Add github-actions[bot] to EasyCLA allowlist
#809
Comments
|
@open-telemetry/governance-committee can we get a vote please? |
|
that's certainly unanimous. submitting ticket. https://jira.linuxfoundation.org/plugins/servlet/theme/portal/4/SUPPORT-6356 |
|
Is there any update on this? |
|
EasyCLA ticket marked as work in progress |
|
Should I be worried the CNCF might deny this request? I hadn't expected it to take more than a week after the ticket was created in their system. |
|
No, they just have never had a request for github-actions[bot] to be exempted whereas they have had dependabot added before. |
|
here's the answer as to why this is complex:
|
|
It might turn out not to matter. The branch protection rules added automatically by CNCF are actually blocking this and other use-cases. Unless we can get that resolved, we will have to figure out some workaround to create releases on a fork or something anyway. |
|
I can disable the branch protection rule enforcement. |
|
@lizthegrey any update on this? |
To address this concern, is it an option to create our own bot account(s), scoped either to opentelemetry, or even to a specific opentelemetry repository? |
|
Yes, that would be better, then CNCF could approve that specific bot. |
|
So the workaround is to register a user in github, give that user permission, and generate a token to perform actions on behalf of that user. CNCF can then allowlist the user as a bot user. |
Similar to #306 which was resolved by @lizthegrey making a request to the CNCF: https://jira.linuxfoundation.org/servicedesk/customer/portal/4/SUPPORT-1388
I would make a similar request myself (as a member of the GC) but I'm honestly not sure if I have the authority to do so without official approval of the GC or TC.
Example PR with failing CLA open-telemetry/opentelemetry-js#2409
The text was updated successfully, but these errors were encountered: