[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
[tsf-dev] TSF In The Context of Github
|
Hi all.
Recently I set-up some trustable projects in Github. There were two such
projects, one of the projects depended on a TSF artifact produced by the
other. I am sharing some of my findings from this work.
- Reusable parameterised workflows.
- Most projects that use trustable feature a similar set of CI jobs
(Lint, Diff, Publish, Artifact)
- It is possible in Github to define a reusable workflow in some
central repository that can be used across all projects in the same
organisation. This is the approach I used in this piece of work.
- Creating a reusable workflow for trustable like this significantly
reduces the overhead in spinning up trustable in a new project. It also
makes it easier for projects to stay up to date with the latest
methodologies / trudag version.
- Perhaps we can do something similar in Gitlab aswell?
- Can/Should the trustable project provide this?
- Github provides no way to fail a job with a warning.
- Github currently does not provide a way to fail a job with a
warning. https://github.com/orgs/community/discussions/156778
- In gitlab projects we rely on this functionality to alert a
reviewer to a potentially unexpected change to the graph or sme scores.
These warnings are can be merge blocking but not always. Graph/Score
changes must be checked by a human reviewer.
- This can be mitigated by using github action's summary feature to
add a trustable summary that the reviewer is required to check.
- Can the TSF tooling do something to solve this issue?
thanks for reading,
Zeb.
