Add note about GitHub Actions app_id

[ppkarwasz]

Most repositories use at least the "GitHub Actions" GitHub App.

The app_id of "GitHub Actions" is 15368 and that value seems to work in logging-log4j2. Since from a user perspective, it's hard to find out the identifier of a GitHub App, it would be probably useful to list all the ids of applications installed at the apache organization level.

[netomi]

imho, you should only specify the app slug, the app id should be retrieved via the API.

[ppkarwasz]

Where can I specify the app slug? On my personal repo the REST API for branch protection returns something like this:

{
  "required_status_checks": {
    "contexts": [
      "build",
      "build / build (ubuntu-latest)",
      "codecov/project",
      "CodeQL"
    ],
    "checks": [
      {
        "context": "build",
        "app_id": 15368
      },
      {
        "context": "build / build (ubuntu-latest)",
        "app_id": 15368
      },
      {
        "context": "codecov/project",
        "app_id": 254
      },
      {
        "context": "CodeQL",
        "app_id": 57789
      }
    ]
  }
}

My guess is that these are the values I would need to add to .asf.yaml.

[netomi]

so the default app_id is set to -1 which allows any app to set the status.
That is also what is used by most of the other projects, see: https://github.com/search?q=org%3Aapache+context+language%3Ayaml+path%3A.asf.yaml&type=code

[netomi]

so when using status checks from workflows, I would leave the app_id set to its default which is -1 imho

[netomi]

also you current .asf.yaml for logging-log4j2 does not work as there are no required status checks marked for open PR.

The used status check is wrong imho, I can test with a fork to get it right.

[ppkarwasz]

also you current .asf.yaml for logging-log4j2 does not work as there are no required status checks marked for open PR.

The used status check is wrong imho, I can test with a fork to get it right.

I removed branch protection from 2.x (via gitbox.apache.org), since I had the wrong context names and no PR could be merged. I am experimenting on main (which is not the default branch, so even if I screw up, I can make a push to 2.x and fix it).

[netomi]

ah ok let me test on the fork anyways to see if the settings are correct

[netomi]

so the status check for build is ok, however, I would really remove the app_id, also when you add a status check via the Web UI, you actually do not have a choice to select the app, and any is used as default for status checks coming from workflows.

btw. you codeql workflow build the project but does not skip tests as specified here:

https://github.com/apache/logging-parent/blob/main/.github/workflows/codeql-analysis-reusable.yaml#L63

so that setting seems to be wrong.

[netomi]

the check for CodeQL works but is kind of weird, I would use the check on the workflow that runs codeql itself, but thats up to you.

[ppkarwasz]

Superseded by #67