obs-staging-bot: allow forking projects and build-disabling their repositories #111
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: git-workflow/autogits#111
Reference in New Issue
Block a user
Delete Branch "epaolantonio/autogits:epaolantonio/pkglistgen"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
If enabled in the staging configuration, the git repository linked
in the Origin project used when creating the QA projects will be forked,
in a separate organization as specified in the ForkOrganization
configuration.
This allows other stakeholders (like the pkglistgen bot) to write
in there as part of the staging pipeline.
Furthermore, using the BuildDisableRepos configuration, it is now possible to
define which repositories to build-disable in the QA project meta.
This is for example useful for the SLES development workflow, where
the product repository should only be enabled after the packagelist
definitions have been built - so it is not desirable to have them
built as soon as the QA project is created.
Example configuration:
If enabled in the staging configuration, the git repository linked in the Origin project used when creating the QA projects will be forked, in a separate organization as specified in the ForkOrganization configuration. This allows other stakeholders (like the pkglistgen bot) to write in there as part of the staging pipeline. Example configuration: { "ObsProject": "SUSE:SLFO:Main", "StagingProject": "SUSE:SLFO:Main:PullRequest", "ForkOrganization": "products-staging", "QA": [ { "Name": "SLES", "Origin": "SUSE:SLFO:Products:SLES:16.1", "ForkProject": true } ] } ForkOrganization defaults to "products-staging". ForkProject can be specified per-QA project, and is disabled by default. The matching repository in the ForkOrganization (like products-staging/SLES) must be present and writeable to the autogits_staging_bot user. Signed-off-by: Eugenio Paolantonio <eugenio.paolantonio@suse.com>Using the BuildDisableRepos configuration, it is now possible to define which repositories to build-disable in the QA project meta. This is for example useful for the SLES development workflow, where the product repository should only be enabled after the packagelist definitions have been built - so it is not desirable to have them built as soon as the QA project is created. Example: { "ObsProject": "SUSE:SLFO:Main", "StagingProject": "SUSE:SLFO:Main:PullRequest", "ForkOrganization": "products-staging", "QA": [ { "Name": "SLES", "Origin": "SUSE:SLFO:Products:SLES:16.1", "ForkProject": true, "BuildDisableRepos": ["product"] } ] } Signed-off-by: Eugenio Paolantonio <eugenio.paolantonio@suse.com>da3fe5d3d7tod73bf49eb0v2:
common.LogDebug("Setup QA sub projects")which was dropped by mistakeForkOrganizationexplanation@@ -306,6 +308,7 @@ type StagingConfig struct {// if set, then only use pull request numbers as unique identifiersStagingProject stringForkOrganization string // which organization to use when forking (def: "products")Would it make sense to move this to the QAConfig instead? It's only used in QAConfig anyway and this would add some flexibility.
yes, it totally does, thanks
@@ -319,6 +322,7 @@ func ParseStagingConfig(data []byte) (*StagingConfig, error) {return nil, err}staging.CleanupDelay = 48staging.ForkOrganization = "products-staging"This should not be there and should come from the config, no?
@@ -408,0 +440,4 @@repository, err = url.Parse(forked_repo.CloneURL)if err != nil {panic(err)there's a
common.PanicOnError(err)that could replace the if { panic }Also, please document the new fields in the README.md
One big issue here is permissions ... the config file acted by the bot is use configurable. That means this bot should not have any permissions in OBS and not in Gitea.
So maybe this forking behaviour needs to be done differently... this is the only major issue I have adding this functionality here. As-is, the staging bot has no permissions in Gitea.
Thanks for the review! Sorry, I totally missed the README.md.
Wouldn't having a separate project be okay in that case (with the bot being able to write there)?
Ah, I see what you mean. The config file taken is the one from the source PR rather than the target branch, so that is indeed an issue. Let me think about it.
Regarding the permissions your are right, but this should be handled already in all places by giving the staging bot modification permissions only in the :PullRequest master project
It is not a big deal to handle the "fork" (which is just a branch push) elsewhere, the main user of this is the pkglistgen bot that should have anyway enough permissions to write to the "staging" repo.
So if it is preferable not to handle it here, I would only keep the BuildDisableRepos feature from this PR.
d73bf49eb0tob442025c58v3:
I've split the BuildDisableRepos (which is the most useful part for my usecase) in #116.
So if you prefer not having the Fork stuff here, feel free to close this PR. Thanks!
View command line instructions
Checkout
From your project repository, check out a new branch and test the changes.