Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify signing task should not run on Pull Request builds #153

Closed
6 tasks done
gep13 opened this issue May 16, 2024 · 1 comment
Closed
6 tasks done

Verify signing task should not run on Pull Request builds #153

gep13 opened this issue May 16, 2024 · 1 comment
Assignees
@gep13
Labels
5 - Released The issue has been resolved, and released to the public for consumption Bug Issues where something has happened which was not expected or intended
Milestone
0.28.2

Comments

@gep13
Copy link
Member

gep13 commented May 16, 2024

Checklist

  • I confirm there are no unresolved issues reported on the Chocolatey Status page.
  • I have verified this is the correct repository for opening this issue.
  • I have verified no other issues exist related to my problem.
  • I have verified this is not an issue for a specific package.
  • I have verified this issue is not security related.
  • I confirm I am using official, and not unofficial, or modified, Chocolatey products.

What You Are Seeing?

When running a build with 0.28.1 of Chocolatey.Cake.Recipe, the verify signing task is running when running a Pull Request build.

Initially, it was thought that this would be fine, however, this will stop people from using the output of a Pull Request build from doing further testing of the package, which is bad.

What is Expected?

The Pull Request build should skip running the verify signing task, that way, the artifacts can be generated, and additional testing performed.

The signing step should run on any releaseable branch, i.e. master, develop, hotfix, etc. and continue to fail the build there if there is a mismatch in signatures. Then a task can be performed to update the signatures, when required.

How Did You Get This To Happen?

Ran PR build on chocolatey/choco, and it failed for invalid signatures.

System Details

N/A

Installed Packages

N/A

Output Log

N/A

Additional Context

N/A
@gep13 gep13 added Bug Issues where something has happened which was not expected or intended 2 - Working A user or team member has started working on the issue labels May 16, 2024
@gep13 gep13 added this to the 0.28.2 milestone May 16, 2024
@gep13 gep13 self-assigned this May 16, 2024
@gep13 gep13 added 4 - Done Code has been added to the repository, and has been reviewed by a team member and removed 2 - Working A user or team member has started working on the issue labels May 16, 2024
@gep13 gep13 closed this as completed May 16, 2024
gep13 added a commit that referenced this issue May 16, 2024
@gep13
(#153) Skip signing verification on PR build
7060d97 
The new verify signing task was running on PR builds, which was causing
the PR build to fail when there were signatures that were invalid.

This stops the flow of doing additional testing on the PR builds, as the
arfifacts would not have been created.

We should skip the verification when running on a PR build (or when on a
non-releaseable branch), that way, the additional task of performing
the re-signing can be completed as a follow up piece of work.
gep13 added a commit that referenced this issue May 16, 2024
@gep13
Merge branch 'hotfix/0.28.2'
173591a 
* hotfix/0.28.2:
  (#153) Skip signing verification on PR build
@gep13 gep13 added 5 - Released The issue has been resolved, and released to the public for consumption and removed 4 - Done Code has been added to the repository, and has been reviewed by a team member labels May 16, 2024
gep13 added a commit that referenced this issue May 16, 2024
@gep13
Merge branch 'master' into develop
b54bf9f 
* master:
  (#153) Skip signing verification on PR build
@choco-bot
Copy link

🎉 This issue has been resolved in version 0.28.2 🎉

The release is available on:

Your GitReleaseManager bot 📦 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gep13 gep13

Labels
5 - Released The issue has been resolved, and released to the public for consumption Bug Issues where something has happened which was not expected or intended
Projects
None yet
Milestone
0.28.2
Development

No branches or pull requests
2 participants
@gep13 @choco-bot