[
https://issues.apache.org/jira/browse/BEAM-11569?focusedWorklogId=531972&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-531972
]
ASF GitHub Bot logged work on BEAM-11569:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 06/Jan/21 16:50
Start Date: 06/Jan/21 16:50
Worklog Time Spent: 10m
Work Description: potiuk commented on pull request #13674:
URL: https://github.com/apache/beam/pull/13674#issuecomment-755421087
Just one more update!
We found a better solution. Submodules. They seem to pass all the security
requirements from infra, and they are very easy to add and maintain (and you
avoid code duplication).
You can see the PR we run to have POC in Airflow:
https://github.com/apache/airflow/pull/13514
And disucssion at [email protected]
https://lists.apache.org/thread.html/rcf7f560dad70ed02d77ad131a670e24eb815e41f92a442a3153da98b%40%3Cbuilds.apache.org%3E
Jus to quote my words from the discussion:
This seems to works perfectly:
> 1) It always links to particular SHA commit not branch
> 2) No code duplication
> 3) GitHub Review nicely incorporates the change code from submodules
> whenever
> submodule is updated, so it fits naturally in the review workflow.
> 4) Seems that we can easily make it works with Github Actions (the
> submodule needst
> to be checked out in previous step of the job).
> 5) It's even easier to pull new versions.
> 6) It is equally easy to add any external action at any time
> 7) Passes all the INFRA requirements re: review + SHA - without any checks
We are going to migrate to it in Airflow today/tomorrow and we highly
recommend this approach.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 531972)
Time Spent: 2h 10m (was: 2h)
> Github actions are failing on Beam repo
> ---------------------------------------
>
> Key: BEAM-11569
> URL: https://issues.apache.org/jira/browse/BEAM-11569
> Project: Beam
> Issue Type: Bug
> Components: testing
> Affects Versions: 2.27.0
> Reporter: Ahmet Altay
> Assignee: Pablo Estrada
> Priority: P0
> Time Spent: 2h 10m
> Remaining Estimate: 0h
>
> As a result of https://issues.apache.org/jira/browse/INFRA-21234 github
> actions on Beam repo are failing.
> This is currently blocking 2.27.0 release because building wheel files depend
> on github actions. So far we identified 2 github actions that may need to be
> addressed:
> ad-m/github-push-action
> potiuk/cancel-workflow-runs
> Error looks like https://github.com/apache/beam/actions/runs/458287140
> """
> ad-m/github-push-action@master is not allowed to be used in apache/beam.
> Actions in this workflow must be: created by GitHub, verified in the GitHub
> Marketplace, within a repository owned by apache or match the following:
> apache/, gradle/wrapper-validation-action, gradle/wrapper-validation-action@,
> peter-evans/create-pull-request@, dawidd6/action-download-artifact@,
> scacap/action-surefire-report@*.
> """
> /cc [~potiuk] [~tysonjh]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
