From f900b0b776b3bb8bf9d6cde4fe6ad39d0cadbefd Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Wed, 28 May 2025 09:37:48 +0100 Subject: [PATCH] workflows: Delete workflows Some legacy workflows require write access to github which is a security weakness and don't provide much value, so lets remove them. Signed-off-by: stevenhorsman --- .github/workflows/add-issues-to-project.yaml | 59 ------------ .github/workflows/add-pr-sizing-label.yaml | 53 ----------- .../workflows/move-issues-to-in-progress.yaml | 91 ------------------- 3 files changed, 203 deletions(-) delete mode 100644 .github/workflows/add-issues-to-project.yaml delete mode 100644 .github/workflows/add-pr-sizing-label.yaml delete mode 100644 .github/workflows/move-issues-to-in-progress.yaml diff --git a/.github/workflows/add-issues-to-project.yaml b/.github/workflows/add-issues-to-project.yaml deleted file mode 100644 index 9ff930de3..000000000 --- a/.github/workflows/add-issues-to-project.yaml +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright (c) 2020 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -name: Add newly created issues to the backlog project - -on: - issues: - types: - - opened - - reopened - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - add-new-issues-to-backlog: - runs-on: ubuntu-22.04 - steps: - - name: Install hub - run: | - HUB_ARCH="amd64" - HUB_VER=$(curl -sL "https://api.github.com/repos/github/hub/releases/latest" |\ - jq -r .tag_name | sed 's/^v//') - curl -sL \ - "https://github.com/github/hub/releases/download/v${HUB_VER}/hub-linux-${HUB_ARCH}-${HUB_VER}.tgz" |\ - tar xz --strip-components=2 --wildcards '*/bin/hub' && \ - sudo install hub /usr/local/bin - - - name: Install hub extension script - run: | - # Clone into a temporary directory to avoid overwriting - # any existing github directory. - pushd "$(mktemp -d)" &>/dev/null - git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts - sudo install hub-util.sh /usr/local/bin - popd &>/dev/null - - - name: Checkout code to allow hub to communicate with the project - uses: actions/checkout@v4 - - - name: Add issue to issue backlog - env: - GITHUB_TOKEN: ${{ secrets.KATA_GITHUB_ACTIONS_TOKEN }} - run: | - issue=${{ github.event.issue.number }} - - project_name="Issue backlog" - project_type="org" - project_column="To do" - - hub-util.sh \ - add-issue \ - "$issue" \ - "$project_name" \ - "$project_type" \ - "$project_column" diff --git a/.github/workflows/add-pr-sizing-label.yaml b/.github/workflows/add-pr-sizing-label.yaml deleted file mode 100644 index f60f76487..000000000 --- a/.github/workflows/add-pr-sizing-label.yaml +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright (c) 2022 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -name: Add PR sizing label - -on: - pull_request_target: - types: - - opened - - reopened - - synchronize - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - add-pr-size-label: - runs-on: ubuntu-22.04 - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ github.event.pull_request.base.ref }} - - - name: Install PR sizing label script - run: | - # Clone into a temporary directory to avoid overwriting - # any existing github directory. - pushd "$(mktemp -d)" &>/dev/null - git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts - sudo install pr-add-size-label.sh /usr/local/bin - popd &>/dev/null - - - name: Add PR sizing label - env: - GITHUB_TOKEN: ${{ secrets.KATA_GITHUB_ACTIONS_PR_SIZE_TOKEN }} - run: | - pr=${{ github.event.number }} - # Removing man-db, workflow kept failing, fixes: #4480 - sudo apt -y remove --purge man-db - sudo apt update && sudo apt -y install diffstat patchutils - - pr-add-size-label.sh -p "$pr" diff --git a/.github/workflows/move-issues-to-in-progress.yaml b/.github/workflows/move-issues-to-in-progress.yaml deleted file mode 100644 index d845082c3..000000000 --- a/.github/workflows/move-issues-to-in-progress.yaml +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright (c) 2020 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -name: Move issues to "In progress" in backlog project when referenced by a PR - -on: - pull_request_target: - types: - - opened - - reopened - -jobs: - move-linked-issues-to-in-progress: - runs-on: ubuntu-22.04 - steps: - - name: Install hub - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - run: | - HUB_ARCH="amd64" - HUB_VER=$(curl -sL "https://api.github.com/repos/github/hub/releases/latest" |\ - jq -r .tag_name | sed 's/^v//') - curl -sL \ - "https://github.com/github/hub/releases/download/v${HUB_VER}/hub-linux-${HUB_ARCH}-${HUB_VER}.tgz" |\ - tar xz --strip-components=2 --wildcards '*/bin/hub' && \ - sudo install hub /usr/local/bin - - - name: Install hub extension script - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - run: | - # Clone into a temporary directory to avoid overwriting - # any existing github directory. - pushd "$(mktemp -d)" &>/dev/null - git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts - sudo install hub-util.sh /usr/local/bin - popd &>/dev/null - - - name: Checkout code to allow hub to communicate with the project - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ github.event.pull_request.base.ref }} - - - name: Move issue to "In progress" - if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }} - env: - GITHUB_TOKEN: ${{ secrets.KATA_GITHUB_ACTIONS_TOKEN }} - run: | - pr=${{ github.event.pull_request.number }} - - linked_issue_urls=$(hub-util.sh \ - list-issues-for-pr "$pr" |\ - grep -v "^\#" |\ - cut -d';' -f3 || true) - - # PR doesn't have any linked issues, handle it only if it exists - [ -z "$linked_issue_urls" ] && { - echo "::warning::No linked issues for PR $pr" - exit 0 - } - - project_name="Issue backlog" - project_type="org" - project_column="In progress" - - for issue_url in $linked_issue_urls - do - issue=$(echo "$issue_url"| awk -F/ '{print $NF}' || true) - - [ -z "$issue" ] && { - echo "::error::Cannot determine issue number from $issue_url for PR $pr" - exit 1 - } - - # Move the issue to the correct column on the project board - hub-util.sh \ - move-issue \ - "$issue" \ - "$project_name" \ - "$project_type" \ - "$project_column" - done