From 03279893735f93e293369ca2e4016f54c6e2d7e3 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 27 Aug 2020 13:08:59 -0400 Subject: [PATCH 1/4] Add status badge for the lineage_scan action --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index acb2a3c..f7d0a7b 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ # action-lineage # [![GitHub Build Status](https://github.com/cisagov/action-lineage/workflows/build/badge.svg)](https://github.com/cisagov/action-lineage/actions) +[![Lineage Scan Status](https://github.com/cisagov/action-lineage/workflows/lineage_scan/badge.svg)](https://github.com/cisagov/action-lineage/actions?query=workflow%3Alineage_scan) [![Coverage Status](https://coveralls.io/repos/github/cisagov/action-lineage/badge.svg?branch=develop)](https://coveralls.io/github/cisagov/action-lineage?branch=develop) [![Total alerts](https://img.shields.io/lgtm/alerts/g/cisagov/action-lineage.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/cisagov/action-lineage/alerts/) [![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/cisagov/action-lineage.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/cisagov/action-lineage/context:python) From 5b3126b89033b6ee43ec2a9558c213f0fbf1cbae Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 27 Aug 2020 14:18:14 -0400 Subject: [PATCH 2/4] Update so a lack of push permissions is not fatal to an Action job --- src/lineage/entrypoint.py | 94 +++++++++++++++++++++++---------------- 1 file changed, 55 insertions(+), 39 deletions(-) diff --git a/src/lineage/entrypoint.py b/src/lineage/entrypoint.py index 1088ee2..7ac7620 100755 --- a/src/lineage/entrypoint.py +++ b/src/lineage/entrypoint.py @@ -180,14 +180,25 @@ def merge(repo: Repository.Repository, github_actor: str) -> Tuple[bool, List[st return True, conflict_file_list -def push(repo: Repository.Repository, branch_name: str, username: str, password: str): +def push( + repo: Repository.Repository, branch_name: str, username: str, password: str +) -> bool: """Push changes to remote.""" - parts: ParseResult = urlparse(repo.clone_url) - cred_url = parts._replace(netloc=f"{username}:{password}@{parts.netloc}").geturl() - logging.info("Assigning credentials for push.") - run([GIT, "remote", "set-url", "origin", cred_url], cwd=repo.full_name) - logging.info(f"Pushing {branch_name} to remote.") - run([GIT, "push", "--set-upstream", "origin", branch_name], cwd=repo.full_name) + if not repo.permissions.push: + logging.warning( + f"⚠️ ERROR! Missing 'push' permission on '{repo.owner.login}/{repo.name}'" + ) + return False + else: + parts: ParseResult = urlparse(repo.clone_url) + cred_url = parts._replace( + netloc=f"{username}:{password}@{parts.netloc}" + ).geturl() + logging.info("Assigning credentials for push.") + run([GIT, "remote", "set-url", "origin", cred_url], cwd=repo.full_name) + logging.info(f"Pushing {branch_name} to remote.") + run([GIT, "push", "--set-upstream", "origin", branch_name], cwd=repo.full_name) + return True def create_pull_request( @@ -333,42 +344,47 @@ def main() -> int: f"Already up to date with: {remote_url} {remote_branch or ''} " ) continue - push(repo, pr_branch_name, "git", access_token) - # Display instructions for ignoring incoming Lineage config changes - display_lineage_config_skip: bool = CONFIG_FILENAME in conflict_file_list - if display_lineage_config_skip: - # This will no longer be a conflict, we tell user how to ignore. - conflict_file_list.remove(CONFIG_FILENAME) - if branch_is_new: - logging.info("Creating a new pull request since branch is new.") - template_data = { - "conflict_file_list": conflict_file_list, - "display_lineage_config_skip": display_lineage_config_skip, - "lineage_config_filename": CONFIG_FILENAME, - "lineage_id": lineage_id, - "local_branch": local_branch, - "metadata": PR_METADATA, - "pr_branch_name": pr_branch_name, - "remote_branch": remote_branch, - "remote_url": remote_url, - "repo_name": repo.name, - "ssh_url": repo.ssh_url, - } - if conflict_file_list: - title = f"⚠️ CONFLICT! Lineage pull request for: {lineage_id}" - body = pystache.render(conflict_template, template_data) - create_pull_request( - repo, pr_branch_name, local_branch, title, body, draft=True - ) + # If we can successfully push, continue with generating a PR + if push(repo, pr_branch_name, "git", access_token): + # Display instructions for ignoring incoming Lineage config changes + display_lineage_config_skip: bool = CONFIG_FILENAME in conflict_file_list + if display_lineage_config_skip: + # This will no longer be a conflict, we tell user how to ignore. + conflict_file_list.remove(CONFIG_FILENAME) + if branch_is_new: + logging.info("Creating a new pull request since branch is new.") + template_data = { + "conflict_file_list": conflict_file_list, + "display_lineage_config_skip": display_lineage_config_skip, + "lineage_config_filename": CONFIG_FILENAME, + "lineage_id": lineage_id, + "local_branch": local_branch, + "metadata": PR_METADATA, + "pr_branch_name": pr_branch_name, + "remote_branch": remote_branch, + "remote_url": remote_url, + "repo_name": repo.name, + "ssh_url": repo.ssh_url, + } + if conflict_file_list: + title = f"⚠️ CONFLICT! Lineage pull request for: {lineage_id}" + body = pystache.render(conflict_template, template_data) + create_pull_request( + repo, pr_branch_name, local_branch, title, body, draft=True + ) + else: + title = f"Lineage pull request for: {lineage_id}" + body = pystache.render(clean_template, template_data) + create_pull_request( + repo, pr_branch_name, local_branch, title, body, draft=False + ) else: - title = f"Lineage pull request for: {lineage_id}" - body = pystache.render(clean_template, template_data) - create_pull_request( - repo, pr_branch_name, local_branch, title, body, draft=False + logging.info( + "Not creating a new pull request since the branch already existed." ) else: logging.info( - "Not creating a new pull request since the branch already existed." + "Not creating a new pull request because of insufficient permissions." ) logging.info("Completed.") From 4eb817ff08a65406280c1d784d118bba9d057526 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 27 Aug 2020 15:52:50 -0400 Subject: [PATCH 3/4] Replace ERROR with WARNING based on feedback --- src/lineage/entrypoint.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lineage/entrypoint.py b/src/lineage/entrypoint.py index 7ac7620..de584a2 100755 --- a/src/lineage/entrypoint.py +++ b/src/lineage/entrypoint.py @@ -60,7 +60,7 @@ def run( logging.info(f"✅ (error ok) return code: {proc.returncode}") elif on_error == OnError.WARN: logging.warning(proc.stdout.decode()) - logging.warning(f"⚠️ ERROR! return code: {proc.returncode}") + logging.warning(f"⚠️ WARNING! return code: {proc.returncode}") else: # OnError.FAIL logging.fatal(proc.stdout.decode()) logging.fatal(f"❌ ERROR! return code: {proc.returncode}") @@ -186,7 +186,7 @@ def push( """Push changes to remote.""" if not repo.permissions.push: logging.warning( - f"⚠️ ERROR! Missing 'push' permission on '{repo.owner.login}/{repo.name}'" + f"⚠️ WARNING! Missing 'push' permission on '{repo.owner.login}/{repo.name}'" ) return False else: From 207c23ccd49d7426bc5c1b1aaf644c6d5143c512 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 27 Aug 2020 16:02:52 -0400 Subject: [PATCH 4/4] Adjusted two more logging statements based on feedback --- src/lineage/entrypoint.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/lineage/entrypoint.py b/src/lineage/entrypoint.py index de584a2..4ce1cea 100755 --- a/src/lineage/entrypoint.py +++ b/src/lineage/entrypoint.py @@ -379,11 +379,11 @@ def main() -> int: repo, pr_branch_name, local_branch, title, body, draft=False ) else: - logging.info( - "Not creating a new pull request since the branch already existed." + logging.warning( + "Not creating a new pull request because the branch already exists." ) else: - logging.info( + logging.warning( "Not creating a new pull request because of insufficient permissions." )