Overview

We need an ADR template for the org. This template should live in this repo as a reference.

Challenge

Since ADRs live in the codebase, we can't utilize things like issue templates unfortunately. We should find a solution that avoids duplicating the template in all the necessary repositories and also we could try and avoid manual copy pasting.

There is a potential solution with the use of symbolic links or git submodules, were the template is accessible from all the repos. But I can imagine that getting broken by accident pretty easily.

A simple solution would be to utilize a Makefile command and download a copy of the template.

$ make adr 001 this is my adr title
# /docs/adr/adr-001-this-is-my-adr-title.md created!

Context

https://github.com/celestiaorg/celestia-app/actions/runs/6707478639/job/18226474489#step:6:598

Problem

docker-security-build pushed a Docker image with a hash that doesn't match the most recent commit on that PR. The image tag contains 50d0f77 but the commit is celestiaorg/celestia-app@6aa2f88.

This is a personal opinion, please feel free to ignore or close if we don't can't come to social consensus on this.

The title PULL REQUEST seems redundant given that each pull request is in its own pull request tab. If we want people to pick their own title, perhaps we should change it to something that indicates that, such as TITLE

Problem

In the celestia-app repo, the markdown-link-check frequently fails. Example: https://github.com/celestiaorg/celestia-app/actions/runs/5508291530/jobs/10041018847?pr=2056#step:4:752

Since the markdown-lint action currently performs both markdownlint and markdown-link-check, celestia-app doesn't enforce markdown-lint as a required check on PRs (because we don't want the flaky markdown-link-check to block PRs).

Proposal

Split markdownlint and markdown-link-check into two separate actions. Make the former required on celestia-app. Make the latter optional.

Context

Apart from that - we can consider moving to this style in the future
https://docs.github.com/en/actions/creating-actions/creating-a-javascript-action

Originally posted by @Bidon15 in #36 (review)

Overview

There are a number of manual tasks being performed by the team that can and should be automated. These include:

• Adding labels
• Adding Assignees
• Adding reviewers
• Adding to projects

Help Actions

• Labels, see celestiaorg/celestia-node#1259
• PR Template task checker https://github.com/marketplace/actions/task-completed-checker
• Add to projects https://github.com/marketplace/actions/add-to-github-projects
• Custom review assignees https://github.com/marketplace/actions/auto-request-review

I'm proposing that we not force soft tabs by disabling the MD010 rule in the markdown linter https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#md010

Create PR template

Look at actions like this one https://github.com/marketplace/actions/task-completed-checker
to help enforce the checklist

https://github.com/rollkit/.github/pull/1/files#r1105872228

The scope of this security policy applies to the code repositories under the @celestiaorg and any related infrastructure.

Pending resolution on slack discussion about the use of things like [blocking] [non-blocking]

List of issues

• #44
• #59

Not a list #39

REF: https://github.com/FuelLabs/sway/blob/09ba6c653bc883b3968bc80ffff92e7b2194b5a8/.github/workflows/ci.yml#L409-L438

• task
• task
• [ ]

Context

celestia-app just upgraded to v0.3.1 of this repo.

Problem

CI fails for docker-build to DockerHub and Scaleway with:

Error: Username and password required

Link: https://github.com/celestiaorg/celestia-app/actions/runs/7789514729/job/21241591600?pr=3071#step:3:11

Proposal

Skip this task if the workflow is expected to fail. I think it's expected to fail for PRs created from forks cc: @MSevey

    A follow up will be to pull in pieces from the `CONTRIBUTING.md` file that is reference in the onboarding docs (currently the core repo's fork of tendermint `CONTRIBUTING.md`)

https://github.com/celestiaorg/celestia-core/blob/master-deprecated/CONTRIBUTING.md

Originally posted by @MSevey in #1 (comment)

The PR auto assignment workflow breaks on forks.

Run necojackarc/[email protected]
  with:
    config: .github/auto_request_review.yml
Fetching configuration file from the source branch
Error: Error: Parameter token or opts.auth is required

I believe it is an issue with scope due to the PAT being a celestia org level secret. PAT ref: https://github.com/marketplace/actions/auto-request-review#optional-github-personal-access-token

I created a bug report on the workflow repo itself here: necojackarc/auto-request-review#83

• Bug Report
• Feature Request
• ADR

If a repo has sufficient CI, we should be able to safely auto merge dependabot PRs.

Some helpful references for how other projects have done it:

- https://github.com/SkynetLabs/.github/blob/master/.github/actions/dependabot-approve-and-merge/action.yml
- https://github.com/SkynetLabs/skynet-js/blob/master/.github/.kodiak.toml

Context

celestia-app has a verify-signature.sh script that is used with Goreleaser created artifacts (checksums.txt, checksums.txt.sig).

Proposal

1. Create a new PGP key for [email protected]
2. Copy the PGP public key in .asc format into this repo
3. Copy a variation of that script into this repo

So that other repos in celestiaorg can use the same script / signing key