New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update directly executed scripts inside workflows #1107
Conversation
Signed-off-by: thepetk <thepetk@gmail.com>
Codecov ReportPatch and project coverage have no change.
Additional details and impacted files@@ Coverage Diff @@
## main #1107 +/- ##
=======================================
Coverage 35.79% 35.79%
=======================================
Files 52 52
Lines 6679 6679
=======================================
Hits 2391 2391
Misses 4144 4144
Partials 144 144 Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Your changes looks good, just found these two lines missed:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO file permissions are a part of the repo and should be maintained in PRs (this allows e.g. someone committing a non-executable ./docker-run.sh
, which isn't ideal) but I won't block merge.
@michael-valdron maybe my bad I've checked only the |
Signed-off-by: thepetk <thepetk@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: michael-valdron, thepetk The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@amisevsk I agree that we should be maintaining our UNIX permissions. There is however an issue with the reliability of the Windows filesystem and results in The changes here are to allow required scripts for the CI to execute without having the UNIX execution permission set so that PRs from Windows contributors no longer have unintended permissions changes. This comes with an additional good and bad side, the good is that the permissions are being reduced so there is no security concerns here, the bad is that UNIX-based users will have a slight inconvenience of executing these scripts like In addition to the current changes, we are planning to:
|
* 2.2.0 release cut Signed-off-by: Stephanie <yangcao@redhat.com> * enable gosec (#969) * enable gosec Signed-off-by: Kim Tsao <ktsao@redhat.com> * Fix G601 errors Signed-off-by: Kim Tsao <ktsao@redhat.com> * Fix warnings Signed-off-by: Kim Tsao <ktsao@redhat.com> * Add newline Signed-off-by: Kim Tsao <ktsao@redhat.com> Signed-off-by: Kim Tsao <ktsao@redhat.com> * Update the devfile spec to 2.2.1 alpha (#980) Signed-off-by: Paul Schultz <pschultz@pobox.com> * Bump kubernetes-client/gen revision to fix git dubious ownership error (#1045) * bump kubernetes-client/gen revision to fix git dubious ownership error Signed-off-by: Michael Valdron <mvaldron@redhat.com> * whitespace changes. Signed-off-by: Michael Valdron <mvaldron@redhat.com> * set openapi generator ref to version which supports typescript generation. Signed-off-by: Michael Valdron <mvaldron@redhat.com> --------- Signed-off-by: Michael Valdron <mvaldron@redhat.com> * Fix Dependabot issues (#1047) * fix dependabot issues, requires a bump in k8s versions Signed-off-by: Kim Tsao <ktsao@redhat.com> * re-generated devworkspace files Signed-off-by: Kim Tsao <ktsao@redhat.com> * Vendor updates Signed-off-by: Kim Tsao <ktsao@redhat.com> --------- Signed-off-by: Kim Tsao <ktsao@redhat.com> * fix gosec v2.14.0 (#1034) Signed-off-by: Michael Valdron <mvaldron@redhat.com> * Update python runtime version for `release-typescript-models` job (#1051) * bump python runtime version for 'release-typescript-models' job. Signed-off-by: Michael Valdron <mvaldron@redhat.com> * bump setup-python action to v4 for 'release-typescript-models' job. Signed-off-by: Michael Valdron <mvaldron@redhat.com> --------- Signed-off-by: Michael Valdron <mvaldron@redhat.com> * Add workflow for managing stale issues & PRs (#1055) Adds a GitHub workflow for managing stale & rotten issues and PRs. Issues & PRs are marked stale after 90 days of inactivity. After 60 further days, they are marked as rotten and closed. * Clarify hotReloadCapable field (#1091) * Clarify hotReloadCapable field Signed-off-by: Philippe Martin <phmartin@redhat.com> * Auto-generated Signed-off-by: Philippe Martin <phmartin@redhat.com> * Specify isDefault Signed-off-by: Philippe Martin <phmartin@redhat.com> * Clarify description Signed-off-by: Philippe Martin <phmartin@redhat.com> --------- Signed-off-by: Philippe Martin <phmartin@redhat.com> * update kubernetes/openshift endpoint validation (#1098) * update endpoint validation Signed-off-by: Stephanie <yangcao@redhat.com> * update unit test Signed-off-by: Stephanie <yangcao@redhat.com> * update the test error check to be more clear Signed-off-by: Stephanie <yangcao@redhat.com> * add unit test for two kube components Signed-off-by: Stephanie <yangcao@redhat.com> --------- Signed-off-by: Stephanie <yangcao@redhat.com> * Update release doc (#1110) Signed-off-by: Kim Tsao <ktsao@redhat.com> * Update directly executed scripts inside workflows (#1107) * Update directly executed scripts on workflows Signed-off-by: thepetk <thepetk@gmail.com> * Update directly executed scripts on bash scripts Signed-off-by: thepetk <thepetk@gmail.com> --------- Signed-off-by: thepetk <thepetk@gmail.com> * Add area alizer label to all issue templates (#1149) Signed-off-by: thepetk <thepetk@gmail.com> * Update deprecated github actions to latest version (#1231) * Update deprecated github actions Signed-off-by: thepetk <thepetk@gmail.com> * Remove jsonschema dep from validate samples Signed-off-by: thepetk <thepetk@gmail.com> --------- Signed-off-by: thepetk <thepetk@gmail.com> * Add license header file and script (#1256) * add license header file Signed-off-by: Michael Valdron <mvaldron@redhat.com> * addlicense script Signed-off-by: Michael Valdron <mvaldron@redhat.com> * update README with instructions on adding license headers Signed-off-by: Michael Valdron <mvaldron@redhat.com> * update license headers under source files Signed-off-by: Michael Valdron <mvaldron@redhat.com> * remove license header from generated source Signed-off-by: Michael Valdron <mvaldron@redhat.com> * add_license.sh ignores zz_generated.* source files Signed-off-by: Michael Valdron <mvaldron@redhat.com> * check license headers script added Signed-off-by: Michael Valdron <mvaldron@redhat.com> * check license headers script added to CI workflow Signed-off-by: Michael Valdron <mvaldron@redhat.com> --------- Signed-off-by: Michael Valdron <mvaldron@redhat.com> * add signoff Signed-off-by: Stephanie <yangcao@redhat.com> --------- Signed-off-by: Stephanie <yangcao@redhat.com> Signed-off-by: Kim Tsao <ktsao@redhat.com> Signed-off-by: Paul Schultz <pschultz@pobox.com> Signed-off-by: Michael Valdron <mvaldron@redhat.com> Signed-off-by: Philippe Martin <phmartin@redhat.com> Signed-off-by: thepetk <thepetk@gmail.com> Co-authored-by: Kim Tsao <84398375+kim-tsao@users.noreply.github.com> Co-authored-by: Paul Schultz <pschultz@pobox.com> Co-authored-by: Michael Valdron <michael.valdron@gmail.com> Co-authored-by: Michael Valdron <mvaldron@redhat.com> Co-authored-by: John Collier <jcollier@redhat.com> Co-authored-by: Philippe Martin <phmartin@redhat.com> Co-authored-by: Theofanis Petkos <thepetk@gmail.com>
What does this PR do?
It ensures that all script executions, inside
.github/workflows
are not directly executed and that the script file is passed to the appropriate shell defined by the scripts shebang. For example. in the case of a bash script./build.sh
would becomebash ./build.sh
.Which issue(s) does this PR fix
fixes #973
PR acceptance criteria
Testing and documentation do not need to be complete in order for this PR to be approved. We just need to ensure tracking issues are opened.
Unit/Functional tests
QE Integration test
Documentation
Client Impact
How to test changes / Special notes to the reviewer