Github Support¶
Overview¶
qube uses GitPython and PyGithub to automatically create a repository, add, commit and push all files. Moreover, issue labels, a development and a TEMPLATE branch are created. The TEMPLATE branch is required for Syncing your project to work and should not be touched manually.
Branches¶
Overview¶
git branches can be understood as diverging copies of the main line of development and facilitate parallel development.
To learn more about branches read Branches in a Nutshell of the Pro Git Book.
A simple best practice development workflow follows the pattern that the master
branch always contains the latest released code.
It should only be touched for new releases. Code on the master
branch must compile and be as bug free as possible.
Development takes place on the development
branch. All parallelly developed features eventually make it into this branch.
The development
branch should always compile, but it may contain incomplete features or known bugs.
qube creates a TEMPLATE
branch, which is required for Syncing your project to work and should not be touched manually.
Branch protection rules¶
qube sets several branch protection rules, which enforce a minimum standard of best branch practices.
For more information please read about protected branches.
The following branch protection rules only apply to the master
branch:
Required review for pull requests: A pull request to
master
can only be merged if the code was at least reviewed by one person. If you are developing alone you can merge with your administrator powers.Dismiss stale pull request approvals when new commits are pushed.
Github Actions¶
Overview¶
Modern development tries to merge new features and bug fixes as soon as possible into the development
branch, since big, diverging branches are more likely to lead to merge conflicts.
This practice is known as continuous integration (CI).
Continuous integration is usually complemented with automated tests and continuous delivery (CD).
All of qube’s templates feature Github Actions as main CI/CD service.
Please read the Github Actions Overview for more information.
On specific conditions (usually push events), the Github Actions workflows are triggered and executed.
The developers should ensure that all workflows always pass before merging, since they ensure that the package still builds and all tests are executed successfully.
pr_to_master_from_patch_release_only workflow¶
All templates feature a workflow called pr_to_master_from_patch_release_only.yml
.
This workflow runs everytime a PR to your projects master branch is created. It fails, if the PR to the master
branch
origins from a branch that does not contain PATCH
or release
in its branch name.
If development code is written on a branch called development``and a new release of the project is to be made,
one should create a ``release
branch only for this purpose and then merge it into master
branch.
This ensures that new developments can already be merged into development
, while the release is finally prepared.
The PATCH
branch should be used for required hotfixes
(checked out directly from master
branch) because, in the meantime, there might
multiple developments going on at development
branch and you dont want to interfere with them.
sync_project.yml¶
All templates also feature this workflow. This workflow is used for automatic syncing (if enabled) your project with the latest qube template version.
The workflow is run on push events, although this behavior can be customized if desired.
The workflow calls qube sync
, which first checks whether a new template version is available and if so it submits a pull request.
For more details please visit Syncing your project.
Secrets¶
Github secrets are what their name suggests: Encrypted secret values in a repository or an organisation; once they are set their value can be used for sensible data in a project or an organisation but their raw value can never be seen again even by an administrator (but it can be updated).
qube uses a secret called QUBE_SYNC_TOKEN
for its syncing feature. This secret is automatically created during the repo creation process, if you choose to create a GitHub repo.
The secret contains your encrypted personal access token as its value. Note that this will have no effect on how to login or any other activity in your project.
If you remove the secret or change its value (even with another personal access token of you) the syncing feature will no longer work.
In case you are creating an organisation repository, the secret will also be stored as a repository secret, only usable for your specific project.
See section below in case your Github repository creation failed during the create process.
Error Handling due to failed Github repo creation¶
Errors during the create process due to a failed Github repo creation may occur due to a vast amount of reasons: Some common error sources are:
You have no active internet connection or your firewall protects you against making calls to external APIs.
2. The Github API service or Github itself is unreachable at the moment, which can happen from time to time. In doubt, make sure to check the Github status page.
A repo with the same name already exists in your account/your organisation.
Creation fails, ok: But how can I then access the full features of qube?
You can try to fix the issue (or wait some time on case, for example, when Github is down) and then process to create a Github repostiryo manually.
After this, make sure to create a secret named QUBE_SYNC_TOKEN
with the value of your PAT for your repository. See the Github docs
for more information on how to create a secret.
Issue labels¶
qube’s Github support automatically creates issue labels. Currently the following labels are automatically created: https://en.wikipedia.org/wiki/Continuous_integration 1. dependabot: All templates, which include Dependabot support label all Dependabot pull requests with this label.