Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: open a PR instead of pushing for Snyk updates #10889

Merged
merged 3 commits into from Oct 12, 2022
Merged

chore: open a PR instead of pushing for Snyk updates #10889

merged 3 commits into from Oct 12, 2022

Conversation

crenshaw-dev
Copy link
Collaborator

@crenshaw-dev crenshaw-dev commented Oct 10, 2022
edited

This PR solves a few problems:

  1. It allows us to get the Snyk docs updates into the master branch without using an App or some other hack to bypass the approver requirement.
  2. It gives us a weekly reminder (in the form of a PR) to check the latest Snyk scan.
  3. It adds the option to trigger one-off runs, which will be helpful for testing and for scanning immediately before major releases.
  4. It adds support for RC releases.
  5. It cleans up the filenames with colons in them which cause problems for Windows users.

@crenshaw-dev
chore: open a PR instead of pushing for Snyk updates
3799e31 
Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
crenshaw-dev
crenshaw-dev commented Oct 10, 2022
View reviewed changes
.github/workflows/update-snyk.yaml
@@ -1,5 +1,6 @@
name: Snyk report update
on:
workflow_dispatch: {}
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Allow this to be run on-demand.

@codecov
Copy link

codecov bot commented Oct 10, 2022
edited

Codecov Report

Base: 45.62% // Head: 45.62% // No change to project coverage 👍

Coverage data is based on head (6bc54c0) compared to base (cac0de1).
Patch has no changes to coverable lines.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #10889   +/-   ##
=======================================
  Coverage   45.62%   45.62%           
=======================================
  Files         236      236           
  Lines       28699    28699           
=======================================
  Hits        13093    13093           
  Misses      13805    13805           
  Partials     1801     1801
Impacted Files Coverage Δ
util/settings/settings.go 51.25% <0.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@crenshaw-dev crenshaw-dev marked this pull request as ready for review October 11, 2022 13:58
@crenshaw-dev
gotta have write for push
adad825 
Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
34fathombelow
34fathombelow approved these changes Oct 11, 2022
View reviewed changes
Copy link
Member

@34fathombelow 34fathombelow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!
I love the idea of creating a PR rather than writing directly to master.

@crenshaw-dev
Copy link
Collaborator Author

@34fathombelow I wanna drop the contents: write permission entirely, and I think I'm gonna do that by creating a bot account. But that'll wait for another PR. :-)

@34fathombelow
Copy link
Member

@crenshaw-dev could we use argo-bot like we do in the release workflow?

@crenshaw-dev
Copy link
Collaborator Author

Hm. I'm not sure that argo-bot is an account, I thought it was just a name... Looking

@crenshaw-dev
Copy link
Collaborator Author

crenshaw-dev commented Oct 11, 2022
edited

Ah-ha! I bet I can use this: https://github.com/argo-bot

good catch!

@crenshaw-dev
save codegen for the automation
6bc54c0 
Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
leoluz
leoluz approved these changes Oct 12, 2022
View reviewed changes
Copy link
Collaborator

@leoluz leoluz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@crenshaw-dev crenshaw-dev merged commit b73363e into argoproj:master Oct 12, 2022
@crenshaw-dev crenshaw-dev deleted the pr-instead-of-push-for-snyk branch October 12, 2022 19:16
nbjohnson pushed a commit to nbjohnson/argo-cd that referenced this pull request Oct 18, 2022
@crenshaw-dev @nbjohnson
chore: open a PR instead of pushing for Snyk updates (argoproj#10889)
809bb77 
* chore: open a PR instead of pushing for Snyk updates

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

* gotta have write for push

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

* save codegen for the automation

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Nicholas Johnson <nbjohnson10@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@34fathombelow 34fathombelow 34fathombelow approved these changes

@leoluz leoluz leoluz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@crenshaw-dev @34fathombelow @leoluz