Skip to content

CI: tweak OCI workflow trigger #13890

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 13, 2025
Merged

CI: tweak OCI workflow trigger #13890

merged 1 commit into from
May 13, 2025

Conversation

Zerpet
Copy link
Member

@Zerpet Zerpet commented May 13, 2025

Proposed Changes

Building on push to any branch is wasteful and unnecessary, because most
of built images are never used. The workflow dispatch trigger covers the
use case to build an image from the latest commit in a branch.

The use case to validate/QA a PR is now covered by on pull request
trigger. This trigger has a caveat: PRs from forks won't produce a
docker image.

Why?
Because PRs from forks do not inject rabbitmq-server secrets. This is a
security mechanism from GitHub, to protect repository secrets.

With this trigger is possible to QA/validate PRs from other Core team
members. Technically, anyone with 'write' access to our repo to push
branches.

Types of Changes

What types of changes does your code introduce to this project?
Put an x in the boxes that apply

  • Bug fix (non-breaking change which fixes issue #NNNN)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause an observable behavior change in existing systems)
  • Documentation improvements (corrections, new content, etc)
  • Cosmetic change (whitespace, formatting, etc)
  • Build system and/or CI

Checklist

Put an x in the boxes that apply.
You can also fill these out after creating the PR.
If you're unsure about any of them, don't hesitate to ask on the mailing list.
We're here to help!
This is simply a reminder of what we are going to look for before merging your code.

  • I have read the CONTRIBUTING.md document
  • I have signed the CA (see https://cla.pivotal.io/sign/rabbitmq)
  • I have added tests that prove my fix is effective or that my feature works
  • All tests pass locally with my changes
  • If relevant, I have added necessary documentation to https://github.com/rabbitmq/rabbitmq-website
  • If relevant, I have added this change to the first version(s) in release-notes that I expect to introduce it

@Zerpet
CI: tweak OCI build triggers
4efb3df 
Building on push to any branch is wasteful and unnecessary, because most
of built images are never used. The workflow dispatch trigger covers the
use case to build an image from the latest commit in a branch.

The use case to validate/QA a PR is now covered by on pull request
trigger. This trigger has a caveat: PRs from forks won't produce a
docker image.

Why?
Because PRs from forks do not inject rabbitmq-server secrets. This is a
security mechanism from GitHub, to protect repository secrets.

With this trigger is possible to QA/validate PRs from other Core team
members. Technically, anyone with 'write' access to our repo to push
branches.
@Zerpet Zerpet requested a review from mkuratczyk May 13, 2025 10:54
@mkuratczyk
Copy link
Contributor

Changes to rabbitmq-components.mk should also trigger a build. Otherwise looks good.

@Zerpet
Copy link
Member Author

Zerpet commented May 13, 2025

Changes to rabbitmq-components.ml trigger the build based on this path filter

https://github.com/rabbitmq/rabbitmq-server/pull/13890/files#diff-969f0369f76f2f9ca1d7527bdc1ecbe05e361e3f2df90f13afae39057d1b1e1bL14

@mkuratczyk
Copy link
Contributor

oh, sorry, I was looking at the diff and this was not mentioned, but it's only because nothing changed in this regard. thanks

@Zerpet Zerpet merged commit 98d1634 into main May 13, 2025
269 of 537 checks passed
@Zerpet Zerpet deleted the tweak-oci-triggers branch May 13, 2025 16:49
@mergify mergify bot mentioned this pull request May 13, 2025
Open
12 tasks
michaelklishin added a commit that referenced this pull request May 14, 2025
@michaelklishin
Resolve a conflict #13890 #13891
224a578
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelklishin michaelklishin michaelklishin approved these changes

@mkuratczyk mkuratczyk mkuratczyk approved these changes

Assignees
No one assigned
Labels
backport-v4.1.x
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Zerpet @mkuratczyk @michaelklishin