rust/neon
1
0
Fork 0
mirror of https://github.com/neondatabase/neon.git synced 2026-01-15 09:22:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8619e6295a8a32f20282cf8a264f1d1e019a2e05
neon/CONTRIBUTING.md
Abhijeet Patil 8619e6295a CI: build build-tools image (#6082) 
## Currently our build docker file is located in the build repo it makes
sense to have it as a part of our neon repo

## Summary of changes
We had the docker file that we use to build our binary and other tools
resided in the build repo
It made sense to bring the docker file to its repo where it has been
used
So that the contributors can also view it and amend if required
It will reduce the maintenance. Docker file changes and code changes can
be accommodated in same PR
Also, building the image and pushing it to ECR is abstracted in a
reusable workflow. Ideal is to use that for any other jobs too

## Checklist before requesting a review

- [x] Moved the docker file used to build the binary from the build repo
to the neon repo
- [x] adding gh workflow to build and push the image
- [x] adding gh workflow to tag the pushed image
- [x] update readMe file

---------

Co-authored-by: Abhijeet Patil <abhijeet@neon.tech>
Co-authored-by: Alexander Bayandin <alexander@neon.tech>
2023-12-16 10:33:52 +00:00

3.5 KiB
Raw Blame History

How to contribute

Howdy! Usual good software engineering practices apply. Write tests. Write comments. Follow standard Rust coding practices where possible. Use cargo fmt and cargo clippy to tidy up formatting.

There are soft spots in the code, which could use cleanup, refactoring, additional comments, and so forth. Let's try to raise the bar, and clean things up as we go. Try to leave code in a better shape than it was before.

Pre-commit hook

We have a sample pre-commit hook in pre-commit.py. To set it up, run:

ln -s ../../pre-commit.py .git/hooks/pre-commit

This will run following checks on staged files before each commit:

There is also a separate script ./run_clippy.sh that runs cargo clippy on the whole project and ./scripts/reformat that runs all formatting tools to ensure the project is up to date.

If you want to skip the hook, run git commit with --no-verify option.

Submitting changes

  1. Get at least one +1 on your PR before you push.

    For simple patches, it will only take a minute for someone to review it.

  2. Don't force push small changes after making the PR ready for review. Doing so will force readers to re-read your entire PR, which will delay the review process.

  3. Always keep the CI green.

    Do not push, if the CI failed on your PR. Even if you think it's not your patch's fault. Help to fix the root cause if something else has broken the CI, before pushing.

Happy Hacking!

How to run a CI pipeline on Pull Requests from external contributors

An instruction for maintainers

TL;DR:

  • Review the PR
  • If and only if it looks safe (i.e. it doesn't contain any malicious code which could expose secrets or harm the CI), then:
    • Press the "Approve and run" button in GitHub UI
    • Add the approved-for-ci-run label to the PR

Repeat all steps after any change to the PR.

  • When the changes are ready to get merged — merge the original PR (not the internal one)

Longer version:

GitHub Actions triggered by the pull_request event don't share repository secrets with the forks (for security reasons). So, passing the CI pipeline on Pull Requests from external contributors is impossible.

We're using the following approach to make it work:

  • After the review, assign the approved-for-ci-run label to the PR if changes look safe
  • A GitHub Action will create an internal branch and a new PR with the same changes (for example, for a PR #1234, it'll be a branch ci-run/pr-1234)
  • Because the PR is created from the internal branch, it is able to access repository secrets (that's why it's crucial to make sure that the PR doesn't contain any malicious code that could expose our secrets or intentionally harm the CI)
  • The label gets removed automatically, so to run CI again with new changes, the label should be added again (after the review)

For details see approved-for-ci-run.yml

How do I add the "pinned" tag to an buildtools image?

We use the pinned tag for Dockerfile.buildtools build images in our CI/CD setup, currently adding the pinned tag is a manual operation.

You can call it from GitHub UI: https://github.com/neondatabase/neon/actions/workflows/update_build_tools_image.yml, or using GitHub CLI:

gh workflow -R neondatabase/neon run update_build_tools_image.yml \
            -f from-tag=6254913013 \
            -f to-tag=pinned \

# Default `-f to-tag` is `pinned`, so the parameter can be omitted.