Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

enhance(build)!: add fork field for OIDC #1221

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

enhance(build)!: add fork field for OIDC #1221

wants to merge 3 commits into from

Conversation

ecrupper
Copy link
Contributor

@ecrupper ecrupper commented Nov 7, 2024

Extra context from OIDC proposal: go-vela/community#976 (comment)

This will allow for stricter policies when considering PR builds and their ability to leverage OIDC.

@ecrupper ecrupper requested a review from a team as a code owner November 7, 2024 18:17
@ecrupper ecrupper changed the title enhance(build): add fork field for OIDC enhance(build)!: add fork field for OIDC Nov 7, 2024
@codecov Codecov
Copy link

codecov bot commented Nov 7, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 87.09677% with 4 lines in your changes missing coverage. Please review.

Project coverage is 56.89%. Comparing base (9a4003b) to head (7cfad66).

Files with missing lines Patch % Lines
internal/token/mint.go 0.00% 2 Missing ⚠️
api/oi_config.go 0.00% 1 Missing ⚠️
api/webhook/post.go 0.00% 1 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1221      +/-   ##
==========================================
+ Coverage   56.87%   56.89%   +0.01%     
==========================================
  Files         599      599              
  Lines       32869    32886      +17     
==========================================
+ Hits        18695    18709      +14     
- Misses      13538    13541       +3     
  Partials      636      636
Files with missing lines Coverage Δ
api/types/build.go 98.61% <100.00%> (+0.03%) ⬆️
database/build/clean.go 100.00% <100.00%> (ø)
database/build/table.go 100.00% <ø> (ø)
database/testutils/api_resources.go 94.81% <100.00%> (+0.01%) ⬆️
database/types/build.go 98.34% <100.00%> (+0.01%) ⬆️
internal/webhook.go 100.00% <ø> (ø)
mock/server/build.go 0.00% <ø> (ø)
scm/github/webhook.go 90.06% <100.00%> (-0.03%) ⬇️
api/oi_config.go 0.00% <0.00%> (ø)
api/webhook/post.go 0.00% <0.00%> (ø)
... and 1 more

plyr4
plyr4 reviewed Nov 11, 2024
View reviewed changes
api/types/build.go
@@ -191,6 +192,7 @@ func (b *Build) Environment(workspace, channel string) map[string]string {
envs["VELA_PULL_REQUEST"] = number
envs["VELA_PULL_REQUEST_SOURCE"] = b.GetHeadRef()
envs["VELA_PULL_REQUEST_TARGET"] = b.GetBaseRef()
envs["VELA_PULL_REQUEST_FORK"] = ToString(b.GetFork())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this info attached to pull requests only? or can we do VELA_REPO_FORK and report it on non-PR events too

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the only event that can be triggered on the main repo by content pushed to a fork of that repo is via the PR event. GitHub definitely has metadata about if the repo is a fork, but the only time that really matters is when it's attempting to trigger a build on the parent repo right?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ohhh i understand what you mean, yeah i get it. sweet

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@plyr4 plyr4 plyr4 approved these changes

@wass3r wass3r wass3r approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ecrupper @wass3r @plyr4