-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document the force-skip-ci
usage
#248
Comments
I wasn't aware of the flag, so indeed we should setup documentation around it (or I should be more involved and pay attention!). I worry that this is a very big hammer that is available to too many people without any process defined currently. In the past, we've done similar, maybe more terrible, things by editing the required jobs associated with a repository, based on the repository's settings. I would hope, but not necessarily expect, that the list of people who can apply a label to a PR/issue is a much larger superset of the people who have administrative rights to modify repository settings in GitHub. If that is the case, I'd prefer we define a process, and rely on changing the settings rather than using a flag. If that is not the case, I want to see what we can do to make it the case. |
I am afraid that's not the case, @egernst , and I think it deserves yet another issue (and a nice discussion) on who are the folks who should have "admin" rights to the repos from now on, and revisit everyone's access based on that decision. |
Still about this one, even setting the |
My other concern is the consequence of using the flag. IMO we need the flag because we want to bypass some tests in order to merge a PR that cannot pass CI but is not supposed to break anything in CI after being merged. So the CI jobs that we can bypass must fall into the category that it ONLY check something that belongs to the targeting PR and that something will not be checked after the PR is merged. So checking the commit message format is one example of such CI jobs that can safely be skipped. But in the case of So my suggestion would be, let's remove |
I disagree here, @bergwolf. So, let's take a step back and evaluate what actually happened with kata-containers/kata-containers#3468.
Looking at what happened I don't think the CI was broken for 12 to 18 hours because of the
I'm all in to solve all those issues, but the third one has to come from each contributor. |
And just for the archaeological sake, kata-containers/tests#2915 is when this was introduced. |
@bergwolf and I had a call Today, where we discussed this topic and here's pretty much the summary of the discussion. We should, instead of having the
Meanwhile, we should really re-visit who has permissions to do what in our repo and also get an agreement on #249. This is just a summary of what's been discussed and issues will be opened later on. |
Firstly, I'd better own up as the author of the
I'm not necessarily against this, but sometimes we just need a way to bypass the CI (almost) entirely, and quickly. We could just disable all the PR checks for the repo in the GH settings, but that is not something we would actually want to do. I like the idea of more granular skipping, but the worst case might be to specify quite a large bunch of magic labels / comments to skip the CI which sounds a bit awkward (and slow). Maybe we could retain the This sounds like a topic for the AC to discuss. |
And once we've got an agreed plan for this, it would be great to have commitment from all interested parties to help implement, test, document and review the changes. And help review the existing user rights on the two main repos. |
Just deleted my last comment as I refreshed the page and saw your last comment @fidencio To add more details about this one (which was also part of our discussion, and agreement if I understand correctly)
The standard of whether a piece can be skipped or not, is that
So it narrows the candidate jobs to be almost only the commit message check, and the github issus mover. And it won't result in a situation that |
Yes we do. And I agree with @egernst that we need a process to handle it through GH settings instead of trying to solve it with labels. |
The commit message check is already done in a separate action. So this looks much easier to solve:
There is also |
@fidencio @jodh-intel @egernst
Among them, Jenkins jobs also check for the |
A
force-skip-ci
label has been added a long time ago in order to allow folks to by-pass the CI for one reason or another. However, there's the concern of having this misused (not due to bad intention, but rather due to a mistake), which brings up the need of a written policy to use it.We can also extend this issue to discuss whether having such label is valid or not.
/cc @kata-containers/architecture-committee
The text was updated successfully, but these errors were encountered: