Releases: microsoft/mu_devops
v3.0.0
What's Changed
⚠️ Breaking Changes
-
.sync/Version.njk: Switch to Project Mu Ubuntu 22 containers @makubacki (#182)
Change Details
Updates the default Linux build container from Fedora 37 to Ubuntu 22.
The container feed switched from
ghcr.io/tianocore/containers
toghcr.io/microsoft/mu_devops
.Note: This is marked as a breaking change because of the distro change
from Fedora to Ubuntu. Commands run inside the container such as those
interacting with the package manager need to be reviewed and updated.
Full Changelog: v2.5.4...v3.0.0
v2.5.4
What's Changed
-
.sync/Files.yml: Sync release drafter to additional repos @makubacki (#181)
Change Details
More repos with `release` branches are moving to versioned releases so the release drafter workflow is synced to them in this change.
New repos:
- microsoft/mu_common_intel_min_platform
- microsoft/mu_oem_sample
- microsoft/mu_plus
- microsoft/mu_silicon_arm_tiano
- microsoft/mu_silicon_intel_tiano
- microsoft/mu_tiano_plus
Full Changelog: v2.5.3...v2.5.4
v2.5.3
What's Changed
-
.sync/Version.njk: Update latest Mu release branch to 202302 @makubacki (#179)
Change Details
Updates the `latest_mu_release_branch` value substituted into sync templates from `release/202208` to `release/202302`.
-
Add a dependabot label and exclude it from release notes @makubacki (#177)
Change Details
The `release-drafter` GitHub action has an `exclude-contributors` configuration option that excludes usernames from the final contributors. This does not appear to work for dependabot.
The
exclude-labels
configuration option does work. This change
adds a new labeltype:dependabot
to dependabot PRs (via the
dependabot config file) and uses theexclude-labels
option in
therelease-drafter
config file to exclude those PRs from release
notes.Submodules are currently updated by either
dependabot
or the
submodule-release-updater
GitHub action local to mu_devops. Since
submodules are recursive to repo consumers and to keep those
consistently in the release notes, thetype:dependabot
label is
not added to dependabot submodule updates keeping those updates in
the release notes.
-
Initial check-in for MU Linux container and pipelines @cfernald (#175)
Change Details
Creates a Ubuntu-22 based image for building Project MU. These changes are largely based on the infrastructure from [tianocore/containers](https://github.com/tianocore/containers).
Sizes:
Build - 2.74 Gb
Test - 3.63 Gb
Dev - 3.63 Gb
-
.sync/dependabot: Ignore additional submodules with versioned releases @makubacki (#176)
Change Details
The following repos recently moved to semantic versioning so they can be updated by their versioned releases now instead of dependabot checking for the latest commit hash.
📖 Documentation Updates
-
Readme.rst: Reorganize and refresh content @makubacki (#180)
Change Details
1. Add a Table of Contents 2. Update Conventions section 3. Add a Containers section 4. Add missing workflow sections 5. Sort workflow sections so they're easier to find in the Table of Contents 6. Other minor miscellaneous updates
Full Changelog: v2.5.2...v2.5.3
v2.5.2
What's Changed
-
.sync/Version.njk: Update Mu repos to Mu DevOps v2.5.1 @makubacki (#170)
Change Details
Changes since last release: https://github.com/microsoft/mu_devops/compare/v2.4.0...v2.5.1
General release info: https://github.com/microsoft/mu_devops/releases
🐛 Bug Fixes
-
.sync/codeql: Use pull\_request trigger type @makubacki (#173)
Change Details
This workflow needs to run against code on the PR merge branch and since it is just building it only needs minimal, read-only token permissions so this change updates the trigger type from `pull_request_target` to `pull_request`.
Full Changelog: v2.5.1...v2.5.2
v2.5.1
What's Changed
-
<Binary/Other>CopyAndPublish.yml: Use bash to parse parameter string @makubacki (#171)
Change Details
Uses bash to parse a parameter string that could be empty since it is more robust and consistent than directly depending on pipeline string interpretation logic.
This treats the following strings as "empty":
- ""
- " "
Full Changelog: v2.5.0...v2.5.1
v2.5.0
What's Changed
-
.sync/Version.njk: Update Linux build container to Fedora 37 3b3eb8f @makubacki (#165)
Change Details
Updates the Fedora 37 build container from f1c7a20 to 3b3eb8f.
Summary of updates:
- Enable GTK on Fedora QEMU
- Install vim and nano
- Set up a user to match the outside user
- Add the user to the sudo/wheel group to allow them to use sudo, and set a password
Signed-off-by: Michael Kubacki [email protected]
🚀 Features & ✨ Enhancements
-
Add Issue Assignment workflow @makubacki (#169)
Change Details
Resolves #166
Adds a new GitHub workflow that runs when an issue is assigned.
While additional behavior can be added in the future, right now the
workflow only removes thestate:needs-owner
label if present.
-
.sync/codeql: Attempt to upload logs in case of success and failures @makubacki (#168)
Change Details
Currently, log artifacts are only uploaded in case of success. This change also uploads logs in case of failures to aid in debugging.
🐛 Bug Fixes
-
Add quotes to git safe.directory in .devcontainer to fix parsing error @cfernald (#167)
Change Details
Currently the git command fails because the * is not parsed correctly in command line without the quote. This resolves this issue.
Full Changelog: v2.4.1...v2.5.0
v2.4.1
What's Changed
-
.sync/submodule-release-update.yml: Add Nunjucks raw text tags @makubacki (#164)
Change Details
Surrounds the GitHub token syntax with raw tags to indicate that the curly braces should not be interpreted as a Nunjucks expression or variable and treated as a literal.
Signed-off-by: Michael Kubacki [email protected]
-
.sync/dependabot: Ignore submodules with versioned releases @makubacki (#163)
Change Details
Submodules with versioned releases will now be updated with the Submodule Release Updater action so there is no need for dependabot to create duplicate PRs for non-release updates of these submodules.
Signed-off-by: Michael Kubacki [email protected]
Full Changelog: v2.4.0...v2.4.1
v2.4.0
What's Changed
-
.sync/dependabot: Disable automatic rebasing @makubacki (#159)
Change Details
Sets the rebase-strategy to "disabled" to prevent automatic rebasing.
This prevents CI resources from building changes that may not actually
be merged for a while (and need to be rebuilt later again).Rebasing can be done manually in the dependabot PR either through
the GitHub UI or the dependabot command or via a push to the
dependabot PR branch.
🚀 Features & ✨ Enhancements
-
Add Submodule Release Updater GitHub Action and Workflow [Rebase \& FF] @makubacki (#161)
Change Details
Adds an action with a leaf workflow to update submodules in a repository to the latest GitHub release available for the submodule.
Changes:
1. .github/actions: Add initial Submodule Release Updater GitHub Action
Adds an action that checks if any submodules in a repository have a
GitHub release available. If so, the submodule is updated to the
latest release and a pull request is made in the repository for
the submodule update.2. .sync/Files.yml: Sync Submodule Release Update workflow
Syncs a new workflow to update submodules to the latest GitHub
release to mu_tiano_platforms.3. .sync/Version.njk: Update Mu repos to Mu DevOps v2.4.0
Updates to v2.4.0 so the GitHub action is available.
Changes since last release:
v2.3.0...v2.4.0General release info: https://github.com/microsoft/mu_devops/releases
Example Pull Requests Created by the Action (on fork):
Signed-off-by: Michael Kubacki [email protected]
Full Changelog: v2.3.3...v2.4.0
v2.3.3
What's Changed
-
.sync/Files.yml: Sync release drafter to mu\_basecore @makubacki (#158)
Change Details
Syncs the following files to mu_basecore to enable the release drafter workflow in that repo.
release-draft.yml
- Leaf workflowrelease-draft-config.yml
- Action config file
Signed-off-by: Michael Kubacki [email protected]
-
.sync/dependabot: Check for submodule updates weekly @makubacki (#157)
Change Details
Reduce frequency of submodule checks from daily to weekly to reduce CI thrash.
Signed-off-by: Michael Kubacki [email protected]
Full Changelog: v2.3.2...v2.3.3
v2.3.2
What's Changed
🐛 Bug Fixes
-
codeql.yml: Remove PIP caching from pkg gathering @makubacki (#156)
Change Details
PIP modules are not pulled down during the initial job in the CodeQL workflow (package gathering) so PIP caching is not needed.
Also works around a setup-python task issue that fails to ignore cache
contents if they do not previously exist and are not populated during the job.Signed-off-by: Michael Kubacki [email protected]
Full Changelog: v2.3.1...v2.3.2