v3.0.0

What's Changed

⚠️ Breaking Changes

• .sync/Version.njk: Switch to Project Mu Ubuntu 22 containers @makubacki (#182)
  
  Change Details

    Updates the default Linux build container from Fedora 37 to Ubuntu 22.

  The container feed switched from ghcr.io/tianocore/containers
  to ghcr.io/microsoft/mu_devops.

  Note: This is marked as a breaking change because of the distro change
  from Fedora to Ubuntu. Commands run inside the container such as those
  interacting with the package manager need to be reviewed and updated.
  

  
  

  ---

  
  

Full Changelog: v2.5.4...v3.0.0

v2.5.4

What's Changed

• .sync/Files.yml: Sync release drafter to additional repos @makubacki (#181)
  
  Change Details

    More repos with `release` branches are moving to versioned releases so the release drafter workflow is synced to them in this change.

  New repos:

  • microsoft/mu_common_intel_min_platform
  • microsoft/mu_oem_sample
  • microsoft/mu_plus
  • microsoft/mu_silicon_arm_tiano
  • microsoft/mu_silicon_intel_tiano
  • microsoft/mu_tiano_plus
    

  
  

  ---

Full Changelog: v2.5.3...v2.5.4

v2.5.3

What's Changed

• .sync/Version.njk: Update latest Mu release branch to 202302 @makubacki (#179)
  
  Change Details

    Updates the `latest_mu_release_branch` value substituted into sync templates from `release/202208` to `release/202302`.

  ---

• Add a dependabot label and exclude it from release notes @makubacki (#177)
  
  Change Details

    The `release-drafter` GitHub action has an `exclude-contributors` configuration option that excludes usernames from the final contributors. This does not appear to work for dependabot.

  The exclude-labels configuration option does work. This change
  adds a new label type:dependabot to dependabot PRs (via the
  dependabot config file) and uses the exclude-labels option in
  the release-drafter config file to exclude those PRs from release
  notes.

  Submodules are currently updated by either dependabot or the
  submodule-release-updater GitHub action local to mu_devops. Since
  submodules are recursive to repo consumers and to keep those
  consistently in the release notes, the type:dependabot label is
  not added to dependabot submodule updates keeping those updates in
  the release notes.
  

  
  

  ---

  
  

• Initial check-in for MU Linux container and pipelines @cfernald (#175)
  
  Change Details

    Creates a Ubuntu-22 based image for building Project MU. These changes are largely based on the infrastructure from [tianocore/containers](https://github.com/tianocore/containers).

  Sizes:
  Build - 2.74 Gb
  Test - 3.63 Gb
  Dev - 3.63 Gb
  

  
  

  ---

  
  

• .sync/dependabot: Ignore additional submodules with versioned releases @makubacki (#176)
  
  Change Details

    The following repos recently moved to semantic versioning so they can be updated by their versioned releases now instead of dependabot checking for the latest commit hash.

  • mu_feature_config
  • mu_feature_mm_supv
    

  
  

  ---

📖 Documentation Updates

• Readme.rst: Reorganize and refresh content @makubacki (#180)
  
  Change Details

    1. Add a Table of Contents 2. Update Conventions section 3. Add a Containers section 4. Add missing workflow sections 5. Sort workflow sections so they're easier to find in the Table of Contents 6. Other minor miscellaneous updates

  ---

Full Changelog: v2.5.2...v2.5.3

v2.5.2

What's Changed

• .sync/Version.njk: Update Mu repos to Mu DevOps v2.5.1 @makubacki (#170)
  
  Change Details

    Changes since last release: https://github.com/microsoft/mu_devops/compare/v2.4.0...v2.5.1

  General release info: https://github.com/microsoft/mu_devops/releases
  

  
  

  ---

  
  

🐛 Bug Fixes

• .sync/codeql: Use pull\_request trigger type @makubacki (#173)
  
  Change Details

    This workflow needs to run against code on the PR merge branch and since it is just building it only needs minimal, read-only token permissions so this change updates the trigger type from `pull_request_target` to `pull_request`.

  ---

Full Changelog: v2.5.1...v2.5.2

v2.5.1

What's Changed

• <Binary/Other>CopyAndPublish.yml: Use bash to parse parameter string @makubacki (#171)
  
  Change Details

    Uses bash to parse a parameter string that could be empty since it is more robust and consistent than directly depending on pipeline string interpretation logic.

  This treats the following strings as "empty":

  • ""
  • " "
    

  
  

  ---

Full Changelog: v2.5.0...v2.5.1

v2.5.0

What's Changed

• .sync/Version.njk: Update Linux build container to Fedora 37 3b3eb8f @makubacki (#165)
  
  Change Details

    Updates the Fedora 37 build container from f1c7a20 to 3b3eb8f.

  • Fedora 37 image contents
  • 3b3eb8f

  Summary of updates:

  • Enable GTK on Fedora QEMU
  • Install vim and nano
  • Set up a user to match the outside user
  • Add the user to the sudo/wheel group to allow them to use sudo, and set a password

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

🚀 Features & ✨ Enhancements

• Add Issue Assignment workflow @makubacki (#169)
  
  Change Details

    Resolves #166

  Adds a new GitHub workflow that runs when an issue is assigned.

  While additional behavior can be added in the future, right now the
  workflow only removes the state:needs-owner label if present.
  

  
  

  ---

  
  

• .sync/codeql: Attempt to upload logs in case of success and failures @makubacki (#168)
  
  Change Details

    Currently, log artifacts are only uploaded in case of success. This change also uploads logs in case of failures to aid in debugging.

  ---

🐛 Bug Fixes

• Add quotes to git safe.directory in .devcontainer to fix parsing error @cfernald (#167)
  
  Change Details

    Currently the git command fails because the * is not parsed correctly in command line without the quote. This resolves this issue.

  ---

Full Changelog: v2.4.1...v2.5.0

v2.4.1

What's Changed

• .sync/submodule-release-update.yml: Add Nunjucks raw text tags @makubacki (#164)
  
  Change Details

    Surrounds the GitHub token syntax with raw tags to indicate that the curly braces should not be interpreted as a Nunjucks expression or variable and treated as a literal.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

• .sync/dependabot: Ignore submodules with versioned releases @makubacki (#163)
  
  Change Details

    Submodules with versioned releases will now be updated with the Submodule Release Updater action so there is no need for dependabot to create duplicate PRs for non-release updates of these submodules.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v2.4.0...v2.4.1

v2.4.0

What's Changed

• .sync/dependabot: Disable automatic rebasing @makubacki (#159)
  
  Change Details

    Sets the rebase-strategy to "disabled" to prevent automatic rebasing.

  This prevents CI resources from building changes that may not actually
  be merged for a while (and need to be rebuilt later again).

  Rebasing can be done manually in the dependabot PR either through
  the GitHub UI or the dependabot command or via a push to the
  dependabot PR branch.
  

  
  

  ---

  
  

🚀 Features & ✨ Enhancements

• Add Submodule Release Updater GitHub Action and Workflow [Rebase \& FF] @makubacki (#161)
  
  Change Details

    Adds an action with a leaf workflow to update submodules in a repository to the latest GitHub release available for the submodule.

  Changes:

  1. .github/actions: Add initial Submodule Release Updater GitHub Action

  Adds an action that checks if any submodules in a repository have a
  GitHub release available. If so, the submodule is updated to the
  latest release and a pull request is made in the repository for
  the submodule update.

  2. .sync/Files.yml: Sync Submodule Release Update workflow

  Syncs a new workflow to update submodules to the latest GitHub
  release to mu_tiano_platforms.

  3. .sync/Version.njk: Update Mu repos to Mu DevOps v2.4.0

  Updates to v2.4.0 so the GitHub action is available.

  Changes since last release:
  v2.3.0...v2.4.0

  General release info: https://github.com/microsoft/mu_devops/releases

  ---

  • Example Action Run on Fork

  Example Pull Requests Created by the Action (on fork):

  • Bump MU_BASECORE from 2022080001.1.0 to 2022080001.2.1
  • Bump Features/DFCI from 2.0.2 to 2.3.1

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v2.3.3...v2.4.0

v2.3.3

What's Changed

• .sync/Files.yml: Sync release drafter to mu\_basecore @makubacki (#158)
  
  Change Details

    Syncs the following files to mu_basecore to enable the release drafter workflow in that repo.

  • release-draft.yml - Leaf workflow
  • release-draft-config.yml - Action config file

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

• .sync/dependabot: Check for submodule updates weekly @makubacki (#157)
  
  Change Details

    Reduce frequency of submodule checks from daily to weekly to reduce CI thrash.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v2.3.2...v2.3.3

v2.3.2

What's Changed

🐛 Bug Fixes

• codeql.yml: Remove PIP caching from pkg gathering @makubacki (#156)
  
  Change Details

    PIP modules are not pulled down during the initial job in the CodeQL workflow (package gathering) so PIP caching is not needed.

  Also works around a setup-python task issue that fails to ignore cache
  contents if they do not previously exist and are not populated during the job.

  Signed-off-by: Michael Kubacki [email protected]
  

  
  

  ---

  
  

Full Changelog: v2.3.1...v2.3.2