Skip to content

Releases: mszostok/codeowners-validator

v0.7.4

16 Apr 14:06
7f3f5e2
Compare
Choose a tag to compare

🎉 GitHub Codeowners Validator 0.7.4 is now available!

Highlights

✨ New functionality

🔧 Bug Fixes

Changelog

v0.7.3

13 Apr 10:39
436c7ac
Compare
Choose a tag to compare

🎉 GitHub Codeowners Validator 0.7.3 is now available!

Highlights

✨ New functionality

  • not-owned-checker: Add git-ls-tree implementation with subdirectory support (#141) (@jeremycohen)
    Now you can specify against which subdirectories the not-owned check should be executed. To configure that, use the NOT_OWNED_CHECKER_SUBDIRECTORIES environment variable. In the default mode, it works as previously, where all files are checked.
  • Add GitHub token validation to get rid of misleading error checks (#143)

🔧 Bug Fixes

  • Fix scope and internal error handling (#145) (@mszostok)
    The previous release informs the user about the internal error, but the exit code was not properly propagated. Now, besides the error message, the exit code is also set.

Changelog

v0.7.2

06 Apr 19:10
f555ba6
Compare
Choose a tag to compare

🎉 GitHub Codeowners Validator 0.7.2 is now available!

Highlights

🔧 Bug Fixes

✨ New checks

  • Add a flag to only allow teams as owners (#127) (@seveas)
    Now you can enable more strict rule and specify that only teams are allowed as owners of files.

🛡️ Security

Installation

See the Installation section for more installation options.

Docker images

ghcr.io:

  • docker pull ghcr.io/mszostok/codeowners-validator:stable
  • docker pull ghcr.io/mszostok/codeowners-validator:v0
  • docker pull ghcr.io/mszostok/codeowners-validator:v0.7
  • docker pull ghcr.io/mszostok/codeowners-validator:v0.7.2

Changelog 🚀

v0.7.1

13 Feb 12:18
2f478ec
Compare
Choose a tag to compare

🔧 Bug fix release for 0.7.1 is now available!

Issue

Reports Team does not belong to organization error even if team is assigned to a proper GitHub organization. (#121)

Root cause

This was a side effect of #78 (comment) where not only team was normalized. Unfortunately, it was not detected by the integration test, as I used only the gh-codeowners organization. As you can see, it's all lower-case.

To reproduce the problem, I created a new organization GitHubCODEOWNERS and executed the v0.7 against it and ran into the same problem: https://github.com/GitHubCODEOWNERS/codeowners-samples/runs/5173200010?check_suite_focus=true

I tested that further to check whether GitHub also is case-insensitive for Organization names:

Corrective and Preventative Measures

To fix that problem, I created this PR: #122 and tested also against a newly created organization: https://github.com/GitHubCODEOWNERS/codeowners-samples/runs/5173279973?check_suite_focus=true

I also added new integration tests against new GitHubCODEOWNERS organization to ensure no regression in the future.

Additional Corrective and Preventative Measures

In this case it's a bit of revers engineering as I don't have access to GitHub code which is responsible for assigning owners. As a result, I will need to create yet another e2e test that will be executed periodically to:

  • Create a sample PR against files where @GiTHubCodeOwners/A-TeAm is specified and check whether GitHub is still case-insensitive and assigns @GitHubCodeowners/a-team properly.

In this way, I will be notified when GitHub will change its behavior and I will be able to release a new version that will match a changed functionality.

Changelog

Please see: https://github.com/mszostok/codeowners-validator/releases/tag/v0.7.0

v0.7.0

12 Feb 21:46
6bf04a9
Compare
Choose a tag to compare

🎉 GitHub Codeowners Validator 0.7.0 is now available!

Highlights

🔧 Bug Fixes

  • Normalize team name before comparison (#78) (@mszostok)
    GitHub is case-insensitive when assigning owners for a review. To match this approach now owners are normalized before checking if they exist under a given GitHub organization.

  • Allow unowned patterns by default with an option to change it (#113) (@mszostok)
    GitHub allows you to define a pattern and left its owners empty. For example:

    /apps/ @octocat
    /apps/github 
    

    In version 0.6 this was reported as error (Missing owner, at least one owner is required).
    In this release, this check was moved under owner checker and made optional. As a result, validator may work in a picky mode when needed, see new option:

    Name Default Description
    OWNER_CHECKER_ALLOW_UNOWNED_PATTERNS true Specifies whether CODEOWNERS may have unowned files. For example:

    /infra/oncall-rotator/ @sre-team
    /infra/oncall-rotator/oncall-config.yml

    The /infra/oncall-rotator/oncall-config.yml file is not owned by anyone.
    To enable strict mode on GitHub Action specify:
          - name: GitHub CODEOWNERS Validator
            uses: mszostok/codeowners-validator@v0.7.0
            with:
              owner_checker_allow_unowned_patterns: "false"

    Additionally, it is now reported as warning not error:

    ==> Executing Valid Owner Checker (1.2s)
        [war] line 23: Missing owner, at least one owner is required
    
  • Fix spelling of brand GitHub (#106) (@jsoref)

  • 0e709b4: Changed belongs to belong in error message, add integration tests(#108) (@kyleellman)

✨ New checks

  • Enforce only one CODEOWNERS file (#100) (@athtran)
    In v0.7 an error is reported when more than one CODEOWNERS file is detected.

📖 Docs

  • Add information how to configure GitHub action (#74) (@mszostok)

🛡️ Security

Installation

See the Installation section for more installation options.

Docker images

ghcr.io:

  • docker pull ghcr.io/mszostok/codeowners-validator:stable
  • docker pull ghcr.io/mszostok/codeowners-validator:v0
  • docker pull ghcr.io/mszostok/codeowners-validator:v0.7
  • docker pull ghcr.io/mszostok/codeowners-validator:v0.7.0

Docker Hub:

NOTE: Pushing to docker Hub will be deprecated and removed soon.

  • docker pull mszostok/codeowners-validator:latest
  • docker pull mszostok/codeowners-validator:v0.7.0
  • docker pull mszostok/codeowners-validator:v0.7

Changelog 🚀

v0.6.0

22 Jan 10:07
2f6e3bb
Compare
Choose a tag to compare

🚨GitHub Codeowners Validator 0.6.0 is now available!

Highlights

  • ✨ Add validation for checking if team has a proper permission
    Due to the new permission validation step in Owners Checker, this check takes a little more time.

  • 🐛 Fix bug in Owners Checker. Now Owners Checker supports child teams with inherited repo perms.

  • ⚠️ Error message was changed in Owners Checker.

    # From
    [err] line 15: Team "avengers" does not have permissions associated with the repository "codeowners-samples".
        
    # To
    [err] line 15: Team "avengers" does not exist in organization "gh-codeowners" or has no permissions associated with the repository.
    

Installation

To install the codeowners-validator, run:

# Install codeowners-validator in /usr/local/bin in version 0.6.0
curl -sfL https://raw.githubusercontent.com/mszostok/codeowners-validator/master/install.sh| sh -s -- -b /usr/local/bin v0.6.0

See the Installation section for more installation options.

Docker images

  • docker pull mszostok/codeowners-validator:latest
  • docker pull mszostok/codeowners-validator:v0.6.0
  • docker pull mszostok/codeowners-validator:v0.6

Changelog 🚀

8fafb0b Adjust docs and GitHub action for v0.6.0 release
2f6e3bb Fix badly worded error (#64)
5ed7b98 Adjust integration test after changing error message
204640e address comments from PR #62
9224144 Add permissions check to valid_owner
cde24ed Add a twitter badge
e5e11b0 rename test to comply with golang.org/x/mod/module.CheckFilePath (#60)

Contributors

Thanks again to everyone who contributed to this release! ✨

Users whose commits are in this release:

v0.5.1

02 Nov 16:50
Compare
Choose a tag to compare

Changelog

d6bdfac Add CONTRIBUTING.md and development.md (#56)
4f46df1 Add configurability for the list of ignored owners (#55)
085f270 Adjust docs and GitHub action for v0.5.1 release
97fb795 Ignore ghost user (#53)
0b6c2ef Update info about new checker (#51)

Docker images

  • docker pull mszostok/codeowners-validator:latest
  • docker pull mszostok/codeowners-validator:v0.5.1
  • docker pull mszostok/codeowners-validator:v0.5

v0.5.0

26 Oct 10:31
Compare
Choose a tag to compare

🚨GitHub Codeowners Validator 0.5.0 is now available!

In this release, we’ve focused more on bug fixing and updating the project from the developer’s perspective.

Highlights

  • ✨ New CODEOWNERS syntax checker. Reports if CODEOWNERS file contains invalid syntax definition. It is imported as:

    "If any line in your CODEOWNERS file contains invalid syntax, the file will not be detected
    and will not be used to request reviews. Invalid syntax includes inline comments
    and user or team names that do not exist on GitHub."

    source: https://help.github.com/articles/about-code-owners/#codeowners-syntax

  • ✨ New documentation about the GitHub personal access token which should be generated for Valid Owners Checker. The documentation describes why and which scopes have to be granted. Read more here.

  • 🐛 Fix bug in File Exists Checker.

    Background
    A CODEOWNERS file uses a pattern that follows the same rules used in gitignore files.
    The gitignore files support two consecutive asterisks ("**") in patterns that match against the full pathname. Unfortunately the core Go library filepath.Glob does not support ** at all. You can read investigation document for more info.

Installation

To install the codeowners-validator, run:

# Install codeowners-validator in /usr/local/bin in version 0.5.0
curl -sfL https://raw.githubusercontent.com/mszostok/codeowners-validator/master/install.sh| sh -s -- -b /usr/local/bin v0.5.0

See the Installation section for more installation options.

Docker images

  • docker pull mszostok/codeowners-validator:latest
  • docker pull mszostok/codeowners-validator:v0.5.0
  • docker pull mszostok/codeowners-validator:v0.5

Changelog 🚀

282d053 Adjust docs and GitHub action for v0.5.0 release
659e84d Add test coverage for checks (#48)
89d9a5f Extract logic to dedicated valid_syntax checker
7da6dd0 Check for syntax errors in CODEOWNERS file
2c26fdb Fix report badge link (#47)
3c8cc7f Add dockerfile and shellcheck linters, refactor golangci-lint and hack dir (#45)
32b0e86 Fix file exists checker (#44)
cbda10c Add unit-tests coverage for dup_pattern checker (#43)
c915fc0 Update run-test-unit.sh (#41)
8db939c fix: add spacing around pipe operator (#39)
1951ba8 Add codecov support (#38)
a07509e Add integration tests (#30)
41e4231 Add documentation about the GitHub token (#36)

Contributors

Thanks again to everyone who contributed to this release! ✨

Users whose commits are in this release:

v0.4.0

29 Mar 20:59
Compare
Choose a tag to compare

🚨GitHub Codeowners Validator 0.4.0 is now available!

In this release, we’ve focused on creating a dedicated GitHub Action.

Highlights

  • A new shining Codeowners Validator GitHub Action is available! 🚀
    Read more here.

v0.3.0

18 Mar 18:49
Compare
Choose a tag to compare

🚨GitHub Codeowners Validator 0.3.0 is now available!

In this release, we’ve focused more on bug fixing and updating the project from the developer’s perspective.

Highlights

  • The team permission check was removed as it was based on a permission field which is now deprecated.

  • The  organization teams check was fixed by adding pagination support for fetching teams names.

    Problem description: Previously we downloaded only the first page of the organization’s teams. By default, a page is only 30 items. Organizations with >30 teams may have had some teams that were not visible to the check. This caused the checker to think a config was invalid even if it actually wasn’t.

    Special thanks to @jhump for detecting and fixing that problem!

  • Now environments variable are required only if a given check is enabled. Previously, even if the check was disabled, the environment variable connected with that check was still required.

  • The project has switched from Dep to Go modules so it is more friendly to external contributors.

Installation

To install the codeowners-validator, run:

# Install codeowners-validator in /usr/local/bin in version 0.3.0
curl -sfL https://raw.githubusercontent.com/mszostok/codeowners-validator/master/install.sh| sh -s -- -b /usr/local/bin v0.3.0

See the Installation section for more installation options.

⚠️ Breaking changes

All detected issues with a given CODEOWNERS files are now reported as error. From this release, the warning level will only be used for cases that are against best practices.

We’d really appreciate any feedback and any issues you may run into.

Changelog 🚀

bd9a2e2 Add dependabot and add testing against Go 1.12 and 1.13
8a21d9e Switch to go modules, update dependencies to newest ones (#28)
370cd11 Add templates for github pr and issues (#27)
cac5de0 Cleanup init check logic, require configuration only if needed (#26)
62b4264 Fix async write to map and print result (#25)
25929b2 Remove checking team permission as it is not working properly (#24)
12fc383 update valid owner check to support case where there are more teams in organization than a single result page (#23)
d0a4022 Add demo recording to the README.md (#20)
1642c1e Update Roadmap and Installation sections in README.md

Contributors

Thanks again to everyone who contributed to this release! ✨

Users whose commits are in this release: