Closed jtherrmann closed 1 year ago
@jtherrmann for your todos/questions:
How to add all the required labels (major, minor, patch, bumpless)?
For new repositories, they will come with required labels as the default labels are set at the org-level here: https://github.com/organizations/ASFHyP3/settings/repository-defaults
For repos that already exist and don't have them, you'll need to add them manually -- easiest to copy paste values from the org defaults. For this repo, you add them here: https://github.com/ASFHyP3/hyp3-cookiecutter/labels
Do we need a deploy workflow to call reusable-bump-version.yml?
Yes, we need a tag-version.yml
. The release workflow you've added is triggered on a new tag. To create the new tag from a merge to main, you need the reusable-bumb-version workflow.
We technically could not use a main
branch and just manually push a tag for a release, but then we wouldn't need the labeled PR workflow and there would be no release review mechanism.
Do we want static analysis? (I don't think so?)
It's probably a good idea to have the secrets scanning on, but there isn't any linting or anything like that's needed.
I went ahead and added the labels.
Trufflehog failures should be good to ignore and will clean themselves up at release
I've reviewed the trufflehog failures and confirmed that they can be safely ignored.
TODO:
reusable-bump-version.yml
?