Merge branch 'main' into dependabot/pip/pyyaml-6.0.1

.github/dependabot.yml

@@ -5,8 +5,17 @@
 
 version: 2
 updates:
-  - package-ecosystem: "pip"
+  - package-ecosystem: pip
     directory: "/"
     schedule:
-      interval: "daily"
-    open-pull-requests-limit: 10
+      interval: weekly
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+    commit-message:
+      prefix: github-actions
+      include: scope
+    labels:
+      - github-actions
+      - dependencies

.github/release.yaml

@@ -0,0 +1,5 @@
+
+changelog:
+  exclude:
+    labels:
+      - dependencies

.github/workflows/build.yaml

@@ -21,20 +21,20 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Docker Buildk
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to ghcr
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build and push
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile

.github/workflows/codeql.yml

@@ -38,11 +38,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -55,7 +55,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -68,6 +68,6 @@ jobs:
     #   ./location_of_script_within_repo/buildscript.sh
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
       with:
         category: "/language:${{matrix.language}}"

.github/workflows/main.yaml

@@ -18,14 +18,17 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Setup Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: '3.10'
           cache: pip
       - name: Install dependencies
         run: pip install -r requirements.txt
+      - name: Boot compose test service
+        run: docker compose up --build --detach
+        working-directory: bert_e/tests/images
       - name: Install tox
         run: pip install tox
       - run: tox -e utests
@@ -37,9 +40,9 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Setup Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: '3.10'
           cache: pip
@@ -53,9 +56,9 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Setup Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: '3.10'
           cache: pip
@@ -69,9 +72,9 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Setup Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: '3.10'
           cache: pip

.github/workflows/release.yaml

@@ -1,56 +1,13 @@
 name: release
 
 on:
-  workflow_dispatch:
-    inputs:
-      tag:
-        description: 'Tag to be released'
-        required: true
-
-jobs:
   release:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      - name: Set up Docker Buildk
-        uses: docker/setup-buildx-action@v1
-        with:
-          buildkitd-flags: --debug
-
-      - name: Login to ghcr
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+    types: [published]
 
-      - name: Login to Scality Registry
-        uses: docker/login-action@v1
-        with:
-          registry: registry.scality.com
-          username: ${{ secrets.REGISTRY_LOGIN }}
-          password: ${{ secrets.REGISTRY_PASSWORD }}
-
-      - name: Build and push
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          file: ./Dockerfile
-          push: true
-          build-args: |
-            VERSION=${{ github.event.inputs.tag }}
-          tags: |
-            ghcr.io/scality/bert-e:${{ inputs.tag }}
-            registry.scality.com/bert-e/bert-e:${{ inputs.tag }}
-
-      - name: Create Release
-        uses: softprops/action-gh-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          name: Release ${{ github.event.inputs.tag }}
-          tag_name: ${{ github.event.inputs.tag }}
-          generate_release_notes: true
-          target_commitish: ${{ github.sha }}
+jobs:
+  docker:
+    uses: scality/workflows/.github/workflows/docker-build.yaml@v2
+    with:
+      name: bert-e
+      namespace: scality
+      tag: ${{ github.ref_name }}

.github/workflows/trivy.yaml

@@ -30,7 +30,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ env.REF }}
 
@@ -42,7 +42,7 @@ jobs:
           output: 'trivy-results.sarif'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'trivy-results.sarif'
           ref: '${{ env.REF }}'

CHANGELOG

@@ -1,6 +1,30 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [4.0.0] - 2024-03-06
+# Removed
+- Support of tasks as it unused to due its incompatibility with GitHub.
+
+# Added
+- Bert-E's status notifications through a build status check.
+
+## [3.12.0] - 2024-02-26
+# Added
+- Add toggable list of options and commands to init message.
+
+## [3.11.0] - 2024-01-26
+# Added
+- Support of merging a PR and skip the queue when it is not needed.
+
+## [3.10.0] - 2023-11-14
+# Added
+- Support of tags created with `v` prefix.
+
+## [3.9.0] - 2023-07-20
+# Added
+- Introducing a new option that prevent the creation of
+  integration branches.
+
 ## [3.7.0] - 2022-08-08
 # Added
 - Support config settings through environment.

bert_e/bert_e.py

@@ -42,19 +42,18 @@ def __init__(self, settings):
             settings.repository_host,
             settings.robot.username,
             settings.robot_password,
-            settings.robot_email
+            settings.robot_email,
+            settings.github_app_id,
+            settings.github_installation_id,
+            settings.github_private_key,
         )
+        if settings.repository_host == 'bitbucket':
+            self.settings.robot.account_id = self.client.get_user_id()
         self.project_repo = self.client.get_repository(
             owner=settings.repository_owner,
             slug=settings.repository_slug
         )
         settings['use_queue'] = not settings.disable_queues
-        if settings.repository_host == 'bitbucket':
-            self.settings.robot.account_id = self.client.get_user_id()
-        if settings.repository_host == 'github':
-            if settings['tasks']:
-                LOG.warning("Disabling tasks on GitHub repo")
-                settings['tasks'] = []
 
         self.git_repo = GitRepository(
             self.project_repo.git_url,

bert_e/docs/USER_DOC.md

@@ -119,6 +119,7 @@ __Bert-E__.
 | bypass_peer_approval      | Bypass the pull request peer's approval | yes | no
 | bypass_leader_approval    | Bypass the pull request leader's approval | yes | no
 | create_pull_requests      | Let __Bert-E__ create pull requests corresponding to integration branches | no | no
+| create_integration_branches | Request __Bert-E__ to create integration branches and move forward with the gitwaterflow | no | no
 | no_octopus                | Prevent Wall-E from doing any octopus merge and use multiple consecutive merge instead | yes | no
 | unanimity                 | Change review acceptance criteria from `one reviewer at least` to `all reviewers` (**this feature is not supported on GitHub**) | no | no
 | wait                      | Instruct __Bert-E__ not to run until further notice | no | no
@@ -170,6 +171,19 @@ target development branch. This code is then tested in the build pipeline,
 before any merge can happen. There are as many integration branches as there
 are target branches.
 
+The integration branches are mandatory in the GitWaterFlow process,
+and by default they are automatically created when a pull request is
+opened.
+This behaviour can be changed with the `always_create_integration_branches`
+parameter in the bot settings:
+
+* *true* (default): integration branches are created automatically when a
+  pull request is opened.
+* *false*: users will be required to explicitly request the creation
+  of integration branches by adding a `/create_integration_branches`
+  comment in their pull request (or it will be set for them during
+  other operations, like `approve` or `create_pull_requests`).
+
 On the Git project, the name of the integration branches follow the format:
 
 ```w/<version>/<name_of_source_branch>```