Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate cleanup workflow to GitHub Actions #55

Merged
merged 1 commit into from
Apr 9, 2024
Merged

Conversation

eloquence
Copy link
Member

@eloquence eloquence commented Apr 9, 2024

Part of freedomofpress/securedrop-builder#482

Description

Adds a GitHub action to preserve 4 packages for nightlies & regular workstation packages in yum-test. Note that this reduces the number of nightlies to 4 (from 7), consistent with the securedrop-apt-test workflow for nightlies (https://github.com/freedomofpress/securedrop-apt-test/blob/main/.github/workflows/cleanup.yml).

The clean-old-packages script was adapted from the securedrop-builder repository and originally written by Kunal Mehta.

Testing

  • I have tested that the job stages the expected changes: https://github.com/freedomofpress/securedrop-yum-test/actions/runs/8608617690/job/23591275216 - see "Clean old packages" step.
  • I have not tested the "push to main". The token is configured with the requisite permissions, but we can't test the workflow without landing the change (since it requires a script that's committed as part of the workflow). If we want to make a test commit using PUSH_TOKEN, we can, but since this is only a cleanup job that can fail for a few days without breaking anything, I figure it's also safe to land and troubleshoot if it fails to push as expected.

@eloquence eloquence changed the title [WIP] Migrate cleanup workflow to GitHub Action [WIP] Migrate cleanup workflow to GitHub Actions Apr 9, 2024
@eloquence eloquence force-pushed the migrate-cleanup-to-gha branch 2 times, most recently from fa582a2 to 7b9f327 Compare April 9, 2024 01:39
The `clean-old-packages` script was adapted from the
`securedrop-builder` repository and originally written by
Kunal Mehta.
@eloquence eloquence marked this pull request as ready for review April 9, 2024 01:48
@eloquence eloquence changed the title [WIP] Migrate cleanup workflow to GitHub Actions Migrate cleanup workflow to GitHub Actions Apr 9, 2024
@eloquence
Copy link
Member Author

(I believe this is ready for a review pass anytime, but I'll open a cleanup PR to remove the migrated job on securedrop-builder tomorrow.)

This script is run in CI in a Fedora container. You can spin up a similar
container locally using podman or docker, e.g.:

podman run -it --rm -v $(pwd):/workspace:Z fedora:39 bash
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably the trickiest part was to get the script running locally on a non-Fedora system, so I added this to help with bootstrapping.

Copy link
Member

@legoktm legoktm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@legoktm legoktm merged commit 570ba4d into main Apr 9, 2024
@legoktm legoktm deleted the migrate-cleanup-to-gha branch April 9, 2024 15:01
@legoktm
Copy link
Member

legoktm commented Apr 10, 2024

d5ac35b - awesome!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

2 participants