Comments (13)
Sorry guys!
Currently, I'm quite busy, and this project was developed 100% in the spare time, which I almost don't have right now.
The mentioned PR is quite problematic for me as it's only removing a given check instead of making it optional, so maybe I will adjust it a bit, so you can set a given env variable to disable strict checking. Configuring the codeowners validator in a more readable/customizable way will be handled by #73. Additionally, I need to check whether this is still valid #78 as it already landed on main branch.
Once again, sorry for such long waiting time. I also respect your time that you spent on it, so I will reserve some time this weekend to take care of this and do the release.
FYI: I plan to do the 1.0.x release when I will be able to address all reported bugs + #73 which will change the way how validator is configured and #50. Additionally, I would like to add an option to format CODEOWNERS files and an option to add/remove a given owner and create PRs automatically e.g. with such (draft) config:
updateRepositories:
- path: "/tmp/cloned/repository"
- url: "capactio/capact"
- path: "capactio/website"
insert:
- owners: [ "@hakuna", "@matata" ]
condition:
pattern: "*.go"
- owners: [ "@baz", "@bar" ]
condition:
associatedWithOwner: "@ghost"
pullRequest:
titleFormat: "Add {{ .NewOwner }} as a code owner in {{ .RepoName }}"
so maybe this project will be changed to sth like codeowners-manager than codeowners-checker.
from codeowners-validator.
+1 on this. We have auto-generated files in the same directory as configuration files, different owners assigned to different configuration files, but none should be tagged on the auto-generated files changes.
from codeowners-validator.
(FWIW I would fix it and make a PR but we're still working with legal on open source contributions 😭 )
I think it all depends on your policies. If you don't have the strict owners policy than you can still merge changes to /apps/github
.
If this kind of validation (and #70) was an optional check I can opt into or out of then thats good. But putting them in syntax
check is wrong IMO as the file is syntactically correct.
from codeowners-validator.
Actually, I might be able to take a stab at this. Good excuse to learn some Go
from codeowners-validator.
@athtran 's PR is basically the same as mine. We're in Open Source limbo :/
from codeowners-validator.
Hi @joshua-cannon-techlabs
Thanks for reporting this issue. I will fix that. Do you maybe know the use-case for that?
Because here is also a valid issue #70 which mention that the validator should inform you about valid but problematic part of your CODEOWNERS file.
In this case such thing IMO shouldn't be an error as it's valid from the CODEOWNERS point on view but at least it should be displayed as warning because AFIK it will block you from merging changes to /apps/github
if it's not owned by anyone. WDYT?
from codeowners-validator.
We have a use case for this. In our repo, we have one file which does not need a code owner (anyone with access to the repo should be able to review/approve it.) However, the rest of the files in the directory in which it is in should be owned by a specific team.
The file to be unowned is a configuration file for the oncall-rotator. The other files in the directory are an app that uses the configuration file.
/infra/oncall-rotator/ @sre-team
/infra/oncall-rotator/oncall-config.yml
from codeowners-validator.
I have the implementation ready to go, but it'll need to be reviewed internally which could take time.
The implementation itself is quite simple, as we're just removing code so I wouldn't be brokenhearted if someone else beats me to this and makes a PR.
from codeowners-validator.
We have a similar use-case in our repo - of wanting to have an explicitly unowned file in an otherwise owned directory.
It would definitely be encouraging if codeowners-validator
can handle this directly - so we can avoid other compromises (intentionally changing our file location/structure solely to allow codeowners-validator to pass).
from codeowners-validator.
I have a PR open that addresses this issue: #101
@mszostok If you could take a look when you have some time!
from codeowners-validator.
I have the implementation ready to go, but it'll need to be reviewed internally which could take time.
The implementation itself is quite simple, as we're just removing code so I wouldn't be brokenhearted if someone else beats me to this and makes a PR.
@joshua-cannon-techlabs: Could you please update on the status?
from codeowners-validator.
Hi all!
I fixed it in a way that the new release v0.7.0 won't report missing owner as an error anymore 🙂
Nevertheless, I wanted to keep it, so I moved this check under owner
checker and made it optional. As a result, validator may work in a picky mode when needed, see new option:
Name | Default | Description |
---|---|---|
OWNER_CHECKER_ALLOW_UNOWNED_PATTERNS | true |
Specifies whether CODEOWNERS may have unowned files. For example: /infra/oncall-rotator/ @sre-team /infra/oncall-rotator/oncall-config.yml The /infra/oncall-rotator/oncall-config.yml file is not owned by anyone. |
Additionally, I changed it from error
to warning
:
==> Executing Valid Owner Checker (1.2s)
[war] line 23: Missing owner, at least one owner is required
To enable it back, set:
- name: GitHub CODEOWNERS Validator
uses: mszostok/[email protected]
with:
owner_checker_allow_unowned_patterns: "false"
Additionally, you can change the level on which the application should treat reported issues as failures. By default, it's set to warning, which treats both errors and warnings as failures, but as the missing owner is reported as warn you can also ignore it:
- name: GitHub CODEOWNERS Validator
uses: mszostok/[email protected]
with:
owner_checker_allow_unowned_patterns: "false"
check_failure_level: "error"
In this case, you will see it in logs, but the action will exit with 0 status code.
Once again, thanks for understanding and apologize for my absence. Hope v0.7 will be useful!
from codeowners-validator.
I tested it also under my example org.
Happy path scenario, where there is also unowned file:
- CODEOWNERS: https://github.com/gh-codeowners/codeowners-samples/blob/happy-path/CODEOWNERS
- Action run: https://github.com/gh-codeowners/codeowners-samples/runs/5169886423?check_suite_focus=true
By default, owner_checker_allow_unowned_patterns is set totrue
.
Non-happy path scenario:
- CODEOWNERS: https://github.com/gh-codeowners/codeowners-samples/blob/failures/CODEOWNERS
- Action run: https://github.com/gh-codeowners/codeowners-samples/runs/5169888668?check_suite_focus=true
But here I set owner_checker_allow_unowned_patterns set tofalse
.
from codeowners-validator.
Related Issues (20)
- Add native support for pre-commit hook HOT 4
- Valid Owner Checker should report if the owner doesn't have Write access HOT 1
- App authentication doesn't work with provided action HOT 10
- /folder/* wildcard pattern is assumed to be nested by the action "Not Owned" check, which it isnt HOT 1
- CODEOWNERS file existence check HOT 1
- Unnecessary failure of test of GitHub token
- Killed: 9 HOT 8
- Error and mismatched URLs when using github app credentials via github enterprise
- Add support for specifically excluding code owners on files and subfolders HOT 1
- Recommended App permissions don't appear to be sufficient
- codeowners-validator install.sh crit-platform error for linux/arm64
- Print a list of all files and their owners HOT 1
- Owner child team is not supported by codeowners-validator
- Executing File Exist Checker Not support glob
- Feature request: fail for deleted files that are explicitly owned in CODEOWNERS HOT 4
- Support Gitea codeowners
- Runtime Error: segmentation fault codeowners-validator HOT 2
- Support fine-grained PATs
- How to exclude bots such as dependabot?
- Omitting an owner should not fail codeowners-validator HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from codeowners-validator.