Skip to content

Commit 4684f8c

Browse files
committed
Revert "Merge branch '3.0' into fasttrack/3.0"
This reverts commit 61eaa8e, reversing changes made to 23018a8.
1 parent d905b7e commit 4684f8c

41 files changed

Lines changed: 167 additions & 273 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,25 @@
11
# Stub workflow — A copy of this workflow must live on the default branch (3.0) so that the
22
# pull_request_target event can trigger it with access to GITHUB_TOKEN (pull-requests: write).
3-
# It delegates all real work to the reusable template on 4.0.
3+
# It delegates all real work to the reusable template on tomls/base/main.
44
#
55
# This two-stage design lets fork PRs trigger the check safely: the stub runs in the
66
# context of the default branch (with write token), but the reusable workflow checks out
77
# the PR's data files (TOML configs, specs) into a separate directory — never mixing
88
# untrusted code with execution context.
99
#
1010
# The stub must exist on the default branch because pull_request_target always runs
11-
# workflows from there. The reusable workflow on 4.0 has the actual scripts,
11+
# workflows from there. The reusable workflow on tomls/base/main has the actual scripts,
1212
# container setup, and rendering logic.
1313
name: Check Rendered Specs
1414

1515
# pull_request_target gives us a GITHUB_TOKEN with pull-requests: write even for fork PRs.
1616
# The stub itself runs NO code from the PR — it only delegates to a trusted reusable
17-
# workflow pinned to 4.0, which checks out PR data (not code) into an
17+
# workflow pinned to tomls/base/main, which checks out PR data (not code) into an
1818
# isolated subdirectory.
1919
on: # zizmor: ignore[dangerous-triggers]
2020
pull_request_target:
2121
branches:
22-
- "4.0"
22+
- tomls/base/main
2323

2424
permissions: {}
2525

@@ -32,13 +32,12 @@ jobs:
3232
# Prevent forks from running a stale/vulnerable copy of this stub with Actions enabled
3333
if: github.repository == 'microsoft/azurelinux'
3434
# Intentionally branch-pinned so the reusable workflow picks up updates automatically.
35-
uses: microsoft/azurelinux/.github/workflows/check-rendered-specs.yml@4.0 # zizmor: ignore[unpinned-uses]
35+
uses: microsoft/azurelinux/.github/workflows/check-rendered-specs.yml@tomls/base/main # zizmor: ignore[unpinned-uses]
3636
permissions:
3737
contents: read
3838
pull-requests: write # Post/update/delete drift comments on PRs
3939
with:
4040
pr-head-sha: ${{ github.event.pull_request.head.sha }}
4141
pr-head-repo: ${{ github.event.pull_request.head.repo.full_name }}
42-
pr-base-sha: ${{ github.event.pull_request.base.sha }}
4342
pr-number: ${{ github.event.pull_request.number }}
4443
repo: ${{ github.repository }}

.github/workflows/spec-review-stub.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Stub workflow — A copy of this workflow must live on the default branch (3.0) so that the pull_request_target
22
# event can trigger it with access to secrets. It then delegates all real work to the reusable template on
3-
# 4.0, which has the scripts, prompts, and agent definitions.
3+
# tomls/base/main, which has the scripts, prompts, and agent definitions.
44
#
55
# This two-stage design lets fork PRs trigger the review safely: the stub runs in the
66
# context of the default branch (with secret access), but the template checks out only
@@ -14,17 +14,17 @@ name: Spec Review
1414

1515
# pull_request_target is required here: we need secret access (COPILOT_TOKEN) to run the
1616
# spec review agent on fork PRs. The stub itself runs NO code from the PR — it only
17-
# delegates to a trusted reusable workflow pinned to 4.0, which sparse-checks
17+
# delegates to a trusted reusable workflow pinned to tomls/base/main, which sparse-checks
1818
# out only .spec data files (never executable code) from the PR head.
1919
on: # zizmor: ignore[dangerous-triggers]
2020
pull_request_target:
2121
# Only trigger on PRs targeting the toml base branch which modify .spec files. We do
2222
# not want to affect PRs targeting other branches.
2323

2424
branches:
25-
- "4.0"
25+
- tomls/base/main
2626
paths:
27-
- "**/*.spec"
27+
- '**/*.spec'
2828

2929
permissions: {}
3030

@@ -38,7 +38,7 @@ jobs:
3838
if: github.repository == 'microsoft/azurelinux'
3939
# Intentionally branch-pinned to our own repo so the
4040
# reusable workflow picks up prompt/script/agent updates automatically.
41-
uses: microsoft/azurelinux/.github/workflows/spec-review.yml@4.0 # zizmor: ignore[unpinned-uses]
41+
uses: microsoft/azurelinux/.github/workflows/spec-review.yml@tomls/base/main # zizmor: ignore[unpinned-uses]
4242
permissions:
4343
contents: read
4444
pull-requests: write # Post review comments and inline annotations on PRs
@@ -47,6 +47,6 @@ jobs:
4747
pr-head-repo: ${{ github.event.pull_request.head.repo.full_name }}
4848
pr-number: ${{ github.event.pull_request.number }}
4949
repo: ${{ github.repository }}
50-
scripts-ref: 4.0
50+
scripts-ref: tomls/base/main
5151
secrets:
5252
COPILOT_TOKEN: ${{ secrets.COPILOT_TOKEN }}

CONTRIBUTING.md

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ We welcome documentation improvements. See [toolkit/docs](toolkit/docs) for the
9595

9696
## Pull Request Guidelines
9797

98-
Please direct pull requests to the desired development branch. Development changes to `3.0` should target `3.0-dev`. `2.0` and `1.0` are deprecated and should not be used.
98+
Please direct pull requests to the desired development branch. Development changes to `3.0` should target `3.0-dev`. Development changes to `2.0` should target `main`. `1.0` is deprecated and should not be used.
9999

100100
### Branch structure
101101

@@ -108,6 +108,13 @@ An overview of how the branches are structured can be seen below
108108
|3.0-preview |Tag |No |No | Publishing in progress
109109
|3.0-stable |Tag |No |Yes | Last published release
110110

111+
| Git Ref | Branch / Tag | For PRs | Published | Notes
112+
|:-------------|:-------------|:--------|:----------|:------------
113+
|main |Branch |Yes |No | **Primary development branch**
114+
|2.0 |Branch |No |Yes - eventually | Staging branch for publishing
115+
|2.0-preview |Tag |No |No | Publishing in progress
116+
|2.0-stable |Tag |No |Yes | Last published release
117+
111118
### PR Titles
112119

113120
PR titles should start with an action
@@ -127,7 +134,7 @@ Please avoid titles such as
127134
```bash
128135
- package: <whatever you did to the package>
129136
- CVE-XXXX-YYYY (leaving off what package was patched or upgraded)
130-
- [3.0] (prefixing with branch or other information)
137+
- [2.0] (prefixing with branch or other information)
131138
```
132139

133140
### PR Checklist

README-3.0.md

Lines changed: 0 additions & 55 deletions
This file was deleted.

0 commit comments

Comments
 (0)