docs: Add responsibles label to ocmcli component descriptor #1233
Conversation
The responsibles label is used to automatically assign detected compliance issues to the responsible GitHub team. If no such responsibles are configured, GitHub repository statistics will be heuristically examined to determine the respective responsibles, however, these statistics are not properly created for this repository.
github-actions
bot
added
component/ocm-cli
Mend Scan Summary: ❌Repository: open-component-model/ocm
|
8R0WNI3
changed the title
|
|
||
|
|
||
| labels: | ||
| - name: cloud.gardener.cnudie/responsibles |
There was a problem hiding this comment.
Since this label is opinionated, I am not sure if we should really accept this. if at all it should be ocm.software/responsibles. WDYT?
There was a problem hiding this comment.
seems to be related to naming conventions discussions for "standard" labels that we expect to be used with OCM we had in the past, but never productively continued / finished :-)
The OCM spec differentiates between labels with a specific meaning inside of OCM and others, vendor specific ones (see here. cloud.gardener.cnudie/responsible would fall in "vendor-specific", but is very "standard" as many teams will have a need for them.
Therefore I support Jacob's proposal and start having a set of "standard" labels in the ocm.software namespace that we offer and use in our examples and OCM owned components.
There was a problem hiding this comment.
I agree it will likely be a good idea to have a registry of "wellknown" labels (I started an internal one here). I also agree we should eventually drop cnudie.
Considering, however, that we might see similar cases in the future, how about adding an aliases-attr to labels? Also, I would very much appreciate it so see a registry of well-known labels at this github-organisation (those might be a good fit as additional language-bindings - ours (note that the package(-name) did not age well / is subject to being refactored).
There was a problem hiding this comment.
Considering that we do not want to change the specification in any way until v3 this would have to wait until a new schema version is present.
Regarding well-known labels, we are open to contributions on the specification with an extension.
as per https://github.com/open-component-model/ocm-spec/blob/main/doc/01-model/03-elements-sub.md#labels
Label types are covered by the OCM extension concept, so you can also find information [here](https://github.com/open-component-model/ocm-spec/blob/main/doc/01-model/07-extensions.md#label-types).
we currently have as available as types
- labels with a predefined meaning within the component model
- vendor specific labels
I am happy to introduce well known lables as a schema extension, e.g. here: https://github.com/open-component-model/ocm-spec/tree/main/doc/04-extensions
What this PR does / why we need it
The responsibles label is used to automatically assign detected compliance issues to the responsible GitHub team. If no such responsibles are configured, GitHub repository statistics will be heuristically examined to determine the respective responsibles, however, these statistics are not properly created for this repository.
Which issue(s) this PR fixes