Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a ci-update-workflow GitHub Actions to update the go-version matrix #307

Merged
merged 1 commit into from Mar 23, 2023
Merged

Add a ci-update-workflow GitHub Actions to update the go-version matrix #307

merged 1 commit into from Mar 23, 2023

Conversation

chizhg
Copy link
Collaborator

@chizhg chizhg commented Mar 21, 2023
edited

  1. secrets.GCP_CREDENTIALS needs to be uploaded to this repo and it's done.
  2. We need a GCP project to be able to run the gcloud functions runtimes list command, and we decided to use gae-runtimes-private

After this is merged and works well, we will configure the GitHub Actions for the repos for other languages, will then decide whether to put them in each repo, or find a central location.

/cc @jihuin

@chizhg chizhg force-pushed the ci-update-workflow branch 3 times, most recently from 8e06b25 to 6aae7b0 Compare March 22, 2023 03:29
@jihuin jihuin requested a review from jinglundong March 22, 2023 20:50
@jihuin
Copy link
Collaborator

jihuin commented Mar 22, 2023

Adding jinglun as reviewer because I don't have the permission

@chizhg chizhg mentioned this pull request Mar 22, 2023
Closed
@jinglundong
Copy link
Collaborator

  1. secrets.GCP_CREDENTIALS and secrets.PAT need to be uploaded to this repo

I think this is fine. It is a supported security feature of Github. I don't have concerns about secrets leaving GCP. We had previous campaigns to disallow exporting IAM secrets, but I believe it's a different requirement.

  1. We need a GCP project to be able to run the gcloud functions runtimes list command, currently it's using my own dev project

Sure, we should have an official project to run these commands. We could use gae-runtimes-private.

  1. Shall we add this to each repo, or is there a central location that we can put the github actions for all the repos?

I don't know for sure, but I'd assume we need to configure github actions for each repo. Let's discuss that further after we finish the required setup for this repo.

@jinglundong
Copy link
Collaborator

BTW, I'm still seeing this warning "The base branch requires all commits to be signed. Learn more about signing commits."

From my previous experience, I had to fix it by another git clone with the correct git SSH setting.

@chizhg chizhg force-pushed the ci-update-workflow branch 7 times, most recently from 5c90ded to f0fe777 Compare March 23, 2023 00:26
@chizhg
Copy link
Collaborator Author

chizhg commented Mar 23, 2023

BTW, I'm still seeing this warning "The base branch requires all commits to be signed. Learn more about signing commits."

From my previous experience, I had to fix it by another git clone with the correct git SSH setting.

Should be good now. I had to configure the signing key on my local and also upload it to my GitHub account.

I added chainguard-dev/actions/setup-gitsign@main to the GitHub Actions which seems to be able to do keyless signing.

chizhg
chizhg commented Mar 23, 2023
View reviewed changes
.github/workflows/ci-update-workflow.yml
- name: Create Pull Request
uses: peter-evans/create-pull-request@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated to this based on the comment at GoogleCloudPlatform/functions-framework-go#177 (comment)

@chizhg chizhg merged commit a858869 into golang:master Mar 23, 2023
22 checks passed
@chizhg
Copy link
Collaborator Author

chizhg commented Mar 23, 2023

It turns out I need to configure workflow_dispatch to be able to manually trigger the workflow - https://stackoverflow.com/questions/67523882/workflow-is-not-shown-so-i-cannot-run-it-manually-github-actions

@chizhg chizhg deleted the ci-update-workflow branch March 24, 2023 20:42
@platform-engineering-bot platform-engineering-bot mentioned this pull request Apr 11, 2024
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jinglundong jinglundong jinglundong approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@chizhg @jihuin @jinglundong