Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Separate test:security task out from test:static #558

Closed
wants to merge 4 commits into from
Closed

Separate test:security task out from test:static #558

wants to merge 4 commits into from

Conversation

davereid
Copy link
Member

@davereid davereid commented May 1, 2024

Fixes #112

How this affects consumers:

  • Running task test:static will no longer run the test:security task by default.
  • No scaffolded workflow changes

How this affects Drainpipe

  • Adds a scheduled workflow for running the Test Static Tests workflow day that will include the task test:security command as a best example.

@davereid davereid changed the title Separate test:security from test:lint Separate test:security task out from test:static May 1, 2024
@davereid davereid mentioned this pull request May 1, 2024
Closed
@github-actions github-actions bot temporarily deployed to pantheon-pr-558 May 1, 2024 16:32 Destroyed
@github-actions github-actions bot temporarily deployed to pantheon-pr-558 May 1, 2024 16:36 Destroyed
deviantintegral
deviantintegral reviewed May 1, 2024
View reviewed changes
.github/workflows/TestStatic.yml
Comment on lines +8 to +9
schedule:
- cron: '0 0 * * *'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there an option for "random 24 hour period"? Or does github already load balance these things?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe that GitHub already does their own load balancing on schedules, you'll often see them occur at off-minutes around the requested schedule.

.github/workflows/TestStatic.yml Outdated
Comment on lines 64 to 66
- name: Run Security Tests
if: ${{ github.event_name == 'schedule' }}
run: ddev task test:security
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we should update the name. Otherwise, reviewers will see "Run security tests" in regular PRs, and wonder why they're skipped?

@github-actions github-actions bot temporarily deployed to pantheon-pr-558 May 2, 2024 18:44 Destroyed
@justafish
Copy link
Member

Thanks @davereid ! We discussed this today and decided to go with #112 (comment)

Give me a shout if you think that's not the direction we should go in and we can re-open this 👍

@justafish justafish closed this May 13, 2024
@justafish justafish deleted the separate-test-security-from-test-lint branch May 13, 2024 14:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deviantintegral deviantintegral deviantintegral left review comments

@justafish justafish Awaiting requested review from justafish

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Separate out security checks from test:static
3 participants
@davereid @justafish @deviantintegral