Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add GitHub Action for Tor update check #221

Merged
merged 2 commits into from
Mar 29, 2024
Merged

Add GitHub Action for Tor update check #221

merged 2 commits into from
Mar 29, 2024

Conversation

eloquence
Copy link
Member

@eloquence eloquence commented Mar 21, 2024
edited
Loading

Status

Ready for review

Refs freedomofpress/securedrop-builder#482

The new-tor-issue script and parts of the job code were imported from the securedrop-builder repo and authored by Kunal Mehta, see freedomofpress/securedrop-builder#408 and freedomofpress/securedrop-builder#287

Description of changes

Migrate logic for checking for and applying Tor updates to GitHub Actions

@eloquence eloquence force-pushed the migrate-update-tor-logic branch 25 times, most recently from f01f10c to 227d566 Compare March 26, 2024 04:26
@eloquence eloquence changed the title [WIP] Switch update Tor logic to GHA Add GitHub Action for Tor update check Mar 26, 2024
@eloquence eloquence mentioned this pull request Mar 26, 2024
Merged
@eloquence eloquence force-pushed the migrate-update-tor-logic branch 2 times, most recently from fb9702c to 3c61035 Compare March 26, 2024 04:41
@eloquence eloquence marked this pull request as ready for review March 26, 2024 04:45
@eloquence
Copy link
Member Author

eloquence commented Mar 26, 2024
edited
Loading

I think this is ready for a review pass. What I've tested:

  • automatic issue creation (to a sandbox repo, via a test token that's now revoked)
  • automatic pushes (to a test branch, via the existing PUSH_TOKEN)

A new ISSUE_TOKEN with access to the securedrop repo has been configured but it has not been used yet.

Using both tokens in the same job seems to work fine, since ISSUE_TOKEN is only needed for the gh commands, which use the distinct GH_TOKEN variable.

I've not tested the actual reprepo behavior aside for looking out for errors in the job output. Here's an example run:

https://github.com/freedomofpress/securedrop-apt-test/actions/runs/8430760453/job/23087122497?pr=221

I'm happy to help with any additional pre-merge testing. freedomofpress/securedrop-builder#493 removes the corresponding CircleCI logic in securedrop-builder once this one is ready (marked draft for now to avoid accidental merge).

@eloquence eloquence force-pushed the migrate-update-tor-logic branch 2 times, most recently from a9d27ad to 383d3cc Compare March 26, 2024 05:01
@eloquence
Migrate Tor update logic to GitHub Actions
d364a0f 
We're using the exissting PUSH_TOKEN to push packages, and a
newly created ISSUES_TOKEN to open issues in the `securedrop`
repo.

The `new-tor-issue` script and parts of the job code were imported
from the `securedrop-builder` repo and authored by Kunal Mehta,
see freedomofpress/securedrop-builder#408
@eloquence eloquence mentioned this pull request Mar 27, 2024
Closed
7 tasks
legoktm
legoktm requested changes Mar 28, 2024
View reviewed changes
Copy link
Member

@legoktm legoktm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall this looks good, I think the testing you've done is sufficient to land this, if there's an issue with permissions or whatever we can fix it iteratively.

.github/workflows/update-tor.yml Outdated Show resolved Hide resolved
.github/workflows/update-tor.yml Outdated Show resolved Hide resolved
scripts/new-tor-issue Outdated Show resolved Hide resolved
@legoktm legoktm self-assigned this Mar 28, 2024
@eloquence eloquence force-pushed the migrate-update-tor-logic branch 3 times, most recently from aa77f8d to 19a8686 Compare March 28, 2024 23:25
legoktm
legoktm approved these changes Mar 29, 2024
View reviewed changes
Copy link
Member

@legoktm legoktm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome, thanks :D

@legoktm legoktm merged commit 73e53b4 into main Mar 29, 2024
1 check passed
@legoktm legoktm deleted the migrate-update-tor-logic branch March 29, 2024 00:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@legoktm legoktm legoktm approved these changes

Assignees

@legoktm legoktm

Labels
None yet
Projects
SecureDrop dev cycle
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@eloquence @legoktm