search

TykTechnologies / tyk

Tyk Open Source API Gateway written in Go, supporting REST, GraphQL, TCP and gRPC protocols
Other
9.75k stars 1.09k forks source link

[SYSE-399 release-5.6] distroless missing from 5.5 and 5.6 #6581

Closed konrad-sol closed 1 month ago

konrad-sol commented 2 months ago

Reported on Slack at https://tyktech.slack.com/archives/C02JETM5S4B/p1727688424333849 Going forward, config.yaml will be updated by the squads as appropriate.

github-actions[bot] commented 2 months ago

API Changes

no api changes detected
github-actions[bot] commented 2 months ago

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪
🧪 PR contains tests
🔒 No security concerns identified
⚡ Key issues to review

Concurrency Logic
The concurrency logic might not correctly handle cases where multiple workflows are triggered by different events. Ensure that the concurrency group and conditions are correctly set to manage multiple triggers effectively. Dockerfile Path
The change from `ci/Dockerfile.distroless` to `ci/Dockerfile.std` needs verification to ensure that all dependencies and configurations are compatible and performant in the new standard Dockerfile. Environment Variables
The change of the `VARIATION` environment variable from `prod` to `inverted` could affect the build configuration significantly. This change should be thoroughly tested to ensure it does not negatively impact the build process.
github-actions[bot] commented 2 months ago

PR Code Suggestions ✨

CategorySuggestion                                                                                                                                    Score
Performance
Include the branch name in cache keys to avoid conflicts and improve cache relevance ___ **Update the caching keys in the GitHub Actions workflow to include the branch name,
which can prevent conflicts and ensure more accurate cache usage across different
branches.** [.github/workflows/release.yml [87-89]](https://github.com/TykTechnologies/tyk/pull/6581/files#diff-87db21a973eed4fef5f32b267aa60fcee5cbdf03c67fafdc2a9b553bb0b15f34R87-R89) ```diff -key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} +key: ${{ runner.os }}-go-${{ github.ref_name }}-${{ hashFiles('**/go.sum') }} restore-keys: | - ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + ${{ runner.os }}-go-${{ github.ref_name }}-${{ hashFiles('**/go.sum') }} ```
Suggestion importance[1-10]: 9 Why: Including the branch name in cache keys is a significant improvement that can prevent cache conflicts and ensure more accurate cache usage, especially in multi-branch workflows.
9
Enhancement
Simplify the BASE_REF expression for clarity and reliability ___ **Replace the use of startsWith in the BASE_REF expression with a more direct approach
using github.base_ref for pull requests and github.ref_name for other events. This
simplifies the expression and avoids potential issues with the startsWith function.** [.github/workflows/release.yml [31]](https://github.com/TykTechnologies/tyk/pull/6581/files#diff-87db21a973eed4fef5f32b267aa60fcee5cbdf03c67fafdc2a9b553bb0b15f34R31-R31) ```diff -BASE_REF: ${{startsWith(github.event_name, 'pull_request') && github.base_ref || github.ref_name}} +BASE_REF: ${{ github.event_name == 'pull_request' ? github.base_ref : github.ref_name }} ```
Suggestion importance[1-10]: 8 Why: The suggestion simplifies the logic for determining `BASE_REF`, making it more readable and potentially reducing errors by using a more straightforward conditional expression.
8
Maintainability
Improve the robustness of the conditional check for running the goreleaser job ___ **Ensure that the if condition for the job goreleaser checks for the event type
explicitly rather than relying on the draft status of the pull request. This makes
the condition clearer and more robust to changes in how drafts are handled.** [.github/workflows/release.yml [34]](https://github.com/TykTechnologies/tyk/pull/6581/files#diff-87db21a973eed4fef5f32b267aa60fcee5cbdf03c67fafdc2a9b553bb0b15f34R34-R34) ```diff -if: github.event.pull_request.draft == false +if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.draft == false) ```
Suggestion importance[1-10]: 7 Why: The suggestion enhances clarity and robustness by explicitly checking the event type, which can prevent unintended behavior if the handling of draft pull requests changes.
7
sonarcloud[bot] commented 1 month ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud