From 197fcd7d1c64e78995722108d59212a8dae85e69 Mon Sep 17 00:00:00 2001 From: Luke Engle Date: Tue, 20 Sep 2022 15:01:34 -0700 Subject: [PATCH] Add travis edits --- jenkins/1-configure.md | 1 + travis/1-configure.md | 5 ++++- travis/2-audit.md | 35 ++++++++++++++++++++++++++++++++- travis/3-forecast.md | 2 +- travis/4-dry-run.md | 2 +- travis/5-custom-transformers.md | 6 +++--- travis/6-migrate.md | 1 - 7 files changed, 44 insertions(+), 8 deletions(-) diff --git a/jenkins/1-configure.md b/jenkins/1-configure.md index 35264ca..738e6d5 100644 --- a/jenkins/1-configure.md +++ b/jenkins/1-configure.md @@ -25,6 +25,7 @@ You will need to complete all of the setup instructions [here](./readme.md#confi - In the left panel, click `Developer Settings`. - Click `Personal access tokens` and then `Legacy tokens` (if present). - Click `Generate new token` and then `Generate new legacy token`. You may be required to authenticate with GitHub during this step. + - Name your token in the `Note` field. - Select the following scopes: `workflow` and `read:packages`. - Click `Generate token`. - Copy the generated PAT and save it in a safe location. diff --git a/travis/1-configure.md b/travis/1-configure.md index c0d6dfb..3685491 100644 --- a/travis/1-configure.md +++ b/travis/1-configure.md @@ -12,6 +12,7 @@ You will need to complete all of the setup instructions [here](./readme.md#confi - In the left panel, click `Developer Settings`. - Click `Personal access tokens` and then `Legacy tokens` (if present). - Click `Generate new token` and then `Generate new legacy token`. You may be required to authenticate with GitHub during this step. + - Name your token in the `Note` field. - Select the following scopes: `workflow` and `read:packages`. - Click `Generate token`. - Copy the generated PAT and save it in a safe location. @@ -19,13 +20,15 @@ You will need to complete all of the setup instructions [here](./readme.md#confi 3. Create a Travis CI personal access token (PAT): - Open app.travis-ci.com in a new browser tab. - Click on your profile icon in the top right hand corner to reveal a dropdown menu. + - Click `Settings`. - Click on the `Settings` tab. - - Click on the `COPY TOKEN` button under "API authentication header" and save it in a safe location. + - Click on the `COPY TOKEN` button under the "API authentication" header and save it in a safe location. 2. Run the `configure` CLI command: - Select the `TERMINAL` tab from within the codespace terminal. - Run the following command: `gh valet configure`. - Use the down arrow key to highlight `Travis CI`, press the spacebar to select, and then press enter to continue. + - At the GitHub handle prompt, enter the GitHub username used to generate the GitHub PAT in step 3 and press enter. - At the GitHub Container Registry prompt, enter the GitHub PAT generated in step 2 and press enter. - At the GitHub PAT prompt, enter the GitHub PAT generated in step 2 and press enter. - At the GitHub URL prompt, enter the GitHub instance URL or press enter to accept the default value (`https://github.com`). diff --git a/travis/2-audit.md b/travis/2-audit.md index a7bf042..1c288b0 100644 --- a/travis/2-audit.md +++ b/travis/2-audit.md @@ -15,7 +15,7 @@ The `audit` command operates by performing the following: ## Perform an audit -You will be performing an audit against the **labs-data** Travis CI organization that was created for the purposes of this lab. Your environment was configured to use this organization during the [configure lab](./1-configure.md). The remaining information needed to perform an `audit` is: +You will be performing an audit against the **valet-labs** Travis CI organization that was created for the purposes of this lab. Your environment was configured to use this organization during the [configure lab](./1-configure.md). The remaining information needed to perform an `audit` is: 1. Where do we want to store the result? - **tmp/audit**. This can be any path within the working directory that Valet commands are executed from. @@ -316,6 +316,39 @@ Each pipeline will have a variety of files written that include: - The converted workflow. - Stack traces that can used to troubleshoot a failed pipeline conversion +## Inspect the workflow usage csv file + +1. Open the `tmp/audit/workflow_usage.csv` file in the file explorer. +2. This file contains a comma-separated list of all actions, secrets, and runners that are used by each successfully converted pipeline: + + ```csv + Pipeline,Action,File path + valet-labs/travisci-php-example,actions/checkout@v2,/data/tmp/audit/valet-labs/travisci-php-example.yml + valet-labs/travisci-php-example,shivammathur/setup-php@v2,/data/tmp/audit/valet-labs/travisci-php-example.yml + valet-labs/travisci-php-example,rectalogic/notify-irc@v1,/data/tmp/audit/valet-labs/travisci-php-example.yml + valet-labs/travisci-nodejs-example,actions/checkout@v2,/data/tmp/audit/valet-labs/travisci-nodejs-example.yml + valet-labs/travisci-ruby-example,actions/checkout@v2,/data/tmp/audit/valet-labs/travisci-ruby-example.yml + valet-labs/travisci-ruby-example,ruby/setup-ruby@v1,/data/tmp/audit/valet-labs/travisci-ruby-example.yml + valet-labs/travisci-python-example,actions/checkout@v2,/data/tmp/audit/valet-labs/travisci-python-example.yml + valet-labs/travisci-deploy-example,actions/checkout@v2,/data/tmp/audit/valet-labs/travisci-deploy-example.yml + valet-labs/travisci-deploy-example,desiderati/github-action-pushover@v1,/data/tmp/audit/valet-labs/travisci-deploy-example.yml + + Pipeline,Secret,File path + valet-labs/travisci-deploy-example,${{ secrets.PUSHOVER_USER_KEY }},/data/tmp/audit/valet-labs/travisci-deploy-example.yml + + Pipeline,Runner,File path + ``` + +### Review workflow usage csv file + +#### Actions section + +The actions section contains a list of all actions that are used by each converted pipeline. This will enable you to perform strict security reviews to know exactly which repo will need access to a third-party action. + +#### Secrets and Runners sections + +The secrets and runners sections contain a list of all secrets and runners that are used by each converted pipeline. This will enable you to have a holistic view of what secrets and runners are used across all of your successfully converted pipelines. + ### Next lab [Forecast potential build runner usage](3-forecast.md) diff --git a/travis/3-forecast.md b/travis/3-forecast.md index f62f883..3efeeb8 100644 --- a/travis/3-forecast.md +++ b/travis/3-forecast.md @@ -12,7 +12,7 @@ In this lab you will use the `forecast` command to forecast potential GitHub Act Answer the following questions before running the `forecast` command: 1. What is the date you want to start forecasting from? - - **2022-09-02**. This date is needed as it is prior to when the bulk of builds were trigger in the demo Travis CI organization for these labs. This value defaults to the date one week ago, however, you should use a start date that will show a representative view of typical usage. + - **2022-09-02**. This date is needed as it is prior to when the bulk of builds were triggered in the demo Travis CI organization for these labs. This value defaults to the date one week ago, however, you should use a start date that will show a representative view of typical usage. 2. Where do you want to store the results? - **tmp/forecast** diff --git a/travis/4-dry-run.md b/travis/4-dry-run.md index f30a77f..982e907 100644 --- a/travis/4-dry-run.md +++ b/travis/4-dry-run.md @@ -37,7 +37,7 @@ You will be performing a dry-run against a TravisCI project. Answer the followin ``` 4. View the converted workflow: - - Find `tmp/dry-run` in the file explorer pane in your codespace. + - Find `tmp/dry-run/valet-labs` in the file explorer pane in your codespace. - Click `travisci-ruby-example.yml` to open. ## Inspect the output files diff --git a/travis/5-custom-transformers.md b/travis/5-custom-transformers.md index 6531102..f2b7101 100644 --- a/travis/5-custom-transformers.md +++ b/travis/5-custom-transformers.md @@ -126,7 +126,7 @@ This method can use any valid ruby syntax and should return a `Hash`, or an arra Now you can perform another `dry-run` command and use the `--custom-transformers` CLI option to provide this custom transformer. Run the following command within your codespace terminal: ```bash - gh valet dry-run travis-ci --travis-ci-repository "deploy-example" --output-dir tmp/travis/dry-run --custom-transformers transformers.rb + gh valet dry-run travis-ci --travis-ci-repository "travisci-deploy-example" --output-dir tmp/travis/dry-run --custom-transformers transformers.rb ``` The converted workflow that is generated by the above command will now use the custom logic for the `codedeploy` step. @@ -188,8 +188,8 @@ Finally, you can use custom transformers to dictate which runners converted work 1. What is the label of the runner in Travis to update? - __linux__ -2. What is the label of the runner in Actions to use instead? - - __new-runner__ +2. What is/are the label(s) of the runner(s) in Actions to use instead? + - __new-runner__, __self-hosted__ With these questions answered, you can add the following code to the `transformers.rb` file: diff --git a/travis/6-migrate.md b/travis/6-migrate.md index c701903..f6219b0 100644 --- a/travis/6-migrate.md +++ b/travis/6-migrate.md @@ -7,7 +7,6 @@ In this lab, you will use the `migrate` command to convert a Travis CI pipeline 1. Followed the steps [here](./readme.md#configure-your-codespace) to set up your GitHub Codespaces environment. 2. Completed the [configure lab](./1-configure.md#configuring-credentials). 3. Completed the [dry-run lab](./3-dry-run.md). -4. Completed the [custom transformers lab](./4-custom-transformers.md). ## Performing a migration