Comments (23)
durandom
commented on June 23, 2024
3
+1 on protected branches.
I also have git configured like
❯ g remote -vv
origin [email protected]:durandom/operate-first.github.io.git (fetch)
origin [email protected]:durandom/operate-first.github.io.git (push)
upstream https://github.com/operate-first/operate-first.github.io.git (fetch)
upstream https://github.com/operate-first/operate-first.github.io.git (push)
Note, my upstream is a https URL, which I cannot push to, but read from.
And "Merge UPstream" is aliased to:
❯ g mup --help
'mup' is aliased to '!git checkout master && git fetch upstream && git merge upstream/master && git push && git checkout -'
from apps.
anishasthana
commented on June 23, 2024
3
I would strongly suggest 2. The only time we should be rushing PRs through is to resolve outages, etc.
from apps.
HumairAK
commented on June 23, 2024
2
I've put the following protections to prevent direct pushes to master:
I've also applied similar rules to the following repos:
- toolbox
- argocd-apps
- continuous-deployment
- odh-moc-support
- sre
from apps.
HumairAK
commented on June 23, 2024
1
relevant discussion here
from apps.
tumido
commented on June 23, 2024
1
@anishasthana maybe the CODEOWNERS with * wildcard are messing with it?
from apps.
HumairAK
commented on June 23, 2024
1
I think we should stop using the /approve command. I don't see any other way around it, afaik a bot cannot github approve on another user's behalf. Open to suggestions.
from apps.
4n4nd
commented on June 23, 2024
@HumairAK do you want to add main branch as well?
from apps.
4n4nd
commented on June 23, 2024
Also, instead of setting this for individual repos, I think this can be done org wide by an admin.
@durandom would that be okay?
from apps.
4n4nd
commented on June 23, 2024
my bad, it looks like this can't be done on the org level :(
from apps.
HumairAK
commented on June 23, 2024
I'll leave this issue up for a couple of days in-case others have input/feedback on the protections I've added above.
from apps.
tumido
commented on June 23, 2024
I welcome this! 👍
from apps.
HumairAK
commented on June 23, 2024
Thanks folks, what about some feedback/discussion on the number of approvers. Right now it's 1. It helps get PR's in faster, but the cons are obvious. Less eyes, means more likely a problematic PR gets through. Upping this number can increase the rigor with which we merge our PR, but slow down and potentially block people as well (not always a bad thing).
from apps.
hemajv
commented on June 23, 2024
I'm a ++ for having at least 2 approvers, as it allows more people the chance to review PRs
from apps.
tumido
commented on June 23, 2024
I agree with that. That goes hand in hand with the need of having more people reviewing and more actively - actually trying out the things and not just skim through the code. Also, many folks can gain much needed experience with unfamiliar areas of our codebase, when they get the chance to start reviewing it. Everybody should be encouraged to review and should get the time they need.
That reminds me @anishasthana , did you have any luck with the research on round robin review assignments?
from apps.
anishasthana
commented on June 23, 2024
Not yet, I had some other work jump up and take priority. I'm wondering if Sesheta and Github are at odds with each other right now -- it seems like all owners are assigned by Github for reviews as of now. Probably some other setting I'm missing.
from apps.
HumairAK
commented on June 23, 2024
Closing this issue, approvers were upped to 2 for the repositories listed above. If there's anything else that needs to be discussed, feel free to re-open.
from apps.
tumido
commented on June 23, 2024
I think it started a bit of a war between bots, see here: #51 (comment)
We may want to think about this - either solve it somehow or stop using the /approve command. 😕
@goern @anishasthana any thoughts?
from apps.
tumido
commented on June 23, 2024
from apps.
HumairAK
commented on June 23, 2024
from apps.
harshad16
commented on June 23, 2024
I m a bit confused on the front, as I was under the impression branch protection of 2 approvals, didn't stop prow from merging stuff with one approval. If it does do let us know.
maybe stop using /approve command if there is such branch protection of 2 approvals seems to be the way to go.
from apps.
HumairAK
commented on June 23, 2024
@harshad16 It works for the operate-first repositories. I think I know what the problem @anishasthana was having in the aicoe-cd repo (here). In the aicoe-cd repo, Sesheta is admin, so when applying branch protection, this check box needs to be enabled:
The aicoe-cd repo does not have this checked, so the restriction does not apply to sesheta, and will merge it based on the label. We have checked this box for the operate-first repo, so it seems to be working. This is an example branch protection rule for this repo:
from apps.
harshad16
commented on June 23, 2024
Thanks for this information @HumairAK .
from apps.
HumairAK
commented on June 23, 2024
Closing this, if there's more to be discussed feel free to re-open.
from apps.
Related Issues (20)
- OSC cluster-resources app failing to sync servie catalog plugin configmap HOT 5
- OS-Climate cluster-scope overlays do not maintain folder structure HOT 5
- ODF/OCS cleanup in manifests HOT 9
- document adding cert manager to a cluster HOT 4
- [EPIC] - Os-cimate cluster 2 resource usage optimizing needed HOT 4
- Decommission Balrog cluster (AWS) HOT 3
- Kepler Edge Demo Environment Set up HOT 7
- Install alerting-stack operators alongside MCO HOT 4
- Upgrade to ODH 1.3 For Smaug, osc-cl1, osc-cl2 HOT 5
- Kubernetes vault auth on jerry failing becuase of staging certificate HOT 1
- increase stockage space and create PVs HOT 3
- Argocd User projects cannot deploy external secrets
- review exposure to openssl vulnerability CVE-2022-3602, CVE-2022-3786 HOT 4
- [Resource Request]: change users in b4mad group HOT 7
- test
- Link results in a 404 File not Found HOT 1
- [Resource Request]: MySQL Deployment Test HOT 2
- Op1st Decomissioning Overview
- Op1st Which namespaces can and cannot be decomissioned HOT 3
- Rapidast migration information HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apps.