Skip to content

introduce QA pipeline for protobuf schemas #385

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 28 commits into from
Mar 2, 2024
Merged

introduce QA pipeline for protobuf schemas #385

merged 28 commits into from
Mar 2, 2024

Conversation

jkowalleck
Copy link
Member

@jkowalleck jkowalleck commented Feb 22, 2024
edited
Loading

current protobuf schema files are not perfect.

this PR aims to prevent mistakes in the future, while acknowledging issues from the past.

fixes #384

status

  • introduce protobuf QA tools and configure them to our needs
  • baseline existing protobuf QA violations - as acknowledgement
  • introduce the protobuf QA tools in automated pipeline
  • introduce tools that detect and prevent breaking changes (BCD) in protobuf
  • introduce the protobuf BCD tools in automated pipeline
  • have our own protobuf test files checked against the schemas

followup

@jkowalleck jkowalleck added this to the 1.6 milestone Feb 22, 2024
@jkowalleck jkowalleck linked an issue Feb 22, 2024 that may be closed by this pull request
chore: add linter for protobuf schema files #384
Closed
@jkowalleck jkowalleck mentioned this pull request Feb 23, 2024
Closed
@jkowalleck jkowalleck requested a review from nscuro February 24, 2024 13:45
@jkowalleck
Copy link
Member Author

The schema linting and breaking-changes detection is in place.

@nscuro, could you do a review?

@jkowalleck jkowalleck added the chore: QA A chore related to Quality Assurance label Feb 24, 2024
nscuro
nscuro approved these changes Feb 26, 2024
View reviewed changes
Copy link
Member

@nscuro nscuro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very well done!

@jkowalleck
wip
e876a17 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
8b0d07e 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
finished protobuf lint config
b67cb78 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
docs
f9b68b0 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
docs
38d75fb 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
docs
87a3fab 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
docs
f34a21f 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
CT
fd036a2 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
dependabot for docker
17796aa 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
f733770 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
62f214e 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
9ad0ebe 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
b57036c 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
13faf7d 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
975dfe1 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
6a7c6e0 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
ba3fa7c 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
9117fea 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
7d2ffc3 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
441fd9e 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
7c15cf9 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
878162c 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
tidy
8dbfee7 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
8db0967 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
405fd3e 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
wip
2c04989 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
fix protobuf examples
a67922a 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck
cleanup
97abbe7 
Signed-off-by: Jan Kowalleck <[email protected]>
@jkowalleck jkowalleck mentioned this pull request Feb 28, 2024
Merged
@jkowalleck jkowalleck marked this pull request as ready for review February 28, 2024 13:32
@jkowalleck jkowalleck requested a review from a team as a code owner February 28, 2024 13:32
@jkowalleck jkowalleck changed the title [WIP] introduce QA pipeline for protobuf schemas introduce QA pipeline for protobuf schemas Feb 28, 2024
@jkowalleck jkowalleck mentioned this pull request Feb 28, 2024
Open
@jkowalleck
Copy link
Member Author

jkowalleck commented Feb 28, 2024
edited
Loading

this is how a positive run report looks like : https://github.com/CycloneDX/specification/actions/runs/8081208041/job/22079240901

this is how a negative PR/run would look like: #388

This was referenced Feb 28, 2024
Closed
Closed
@jkowalleck jkowalleck added the test-data related to test-resources and -data label Feb 28, 2024
@jkowalleck jkowalleck merged commit e20f63a into CycloneDX:1.6-dev Mar 2, 2024
This was referenced Mar 2, 2024
Open
Closed
stevespringett added a commit that referenced this pull request Apr 9, 2024
@stevespringett
[WIP] v1.6 (#323)
c5032b8 
## Added

* Core enhancement: Attestation
([#192](#192) via
[#348](#348))
* Core enhancement: Cryptography Bill of Materials — CBOM
([#171](#171),
[#291](#291) via
[#347](#347))
* Feature to express the URL to source distribution
([#98](#98) via
[#269](#269))
* Feature to express the URL to RFC 9116 compliant documents
([#380](#380) via
[#381](#381))
* Feature to express tags/keywords for services and components (via
[#383](#383))
* Feature to express details for component authors
([#335](#335) via
[#379](#379))
* Feature to express details for component and BOM manufacturer
([#346](#346) via
[#379](#379))
* Feature to express communicate concluded values from observed
evidences ([#411](#411)
via [#412](#412))
* Features to express license acknowledgement
([#407](#407) via
[#408](#408))
* Feature to express environmental consideration information for model
cards ([#396](#396) via
[#395](#395))
* Feature to express the address of organizational entities (via
[#395](#395))
* Feature to express additional component identifiers: Universal Bill Of
Receipts Identifier and Software Heritage persistent IDs
([#413](#413) via
[#414](#414))

## Fixed

* Allow multiple evidence identities by XML/JSON schema
([#272](#272) via
[#359](#359))
  This was already correct via ProtoBuff schema.
* Prevent empty `license` entities by XML schema
([#288](#288) via
[#292](#292))
  This was already correct in JSON/ProtoBuff schema.
* Prevent empty or malformed `property` entities by JSON schema
([#371](#371) via
[#375](#375))
  This was already correct in XML/ProtoBuff schema.
* Allow multiple `licenses` in `Metadata` by ProtoBuff schema
([#264](#264) via
[#401](#401))
  This was already correct in XML/JSON schema.

## Changed

* Allow arbitrary `$schema` values by JSON schema
([#402](#402) via
[#403](#403))
* Increased max length of `versionRange` (via
[`3e01ce6`](3e01ce6))
* Harmonized length of `version` (via
[#417](#417))

## Deprecated

* Data model "Component"'s field `author` was deprecated. (via
[#379](#379))
  Use field `authors` or field `manufacturer` instead.
* Data model "Metadata"'s field `manufacture` was deprecated.
([#346](#346) via
[#379](#379))
  Use "Metadata"'s field `component`'s field `manufacturer` instead. 
  - for XML: `/bom/metadata/component/manufacturer`
  - for JSON: `$.metadata.component.manufacturer`
  - for ProtoBuf: `Bom:metadata.component.manufacturer`

## Documentation

* Centralize version and version-range (via
[#322](#322))
* Streamlined SPDX expression related descriptions (via
[#327](#327))
* Enhanced descriptions of `bom-ref`/`refType`
([#336](#336) via
[#344](#344))
* Enhanced readability of enum documentation in JSON schema
([#361](#361) via
[#362](#362))
* Fixed typo "compliment" -> "complement" (via
[#369](#369))
* Added documentation for enum "ComponentScope"'s values in JSON schema
([#293](#293) via
[`d92e58e`](d92e58e))
  Texts were a taken from the existing ones in XML/ProtoBuff schema.
* Added documentation for enum "TaskType"'s values
([#245](#245) via
[#377](#377))
* Improve documentation for data model "Metadata"'s field `licenses`
([#273](#273) via
[#378](#378))
* Added documentation for enum "MachineLearningApproachType"'s values
([#351](#351) via
[#416](#416))
* Rephrased some texts here and there.

## Test data

* Added test data for newly added use cases
* Added quality assurance for our ProtoBuf schemas
([#384](#384) via
[#385](#385))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@nscuro nscuro nscuro approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

chore: QA A chore related to Quality Assurance format: ProtoBuf ready for review test-data related to test-resources and -data

Projects

None yet

Milestone

1.6

Development

Successfully merging this pull request may close these issues.

chore: add linter for protobuf schema files

2 participants

@jkowalleck @nscuro