[BRE-1137] Polishing Release Process #106
Conversation
|
Great job! No new security vulnerabilities introduced in this pull request |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #106 +/- ##
=======================================
Coverage 63.37% 63.37%
=======================================
Files 11 11
Lines 1166 1166
=======================================
Hits 739 739
Misses 408 408
Partials 19 19 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
Checkmarx One found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
There was a problem hiding this comment.
Pull Request Overview
This PR polishes the release process by consolidating and modernizing CI/CD workflows, fixing GHCR deployment issues, and updating code ownership.
- Streamlined release workflow by removing Azure dependencies and focusing on GHCR
- Updated build process to support both push and pull request workflows
- Enhanced version validation and updated code owners to default to SM dev team
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| Dockerfile | Updated Dockerfile syntax to use uppercase AS keyword |
| .github/workflows/release.yml | Simplified release workflow removing Azure ACR dependencies and complex failure handling |
| .github/workflows/bump-version.yml | Enhanced version validation and improved variable handling |
| .github/workflows/build.yml | Consolidated build workflows with GHCR support and security scanning |
| .github/workflows/build-ghcr.yml | Removed redundant GHCR-specific workflow |
| .github/CODEOWNERS | Added default code owners and removed duplicate release.yml entry |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Co-authored-by: Vince Grassia <[email protected]>
…into BRE-1137-setup-release-process
|
|
All the Checkmarx issues are due to the GoLang version, which is being held up by this PR: #29 We should re-visit this PR as an unrelated note. |
pixman20
dismissed
michalchecinski’s stale review
Needed to dismiss to merge...reviewed by Vince
6 participants
🎟️ Tracking
BRE-1137
📔 Objective
Updates:
Related release process documentation:
https://bitwarden.atlassian.net/wiki/spaces/BRE/pages/2008645780/Secrets+Manager+Projects#SM-Kubernetes-Operator
📸 Screenshots
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes