documentation does provide a solution for **Handling Skipped
But Required Checks**:
https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks#handling-skipped-but-required-checks

> You can fix this by creating a generic workflow, with the same name,
that will return true in any case similar to the workflow below

This pull request removes the `[skip ci]` syntax from semantic-releases
commit message.

Generic workflows for the pull request title validation and lint workflows have
also been added - as suggested in GitHub's docs.

Admin permissions will be removed from the application for testing the
new workflow.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@chris3ware