-
Notifications
You must be signed in to change notification settings - Fork 884
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a worklow to potentially deal with stale PR's and Issues #9788
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #9788 +/- ##
=======================================
Coverage 33.15% 33.15%
=======================================
Files 345 345
Lines 23634 23634
=======================================
Hits 7836 7836
Misses 14952 14952
Partials 846 846 ☔ View full report in Codecov by Sentry. |
uses: actions/stale@v5 | ||
with: | ||
stale-issue-message: 'This pull request has been automatically closed because it has been inactive for more than 14 days. Please reopen if you still intend to submit this pull request.' | ||
# We can have different values for issues and PRs, which we might prefer |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR @mviswanathsai ! It is worth checking how Kubernetes does this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey, Shuting! @JimBugwadia also advised me to look into Kubernetes. I just made this PR as a placeholder for further discussions.
Kubernetes follows the method outlined here. They run a docker image for the robot, the metrics etc.
We could try and use the same I think, I could not find much info about it though.
Here is the config file they use.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the slack discussion, I have also linked some discussions on the Kubernetes github about the behavior of the bot itself. It might be worth checking out!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This bot triages issues according to the following rules:
- After 90d of inactivity, `lifecycle/stale` is applied
- After 30d of inactivity since `lifecycle/stale` was applied, `lifecycle/rotten` is applied
- After 30d of inactivity since `lifecycle/rotten` was applied, the issue is closed
Similar for the PRs:
This bot triages PRs according to the following rules:
- After 90d of inactivity, `lifecycle/stale` is applied
- After 30d of inactivity since `lifecycle/stale` was applied, `lifecycle/rotten` is applied
- After 30d of inactivity since `lifecycle/rotten` was applied, the PR is closed
Can we use https://github.com/actions/stale to achieve this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure if we can add add lifecycle/rotten
after lifecycle/stale
. I will have to look into the docs again to make sure.
Even then, this kind of behavior should be possible with adjusting the limits on the days for stale PRs and issues.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In addition to that, we can specify labels on issues and PRs that we may not want to be automatically closed by the github action. Something which we might want to consider.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am working on a fork of the github stale action which will allow us to add a rotten label also. Though this might not be necessary, and I might be unsuccessful in doing so but I decided to give it a shot. I hope that is not a problem! Please let me know in case we cannot afford that time.
Update: I've been working on the fork for the past couple of days, I think it works as expected. I will also make a pr to the original GitHub stale repo to add the changes as a feature. |
Signed-off-by: Mariam Fahmy <[email protected]>
…o#9790) Signed-off-by: Mariam Fahmy <[email protected]>
Signed-off-by: Jim Bugwadia <[email protected]>
Signed-off-by: Mariam Fahmy <[email protected]>
Bumps [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk/metric dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…otlpmetricgrpc (kyverno#9797) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…#9794) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.1 to 4.0.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@e0b68c6...0cfda1d) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…rno#9796) Bumps [go.opentelemetry.io/otel/exporters/prometheus](https://github.com/open-telemetry/opentelemetry-go) from 0.45.2 to 0.46.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@example/prometheus/v0.45.2...example/prometheus/v0.46.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/prometheus dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…yverno#9795) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…tlptracegrpc (kyverno#9798) Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.23.1...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…#9811) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.2 to 4.1.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@0cfda1d...54bcd87) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…p/otelhttp (kyverno#9809) Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.48.0 to 0.49.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.48.0...zpages/v0.49.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…9810) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.19.0 to 0.20.0. - [Commits](golang/crypto@v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix(globalcontext): old waitgroup not stopping Signed-off-by: Khaled Emara <[email protected]> * chore(globalcontext): add AGE Signed-off-by: Khaled Emara <[email protected]> * feat(globalcontext): add lastRefreshTime Signed-off-by: Khaled Emara <[email protected]> * fix(globalcontext): unhandled intormer run exception Signed-off-by: Khaled Emara <[email protected]> * chore(globalcontext): comment wording Signed-off-by: Khaled Emara <[email protected]> * chore(globalcontext): codegen Signed-off-by: Khaled Emara <[email protected]> * fix(globalcontext): linter Signed-off-by: Khaled Emara <[email protected]> --------- Signed-off-by: Khaled Emara <[email protected]>
Signed-off-by: Mariam Fahmy <[email protected]>
…yverno#9825) Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ivault (kyverno#9821) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
kyverno#9823) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…kyverno#9832) Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) from 0.1.6 to 0.1.7. - [Release notes](https://github.com/kyverno/action-install-chainsaw/releases) - [Commits](kyverno/action-install-chainsaw@204730d...3bf0752) --- updated-dependencies: - dependency-name: kyverno/action-install-chainsaw dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…verno#9831) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.17.0 to 0.18.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@84384bd...062f259) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…yverno#9830) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…yverno#9828) * Restore warn-exite-code functionality for apply command Signed-off-by: Matt Veitas <[email protected]> * Nove error handling Signed-off-by: Matt Veitas <[email protected]> * Uncomment println statement Signed-off-by: Matt Veitas <[email protected]> * Fixing linting Signed-off-by: Matt Veitas <[email protected]> * Adding conformance tets for cli apply command with warn-exit-code Signed-off-by: Matt Veitas <[email protected]> * Update path to kubectl-kyverno binary Signed-off-by: Matt Veitas <[email protected]> * Add prepare-cli as needed dependency Signed-off-by: Matt Veitas <[email protected]> * feat: install kubectl-kyverno in standard conformance tests Signed-off-by: ShutingZhao <[email protected]> * fix: update chainsaw config Signed-off-by: ShutingZhao <[email protected]> * fix: move CLI chainsaw tests to a separate action Signed-off-by: ShutingZhao <[email protected]> * fix: CLI path Signed-off-by: ShutingZhao <[email protected]> * fix: name Signed-off-by: ShutingZhao <[email protected]> * fix: add chainsaw flag '--no-cluster' Signed-off-by: ShutingZhao <[email protected]> * fix: CLI name Signed-off-by: ShutingZhao <[email protected]> --------- Signed-off-by: Matt Veitas <[email protected]> Signed-off-by: ShutingZhao <[email protected]> Signed-off-by: shuting <[email protected]> Co-authored-by: ShutingZhao <[email protected]>
…yverno#9822) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Mariam Fahmy <[email protected]>
Signed-off-by: Younsung Lee <[email protected]>
Signed-off-by: Vishal Choudhary <[email protected]>
…erno#9845) * fix: add missing unit tests Signed-off-by: ShutingZhao <[email protected]> * fix: update pinned lib Signed-off-by: ShutingZhao <[email protected]> * fix: uncomment code Signed-off-by: ShutingZhao <[email protected]> --------- Signed-off-by: ShutingZhao <[email protected]>
Signed-off-by: Charles-Edouard Brétéché <[email protected]>
…verno#9842) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Explanation
This PR is to discuss, finalize and implement a strategy to manage stale issues and PRs lifecycle in the kyverno repo.
Related issue
Milestone of this PR
Documentation (required for features)
My PR contains new or altered behavior to Kyverno.
What type of PR is this
Proposed Changes
To add a github worklow to automate /semi-automate the process.
Proof Manifests
Checklist
Further Comments
moved to #9857