π GitHub Codeowners Validator 0.7.0 is now available!
Highlights
π§ Bug Fixes
-
Normalize team name before comparison (#78) (@mszostok)
GitHub is case-insensitive when assigning owners for a review. To match this approach now owners are normalized before checking if they exist under a given GitHub organization. -
Allow unowned patterns by default with an option to change it (#113) (@mszostok)
GitHub allows you to define a pattern and left its owners empty. For example:/apps/ @octocat /apps/githubIn version 0.6 this was reported as error (
Missing owner, at least one owner is required).
In this release, this check was moved underownerchecker and made optional. As a result, validator may work in a picky mode when needed, see new option:Name Default Description OWNER_CHECKER_ALLOW_UNOWNED_PATTERNS trueSpecifies whether CODEOWNERS may have unowned files. For example:
/infra/oncall-rotator/ @sre-team
/infra/oncall-rotator/oncall-config.yml
The/infra/oncall-rotator/oncall-config.ymlfile is not owned by anyone.To enable strict mode on GitHub Action specify: - name: GitHub CODEOWNERS Validator uses: mszostok/[email protected] with: owner_checker_allow_unowned_patterns: "false"
Additionally, it is now reported as
warningnoterror:==> Executing Valid Owner Checker (1.2s) [war] line 23: Missing owner, at least one owner is required -
0e709b4: Changed belongs to belong in error message, add integration tests(#108) (@kyleellman)
β¨ New checks
- Enforce only one CODEOWNERS file (#100) (@athtran)
In v0.7 an error is reported when more than one CODEOWNERS file is detected.
π Docs
π‘οΈ Security
- Add CodeQL analysis GH job (cc618b4) (@mszostok)
- Create SECURITY.md (5d8bce3) (@mszostok)
- Fix shellcheck issues (#75) (@mszostok)
Installation
See the Installation section for more installation options.
Docker images
ghcr.io:
docker pull ghcr.io/mszostok/codeowners-validator:stabledocker pull ghcr.io/mszostok/codeowners-validator:v0docker pull ghcr.io/mszostok/codeowners-validator:v0.7docker pull ghcr.io/mszostok/codeowners-validator:v0.7.0
Docker Hub:
NOTE: Pushing to docker Hub will be deprecated and removed soon.
docker pull mszostok/codeowners-validator:latestdocker pull mszostok/codeowners-validator:v0.7.0docker pull mszostok/codeowners-validator:v0.7
Changelog π
- 0078c61: Add initial pull-request GitHub Action (@mszostok)
- 8800a24: Migrate tests from TravisCI to GitHub Action (#66) (@mszostok)
- e490734: Fix shellcheck issues (#75) (@mszostok)
- d86b542: Add information how to configure GitHub action (#74) (@mszostok)
- cc618b4: Add CodeQL analysis GH job (@mszostok)
- 5d8bce3: Create SECURITY.md (@mszostok)
- 58fe8a3: Normalize team name before comparison (#78) (@mszostok)
- 80f3ee0: Replace deprecated go get with go install (#79) (@mszostok)
- 16266ad: Configure Dependabot for v2 (@mszostok)
- 1b1093a: Update deps for Go and Dockerfile and switch to Go 1.17 (#89) (@mszostok)
- 2044fb5: Apply fixes after branch rename (#92) (@mszostok)
- 51f4627: Rename workflow branches (@mszostok)
- c907f36: Change dependabot interval from daily to monthly (@mszostok)
- ac35737: Bump dependencies (#110) (@mszostok)
- add91fe: Enforce only one CODEOWNERS file (#100) (@athtran)
- 5367f8a: Allow unowned patterns by default with an option to change it (#113) (@mszostok)
- e933870: Fix spelling of brand GitHub (#106) (@jsoref)
- 0e709b4: Changed belongs to belong in error message, add integration tests(#108) (@kyleellman)
- dcfa851: Update goreleaser, add release GitHub Action (@mszostok)
- c4754a1: Adjust docs and GitHub action for v0.7.0 release (#120) (@mszostok)
- 5136b12: Ensure that git is not in dirty state after upx download (@mszostok)
- a74f7fa: Fix tar expression (@mszostok)
- 623a681: Remove upx-3.96-amd64_linux.tar.xz archive before goreleaser execution (@mszostok)
- 6bf04a9: Add login to Docker Hub (@mszostok)
