Merged
Conversation
Oddly
force-pushed
the
fix/ci-workflow-cleanup
branch
10 times, most recently
from
69aa731 to
44c2a66
Compare
Added security-events: write to kics.yml permissions so the SARIF upload step can actually push results to GitHub code scanning. This broke silently after #31 added permissions: contents: read. Moved the upgrade test from weekly-on-Sunday plus push-to-main to a daily schedule. Running on push was too late to catch regressions since PRs never trigger these tests, and weekly was too infrequent. Removed tests/unit/plugins/module_utils/test_api.py which imports plugins/module_utils/api.py — a module that doesn't exist in the repo. The test was never run by CI anyway. Fixed test_cert_info.py to skip date field assertions since the fixture P12 cert has a hardcoded expiry of 2026-03-28 that would cause the test to fail once the cert expires. Updated plugins/modules/README.md tested versions to match current CI reality (cryptography 42-46, Python 3.11-3.12, ansible-core 2.18-2.20).
Oddly
force-pushed
the
fix/ci-workflow-cleanup
branch
from
44c2a66 to
79e9995
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The KICS workflow SARIF upload has been broken since #31 added
permissions: contents: readwithoutsecurity-events: write. This went unnoticed because the upload only runs on push to main, not on PRs. Added the missing permission.The upgrade test workflow was only triggered on push to main (too late to catch regressions) and ran weekly. Moved it to a daily schedule and dropped the push trigger since PRs never triggered it anyway.
Removed
tests/unit/plugins/module_utils/test_api.pywhich imports a nonexistentplugins/module_utils/api.py. Fixedtest_cert_info.pyto not assert on date fields from the fixture cert that expires 2026-03-28. Updatedplugins/modules/README.mdtested versions to match current CI (cryptography 42-46, Python 3.11-3.12, ansible-core 2.18-2.20).Partial fix for #38