-
Notifications
You must be signed in to change notification settings - Fork 505
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add aws lambda function to send patch cherry pick notification #3627
base: master
Are you sure you want to change the base?
add aws lambda function to send patch cherry pick notification #3627
Conversation
/assign @saschagrunert @xmudrii @puerco |
20c71dc
to
0bc3a98
Compare
0bc3a98
to
3b3ce90
Compare
Signed-off-by: cpanato <[email protected]>
3b3ce90
to
bde7c46
Compare
/hold |
Putting my SIG K8s Infra contributor hat on The AWS account that we are using is part of the Kubernetes AWS organization (or at least it should be) which is managed by SIG K8s Infra. At the moment, SIG K8s Infra don't have very strict rules about how accounts under the organization should be managed, but there are some (more or less stronger) recommendations. Speaking of the infrastructure part, it's recommended that everything related to the infrastructure, especially to the long-term infrastructure, lives in kubernetes/k8s.io repo, even if it's managed by other SIGs. That's because of multiple reasons:
This might be kind of a new thing for SIG K8s Infra too (as in SIGs maintaining their own infrastructure and Terraform configs), so I'm going to cc some of infra folks if they have any stronger opinions: @upodroid @BenTheElder @dims Putting my SIG Release contributor hat on I'm a little bit more towards the infrastructure code living in k/k8s.io for the sake of having all the configs in the single place. For the reference, all the infrastructure code related to pkgs.k8s.io is already living in k/k8s.io and is pretty much completely managed and maintained by us. If we have different pieces of the infrastructure in different places, there's a more significant risk that some parts of the infrastructure gets a little bit neglected. |
thanks, i will split it |
+100 |
Signed-off-by: cpanato <[email protected]>
@xmudrii @dims terraform code moved to k8s.io: kubernetes/k8s.io#6853 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Amazing job @cpanato, thank you for taking care of this!! I left mainly some nits, other than that, this looks great!
f6c56a3
to
1bff424
Compare
+1 to #3627 (comment) Yeah, k8s.io is a clearing house for "how did/do we setup this infra?", the implementation sources for components shouldn't live there but the cloud / infra configuration does and we have strongly delegated ownership to sub-accounts, directories, etc. We hope to have more automation and self service over time and we'll need to be careful to secure it so we want to avoid sprawl. Thanks for splitting this. Also: Thanks for taking a moment to automate away toil and keep the community better informed about deadlines ❤️ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some final nits
{{range .Releases}} | ||
<p> - release-{{ .Release }}: https://github.com/kubernetes/kubernetes/pulls?q=is%3Apr+is%3Aopen+base%3Arelease-{{ .Release }}+label%3Ado-not-merge%2Fcherry-pick-not-approved</p> | ||
{{end}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What I thought is that we often use some queries to search for PRs to merge, such as https://github.com/kubernetes/kubernetes/pulls?q=is%3Apr+is%3Aopen+label%3Algtm+label%3Aapproved+milestone%3Av1.30+label%3Ado-not-merge%2Fcherry-pick-not-approved+-label%3Ado-not-merge%2Fhold+-label%3Ado-not-merge%2Fneeds-kind+-label%3Ado-not-merge%2Frelease-note-label-needed
The URL is a bit longer, but I was thinking if we should put it in the message somewhere. It could be very helpful because folks could use it check if their PR satisfies the criteria, i.e. if their PR will be reviewed. We often have some case where folks think that they did everything, but they actually missed something, and the PR gets missed -- this might help to avoid such cases.
However, this is something we can follow up on, I wouldn't block this PR on this.
Signed-off-by: cpanato <[email protected]>
1bff424
to
b12ab02
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🎉
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cpanato, xmudrii The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@cpanato I'll leave it up to you to remove the hold when ready :) |
/unhold |
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
The Kubernetes project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close |
@k8s-triage-robot: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
/remove-lifecycle rotten |
@cpanato: Reopened this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
What type of PR is this?
/kind feature
What this PR does / why we need it:
We will apply the terraform manually by logging in the aws account we have for sig-release. maybe in the future we can automation with github actions and OIDC federation.
It is in a mock by default to we test the email sending, and then we will need to open a ticket with aws to move the aws ses config to prod then we can send emails to the
[email protected]
(i will do that as a follow up)sample email that will be sent by the automation (note this is valid for the next cycle.
/assign @saschagrunert @xmudrii @puerco
cc @kubernetes/release-managers
Which issue(s) this PR fixes:
Fixes #2174
Special notes for your reviewer:
Does this PR introduce a user-facing change?