Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include links to the Evergreen build and to the driver security testing summary in the SSDLC report #1426

Merged
merged 7 commits into from
Jun 28, 2024
Merged

Include links to the Evergreen build and to the driver security testing summary in the SSDLC report #1426

merged 7 commits into from
Jun 28, 2024

Conversation

stIncMale
Copy link
Member

@stIncMale stIncMale commented Jun 25, 2024
edited
Loading

The PR implements the requirements specified in this comment.

The example report produced with the changes in this PR is here. Note that it does not contain a valid Evergreen build URL, because it does not seem possible to compute such a URL for a snapshot build.

If you want to check the Evergreen URL computed for major/minor/patch releases, run the following manually (you can cancel the execution as soon as it prints Evergreen build URL: ..., which happens right at the beginning), and check the URL printed: env PRODUCT_NAME=mongo-java-driver PRODUCT_VERSION=5.1.1 ./.evergreen/ssdlc-report.sh (you can play with the PRODUCT_VERSION value to see the URL for different kinds of releases).

JAVA-5500

@stIncMale stIncMale requested a review from vbabanin June 25, 2024 23:22
@stIncMale stIncMale self-assigned this Jun 25, 2024
stIncMale
stIncMale commented Jun 25, 2024
View reviewed changes
.evergreen/ssdlc-report.sh Outdated Show resolved Hide resolved
@stIncMale stIncMale marked this pull request as ready for review June 25, 2024 23:29
vbabanin
vbabanin reviewed Jun 27, 2024
View reviewed changes
.evergreen/ssdlc-report.sh Outdated
declare -r EVERGREEN_PROJECT_NAME_SUFFIX="${PRODUCT_VERSION%.*}"
declare -r EVERGREEN_BUILD_URL="${EVERGREEN_BUILD_URL_PREFIX}/${EVERGREEN_PROJECT_NAME_PREFIX}_${EVERGREEN_PROJECT_NAME_SUFFIX}_${GIT_COMMIT_HASH}"
elif [[ "${PRODUCT_NAME}" == *'-snapshot' ]]; then
declare -r EVERGREEN_BUILD_URL="https://no-url-for-snapshot-builds"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We currently use a placeholder URL (https://no-url-for-snapshot-builds) in the report. Since we don't own this domain, there's some risk it could be registered and misused, potentially exposing viewers to unexpected content if they click on or visit the link expecting legitimate information. I suggest replacing it with a non-clickable message, such as 'No URL available for snapshot builds.

Suggested change
declare -r EVERGREEN_BUILD_URL="https://no-url-for-snapshot-builds"
declare -r EVERGREEN_BUILD_URL="There is no URL available for snapshot builds"

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in 81e4f4d.

@stIncMale stIncMale requested a review from vbabanin June 28, 2024 14:04
stIncMale
stIncMale commented Jun 28, 2024
View reviewed changes
.evergreen/.evg.yml
@@ -150,6 +150,8 @@ functions:
env:
PRODUCT_NAME: ${product_name}
PRODUCT_VERSION: ${product_version}
PRODUCT_RELEASE_CREATOR: ${author}
EVERGREEN_VERSION_ID: ${version_id}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vbabanin proposed a great idea to use Evergreen default expansions instead of trying to compute the required information on our own. Implementing this proposal greatly simplified the PR. However, I don't see how to test the new approach for builds triggered by a Git tag. We will see today how that works when releasing 5.1.2.

@stIncMale stIncMale merged commit e283f57 into mongodb:master Jun 28, 2024
60 checks passed
stIncMale added a commit to stIncMale/mongo-java-driver that referenced this pull request Jun 28, 2024
@stIncMale
Include links to the Evergreen build and to the driver security testi…
f2c5194 
…ng summary in the SSDLC report (mongodb#1426)

JAVA-5500
@stIncMale stIncMale mentioned this pull request Jun 28, 2024
Merged
stIncMale added a commit that referenced this pull request Jun 28, 2024
@stIncMale
Include links to the Evergreen build and to the driver security testi…
c320ac1 
…ng summary in the SSDLC report (#1426) (#1432)

This is a backport of #1426 to 5.1.x.

JAVA-5500
@stIncMale stIncMale deleted the JAVA-5500 branch August 16, 2024 17:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vbabanin vbabanin Awaiting requested review from vbabanin

Assignees

@stIncMale stIncMale

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@stIncMale @vbabanin