Skip to content

BUILD-11459: Add update-release-channel composite action skeleton#273

Merged
jayadeep-km-sonarsource merged 1 commit into
masterfrom
feat/jd/BUILD-11459-updateReleaseChannelSkeleton
May 28, 2026
Merged

BUILD-11459: Add update-release-channel composite action skeleton#273
jayadeep-km-sonarsource merged 1 commit into
masterfrom
feat/jd/BUILD-11459-updateReleaseChannelSkeleton

Conversation

@jayadeep-km-sonarsource
Copy link
Copy Markdown
Contributor

@jayadeep-km-sonarsource jayadeep-km-sonarsource commented May 28, 2026

BUILD-11459

Skeleton for the new update-release-channel composite action. Ships the inputs/outputs contract and the dry-run path so the action is invokable end-to-end before the real S3 write logic is added.

Contents

  • update-release-channel/action.yml — composite action with inputs version (required), channel, prefix, product, dryRun; outputs bucket, key, etag.
  • update-release-channel/scripts/write_channel.sh — resolves inputs, echoes them, and writes placeholder bucket/key/etag to $GITHUB_OUTPUT.

Behaviour

  • Vault step (SonarSource/vault-action-wrapper@c154b4a417b51cb98dd71137f49bf20e77c56820, secret path development/aws/sts/downloads) is gated by if: inputs.dryRun != 'true', so the action can be invoked without id-token: write in dry-run.
  • No S3 calls yet — the script is a stub.

Layout

Action lives at update-release-channel/ (repo root), matching the existing update-release-channel/schema/ directory and the convention used by other actions in this repo (promote/, build-gradle/, etc.).

@hashicorp-vault-sonar-prod
Copy link
Copy Markdown

hashicorp-vault-sonar-prod Bot commented May 28, 2026
edited by atlassian Bot
Loading

BUILD-11459

gitar-bot[bot]
gitar-bot Bot reviewed May 28, 2026
View reviewed changes
Comment thread update-release-channel/write_channel.sh Outdated
@jayadeep-km-sonarsource jayadeep-km-sonarsource marked this pull request as ready for review May 28, 2026 09:47
@jayadeep-km-sonarsource jayadeep-km-sonarsource requested a review from a team as a code owner May 28, 2026 09:47
Copilot AI review requested due to automatic review settings May 28, 2026 09:47
Copilot AI reviewed May 28, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Skeleton for a new update-release-channel composite action that will eventually write release channel pointer JSON files to S3. This PR establishes the inputs/outputs contract and a dry-run-capable invocation path, with the actual S3 write logic deferred to a follow-up.

Changes:

  • Add update-release-channel/action.yml defining inputs (version, channel, prefix, product, dryRun), outputs (bucket, key, etag), and steps for action path resolution, Vault (gated on non-dry-run), and the write step.
  • Add update-release-channel/scripts/write_channel.sh as a stub that validates env vars, resolves bucket/key, and writes placeholder outputs to $GITHUB_OUTPUT.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
update-release-channel/action.yml New composite action defining inputs/outputs and steps (action path, Vault, write).
update-release-channel/scripts/write_channel.sh Stub script resolving inputs and emitting placeholder outputs.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@jayadeep-km-sonarsource jayadeep-km-sonarsource force-pushed the feat/jd/BUILD-11459-updateReleaseChannelSkeleton branch from a2794c6 to 5439e45 Compare May 28, 2026 09:52
@jayadeep-km-sonarsource jayadeep-km-sonarsource enabled auto-merge (squash) May 28, 2026 09:52
@jayadeep-km-sonarsource jayadeep-km-sonarsource force-pushed the feat/jd/BUILD-11459-updateReleaseChannelSkeleton branch from 5439e45 to 2dcd19c Compare May 28, 2026 10:00
julien-carsique-sonarsource
julien-carsique-sonarsource approved these changes May 28, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@julien-carsique-sonarsource julien-carsique-sonarsource left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The update-release-channel/scripts/write_channel.sh may be moved to update-release-channel/write_channel.sh unless you expect a lot of files. The usage in this repo is the action file and the script file.

Comment thread update-release-channel/write_channel.sh Outdated
Comment thread update-release-channel/write_channel.sh
Comment thread update-release-channel/write_channel.sh Outdated
Comment thread update-release-channel/action.yml Outdated
@jayadeep-km-sonarsource jayadeep-km-sonarsource force-pushed the feat/jd/BUILD-11459-updateReleaseChannelSkeleton branch from 2dcd19c to 24eb515 Compare May 28, 2026 10:16
@jayadeep-km-sonarsource
Copy link
Copy Markdown
Contributor Author

jayadeep-km-sonarsource commented May 28, 2026

@julien-carsique-sonarsource good catch — moved scripts/write_channel.shwrite_channel.sh at the action root in 24eb515 to match the repo convention (promote/promote.sh, get-build-number/get_build_number.sh).

@jayadeep-km-sonarsource
BUILD-11459: Add update-release-channel composite action skeleton
51de70d 
Adds the action.yml + write_channel.sh stub at update-release-channel/.
Dry-run mode skips the Vault step and writes placeholder bucket/key/etag
to GITHUB_OUTPUT so the action is invokable end-to-end before the real
S3 write logic lands.
@jayadeep-km-sonarsource jayadeep-km-sonarsource force-pushed the feat/jd/BUILD-11459-updateReleaseChannelSkeleton branch from 24eb515 to 51de70d Compare May 28, 2026 10:19
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 28, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues
0 New dependency risks

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@jayadeep-km-sonarsource jayadeep-km-sonarsource merged commit cd944d8 into master May 28, 2026
13 checks passed
@jayadeep-km-sonarsource jayadeep-km-sonarsource deleted the feat/jd/BUILD-11459-updateReleaseChannelSkeleton branch May 28, 2026 10:22
@gitar-bot
Copy link
Copy Markdown

gitar-bot Bot commented May 28, 2026

Code Review ✅ Approved 1 resolved / 1 findings

Adds the update-release-channel composite action skeleton with placeholder S3 logic and vault integration. No issues found.

✅ 1 resolved
Edge Case: No validation of channel input against allowed values

📄 update-release-channel/scripts/write_channel.sh:14 📄 update-release-channel/scripts/write_channel.sh:20
The channel input description documents allowed values as latest, stable, beta, rc, but neither the action nor write_channel.sh validates the input. An arbitrary string (e.g. ../../etc/passwd or an empty string) would be accepted and interpolated into the S3 key path. While this is a skeleton, adding early validation prevents issues when the real PutObject logic lands.

Options

Auto-apply is off → Gitar will not commit updates to this branch.
Display: compact → Showing less information.

Comment with these commands to change:

Auto-apply Compact 
gitar auto-apply:on         

gitar display:verbose

Was this helpful? React with 👍 / 👎 | Gitar

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gitar-bot gitar-bot[bot] gitar-bot[bot] left review comments

Copilot code review Copilot Copilot left review comments

@julien-carsique-sonarsource julien-carsique-sonarsource julien-carsique-sonarsource approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jayadeep-km-sonarsource @julien-carsique-sonarsource