Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

github-action: Add AsciiDoc freeze warning #16969

Merged
merged 2 commits into from
Jan 30, 2025
Merged

github-action: Add AsciiDoc freeze warning #16969

merged 2 commits into from
Jan 30, 2025

Conversation

reakaleek
Copy link
Member

Details

⚠️ This PR was created by an automated tool. Please review the changes carefully. ⚠️

Add a workflow that will comment on PRs with AsciiDoc changes.

Why

During the migration to Elastic Docs v3, the Docs team will focus exclusively on migrating content.
To maintain consistency, prevent conflicts, and ensure a smoother transition we will freeze all AsciiDoc changes.

This means you will get a warning when you create AsciiDoc changes in your PRs.

See elastic/docs-builder#281 for details

If there are any questions, please reach out to the @elastic/docs-engineering

@reakaleek reakaleek self-assigned this Jan 28, 2025
@reakaleek reakaleek mentioned this pull request Jan 28, 2025
Open
72 tasks
donoghuc
donoghuc reviewed Jan 29, 2025
View reviewed changes
.github/workflows/comment-on-asciidoc-changes.yml
@@ -2,7 +2,8 @@
name: Comment on PR for .asciidoc changes

on:
pull_request:
# We need to use pull_request_target to be able to comment on PRs from forks
pull_request_target:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given the comment-on-asciidoc-changes workflow checks out the code from a PR, allowing the action to run from forks is inherently risky. While I dont see an injection point for execution of malicious code I think it is a significant surface area to try to keep safe. Would it be possible to instead use the github API to detect if files are changed (Rather than checking out the code in the action context? https://docs.github.com/en/rest/pulls/pulls?apiVersion=2022-11-28#list-pull-requests-files )

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the feedback.

I just found that the action in use can utilize the GitHub API instead of git.

https://github.com/tj-actions/changed-files?tab=readme-ov-file#using-githubs-api-octocat

I will verify if this works as expected for forks.

@karenzone karenzone merged commit 2172879 into elastic:main Jan 30, 2025
4 checks passed
andsel pushed a commit to andsel/logstash that referenced this pull request Jan 31, 2025
@reakaleek @andsel
github-action: Add AsciiDoc freeze warning (elastic#16969)
62aa691
dliappis pushed a commit to dliappis/logstash that referenced this pull request Feb 12, 2025
@reakaleek @dliappis
github-action: Add AsciiDoc freeze warning (elastic#16969)
f14f407
dliappis pushed a commit to dliappis/logstash that referenced this pull request Feb 12, 2025
@reakaleek @dliappis
github-action: Add AsciiDoc freeze warning (elastic#16969)
bf6a3fb
mashhurs added a commit that referenced this pull request Feb 12, 2025
@dliappis @reakaleek @mashhurs
Backport PR #17063 to 9.0: Use centralized source of truth for active…
b982e36 
… branches (#17072)

* github-action: Add AsciiDoc freeze warning (#16969)

* Add 9.0 branch to the CI branches definition (#16997)

* Core version bump to 9.1.0 (#16991)

* Use centralized source of truth for active branches (#17063)

This commit simplifies the DRA process in Logstash by removing the need to maintain a separate file for the active branches, and instead rely on a centrally maintained file containing source of truth.
While at it, we refactor/simplify the creation of an array with the versions in `.buildkite/scripts/snyk/resolve_stack_version.sh`.

* Fix conflicts

---------

Co-authored-by: Jan Calanog <nejcalanog@gmail.com>
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@donoghuc donoghuc donoghuc left review comments

@lcawl lcawl lcawl approved these changes

@karenzone karenzone karenzone approved these changes

Assignees

@reakaleek reakaleek

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@reakaleek @donoghuc @lcawl @karenzone