-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix for issue #3820 failed to make validate-git in local env #4094
fix for issue #3820 failed to make validate-git in local env #4094
Conversation
On running make validate-git On my local mac cloned from the main brunch Seems the default for the variable at "docker-bake.hcl" COMMIT_RANGE = "" Is causing the make command to exit with error: COMMIT_RANGE required This is set with correct values in the git actions process, and pass. But should also be executed and pass in local env. Solution: updating the default in the docker-"bake.hcl" file as naive value of `HEAD..HEAD` and overriding it with local env values from the "Makefile". in addition adding the "coverage.txt" file to the git ignore so it will not get checked in. Signed-off-by: alik42 <alik.rogotner@gmail.com>
…nvironmnt Signed-off-by: Alik <120061088+alik42@users.noreply.github.com>
@@ -31,6 +31,7 @@ bin/* | |||
|
|||
# Cover profiles | |||
*.out | |||
coverage.txt |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why are you ignoring this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry for the delay in answer:
the coverage.txt
file is product of the make test-coverage
action.
it is generated as a result of current file status in the developer work env and not the official file version stored in the git repo. there for it may provide false status of the state of coverage then the acutal code base has.
if it is needed as a persistant state indector, we should ensure it is ignored as default by developer commits and fource commit it's state as a CI pipeline stage.
in both cases it should be in the .gitignore
list
example:
To check in a file into a Git repository and ensure that only the Continuous Integration (CI) system can update it, you can follow these general steps:
-
Create the File:
- Create the file that you want to add to the repository.
-
Add the File to Git:
-
Use the following commands to add the file to the Git repository:
git add your_file_name git commit -m "Add your_file_name to the repository"
-
-
Add a
.gitignore
Entry:-
To make sure the file is not accidentally modified or committed by developers, add an entry for the file in the
.gitignore
file. If the file is sensitive, consider not including it in the repository at all. The.gitignore
file is used to specify intentionally untracked files that Git should ignore.Create or edit the
.gitignore
file and add the file name to it:your_file_name
-
-
Protect the Branch:
- Restrict write access to the branch where this file resides. You can use branch protection settings on platforms like GitHub, GitLab, or Bitbucket. For example, on GitHub:
- Go to your repository on GitHub.
- Click on the "Settings" tab.
- Navigate to "Branches" or a similar section.
- Enable branch protection for the branch containing your file.
- Configure the branch protection rules, such as requiring pull request reviews, status checks, or other criteria.
- Restrict write access to the branch where this file resides. You can use branch protection settings on platforms like GitHub, GitLab, or Bitbucket. For example, on GitHub:
-
CI Configuration:
- Set up your CI system to update the file. This usually involves updating the file during the build or deployment process triggered by CI.
- Store any sensitive information needed for CI in secure environment variables or secret management systems provided by your CI platform.
-
Encryption (Optional):
- If the file contains sensitive information and needs to be stored in the repository, consider encrypting the file before committing it. The CI system can then decrypt it during the build process.
Remember to adapt these steps based on your specific CI system, version control platform, and project requirements. Always be cautious when handling sensitive information and follow best practices for security.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know what the file is and I know how it's generated - I'm one of the maintainers of this project.
Why are you pasting all these snippet of some kinda README
into this comment?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Guess I was writing too many md files lately that I write this in my mails
and comment to PRs as well. LOL
Sorry if my replay was too detailed / assumed you are not aware of this
file. Figured not just reviewers might read the conversation wanted the
contexts will be clear.
In the example I Just pasted the flow to "commit and ignore a file" so I would have it in the context of the change.
We can't reproduce this and our CI works fine as well. Mind closing this issue? |
On running make validate-git
On my local mac cloned from the main brunch
Seems the default for the variable at "docker-bake.hcl" COMMIT_RANGE = ""
Is causing the make command to exit with error:
COMMIT_RANGE required
This is set with correct values in the git actions process, and pass. But should also be executed and pass in local env.
Solution:
updating the default in the docker-"bake.hcl" file as naive value of
HEAD..HEAD
and overriding it with local env values from the "Makefile".in addition adding the "coverage.txt" file to the git ignore so it will not get checked in.