-
Notifications
You must be signed in to change notification settings - Fork 119
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into dependabot/github_actions/actions/upload-a…
…rtifact-4.4.3
- Loading branch information
Showing
157 changed files
with
1,426 additions
and
525 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,7 +8,7 @@ on: | |
| branches: | ||
| - '*' | ||
|
|
||
| permissions: # limit the permissions of the GITHIUB_TOKEN to reading repository contents | ||
| permissions: # limit the permissions of the GITHUB_TOKEN to reading repository contents | ||
| contents: read | ||
|
|
||
| jobs: | ||
|
|
@@ -27,6 +27,7 @@ jobs: | |
| - uses: gradle/wrapper-validation-action@v3 | ||
| - uses: actions/setup-java@v4 | ||
| with: | ||
| distribution: 'adopt' | ||
| java-version: 15 | ||
| - uses: actions/cache@v4 | ||
| with: | ||
|
|
@@ -35,10 +36,11 @@ jobs: | |
| restore-keys: | | ||
| ${{ runner.os }}-2-gradle- | ||
| - name: Setup Gradle | ||
| uses: gradle/actions/setup-gradle@v4 | ||
|
|
||
| - name: Gradle clean build | ||
| uses: gradle/[email protected] | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| HEAD_REF: ${{ github.head_ref }} | ||
| with: | ||
| arguments: "clean build" | ||
| run: ./gradlew clean build | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -12,7 +12,7 @@ on: | |
| tags: v* | ||
|
|
||
| # TODO: update workflow permissions to least privilege after auditing all the APIs used | ||
| # permissions: # limit the permissions of the GITHIUB_TOKEN to reading repository contents | ||
| # permissions: # limit the permissions of the GITHUB_TOKEN to reading repository contents | ||
| # contents: read | ||
|
|
||
| jobs: | ||
|
|
@@ -59,61 +59,62 @@ jobs: | |
| echo "$GITHUB_SHA" > ./test_runner/src/main/resources/revision.txt | ||
| echo "$RELEASE_TAG" > ./test_runner/src/main/resources/version.txt | ||
| - name: Setup Gradle | ||
| uses: gradle/actions/setup-gradle@v4 | ||
|
|
||
| - name: Gradle Build Flank | ||
| uses: gradle/[email protected] | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| HEAD_REF: ${{ github.head_ref }} | ||
| with: | ||
| arguments: "clean test_runner:build test_runner:shadowJar" | ||
| run: ./gradlew clean test_runner:build test_runner:shadowJar | ||
|
|
||
| - name: Delete old release | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: | | ||
| gh --version | ||
| flankScripts github delete_release --git-tag=$RELEASE_TAG | ||
| - name: Delete old tag | ||
| if: ${{ env.RELEASE_TAG == 'flank-snapshot' }} | ||
| run: flankScripts github delete_old_tag --git-tag=$RELEASE_TAG --username=$GITHUB_ACTOR --token=${{ secrets.GITHUB_TOKEN }} | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: flankScripts github delete_old_tag --git-tag=$RELEASE_TAG --username=$GITHUB_ACTOR --token="$GH_TOKEN" | ||
|
|
||
| - name: Release snapshot | ||
| if: ${{ env.RELEASE_TAG == 'flank-snapshot' }} | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: flankScripts github make_release --input-file=./test_runner/build/libs/flank.jar --git-tag=$RELEASE_TAG --commit-hash=$GITHUB_SHA --snapshot | ||
|
|
||
| - name: Release stable | ||
| if: startsWith(github.ref, 'refs/tags/v') | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: flankScripts github make_release --input-file=./test_runner/build/libs/flank.jar --git-tag=$RELEASE_TAG --token=${{ secrets.GITHUB_TOKEN }} | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: flankScripts github make_release --input-file=./test_runner/build/libs/flank.jar --git-tag=$RELEASE_TAG --token="$GH_TOKEN" | ||
|
|
||
| - name: Append checksum to release | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: | | ||
| sha256sum ./test_runner/build/libs/flank.jar > flank.sha256 | ||
| gh release upload $RELEASE_TAG flank.sha256 | ||
| - name: Gradle Upload to MavenCentral | ||
| uses: gradle/[email protected] | ||
| env: | ||
| PGP_SIGNING_KEY: ${{ secrets.PGP_SIGNING_KEY }} | ||
| with: | ||
| arguments: :test_runner:publishMavenJavaPublicationToMavenCentralRepository -PMVN_CENTRAL_USER=${{ secrets.MVN_CENTRAL_USER }} -PMVN_CENTRAL_PASSWORD=${{ secrets.MVN_CENTRAL_PASSWORD }} | ||
| MVN_CENTRAL_USER: ${{ secrets.MVN_CENTRAL_USER }} | ||
| PMVN_CENTRAL_PASSWORD: ${{ secrets.MVN_CENTRAL_PASSWORD }} | ||
| run: ./gradlew :test_runner:publishMavenJavaPublicationToMavenCentralRepository -PMVN_CENTRAL_USER="$MVN_CENTRAL_USER" -PMVN_CENTRAL_PASSWORD="$MVN_CENTRAL_PASSWORD" | ||
|
|
||
| - name: Gradle close staging on MavenCentral | ||
| uses: gradle/[email protected] | ||
| if: startsWith(github.ref, 'refs/tags/v') | ||
| with: | ||
| arguments: closeAndReleaseRepository -PMVN_CENTRAL_USER=${{ secrets.MVN_CENTRAL_USER }} -PMVN_CENTRAL_PASSWORD=${{ secrets.MVN_CENTRAL_PASSWORD }} | ||
| env: | ||
| MVN_CENTRAL_USER: ${{ secrets.MVN_CENTRAL_USER }} | ||
| MVN_CENTRAL_PASSWORD: ${{ secrets.MVN_CENTRAL_PASSWORD }} | ||
| run: ./gradlew closeAndReleaseRepository -PMVN_CENTRAL_USER="$MVN_CENTRAL_USER" -PMVN_CENTRAL_PASSWORD="$MVN_CENTRAL_PASSWORD" | ||
|
|
||
| - name: Gradle Upload to GitHub packages | ||
| uses: gradle/[email protected] | ||
| if: startsWith(github.ref, 'refs/tags/v') | ||
| env: | ||
| PGP_SIGNING_KEY: ${{ secrets.PGP_SIGNING_KEY }} | ||
| with: | ||
| arguments: ":test_runner:publishMavenJavaPublicationToGitHubPackagesRepository -PGITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: ./gradlew :test_runner:publishMavenJavaPublicationToGitHubPackagesRepository -PGITHUB_TOKEN="$GH_TOKEN" | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,7 +8,7 @@ on: | |
| - 'master' | ||
|
|
||
| # TODO: update workflow permissions to least privilege after auditing all the APIs used | ||
| # permissions: # limit the permissions of the GITHIUB_TOKEN to reading repository contents | ||
| # permissions: # limit the permissions of the GITHUB_TOKEN to reading repository contents | ||
| # contents: read | ||
|
|
||
| jobs: | ||
|
|
@@ -25,9 +25,10 @@ jobs: | |
| - uses: actions/checkout@v4 | ||
| - uses: gradle/wrapper-validation-action@v3 | ||
|
|
||
| - name: Gradle Upload to Github packages and Github release | ||
| uses: gradle/[email protected] | ||
| - name: Setup Gradle | ||
| uses: gradle/actions/setup-gradle@v4 | ||
|
|
||
| - name: Gradle Upload to GitHub packages and GitHub release | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| arguments: "flank-scripts:releaseFlankScripts -PGITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: ./gradlew flank-scripts:releaseFlankScripts -PGITHUB_TOKEN="$GH_TOKEN" | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,7 +8,7 @@ on: | |
| - 'master' | ||
|
|
||
| # TODO: update workflow permissions to least privilege after auditing all the APIs used | ||
| # permissions: # limit the permissions of the GITHIUB_TOKEN to reading repository contents | ||
| # permissions: # limit the permissions of the GITHUB_TOKEN to reading repository contents | ||
| # contents: read | ||
|
|
||
| jobs: | ||
|
|
@@ -25,9 +25,10 @@ jobs: | |
| - uses: actions/checkout@v4 | ||
| - uses: gradle/wrapper-validation-action@v3 | ||
|
|
||
| - name: Gradle Upload to Github packages and Github release | ||
| uses: gradle/[email protected] | ||
| - name: Setup Gradle | ||
| uses: gradle/actions/setup-gradle@v4 | ||
|
|
||
| - name: Gradle Upload to GitHub packages and GitHub release | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| arguments: "flank_wrapper:releaseFlankWrapper -PGITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: ./gradlew flank-wrapper:releaseFlankWrapper -PGITHUB_TOKEN="$GH_TOKEN" | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -6,7 +6,7 @@ on: | |
| workflow_dispatch: # or manually | ||
|
|
||
| # TODO: update workflow permissions to least privilege after auditing all the APIs used | ||
| # permissions: # limit the permissions of the GITHIUB_TOKEN to reading repository contents | ||
| # permissions: # limit the permissions of the GITHUB_TOKEN to reading repository contents | ||
| # contents: read | ||
|
|
||
| jobs: | ||
|
|
@@ -79,14 +79,15 @@ jobs: | |
| fi | ||
| shell: bash | ||
|
|
||
| - name: Setup Gradle | ||
| uses: gradle/actions/setup-gradle@v4 | ||
|
|
||
| - name: Gradle integration tests | ||
| uses: gradle/[email protected] | ||
| id: run-it | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| HEAD_REF: ${{ github.ref }} | ||
| with: | ||
| arguments: "integrationTests" | ||
| run: ./gradlew integrationTests | ||
|
|
||
| - name: Export Variables for FlankScripts | ||
| if: ${{ always() }} | ||
|
|
@@ -117,11 +118,13 @@ jobs: | |
| echo "./flank-scripts/bash" >> $GITHUB_PATH | ||
| - name: Process IT results | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: | | ||
| flankScripts integration_tests process_results \ | ||
| --global-result=${{ needs.run-it-full-suite.outputs.job_status }} \ | ||
| --run-result='${{ toJSON(env) }}' \ | ||
| --github-token=${{ secrets.GITHUB_TOKEN }} \ | ||
| --github-token="$GH_TOKEN" \ | ||
| --run-id=${{ github.run_id }} | ||
| trigger-pointer: | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,7 +8,7 @@ on: | |
| branches: | ||
| - '*' | ||
|
|
||
| permissions: # limit the permissions of the GITHIUB_TOKEN to reading repository contents | ||
| permissions: # limit the permissions of the GITHUB_TOKEN to reading repository contents | ||
| contents: read | ||
|
|
||
| jobs: | ||
|
|
@@ -41,17 +41,19 @@ jobs: | |
| restore-keys: | | ||
| ${{ runner.os }}-gradle- | ||
| - name: Setup Gradle | ||
| uses: gradle/actions/setup-gradle@v4 | ||
|
|
||
| - id: build | ||
| name: Gradle clean build | ||
| uses: gradle/[email protected] | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| HEAD_REF: ${{ github.head_ref }} | ||
| with: | ||
| arguments: "clean build" | ||
|
|
||
| run: ./gradlew clean build | ||
|
|
||
| publish-scan-url: | ||
| needs: [ build ] | ||
| needs: | ||
| - build | ||
| permissions: | ||
| pull-requests: write # to allow creating or updating a comment | ||
| if: ${{ github.event_name == 'pull_request' }} | ||
|
|
@@ -67,34 +69,15 @@ jobs: | |
| uses: 1466587594/get-current-time@v2 | ||
| id: current-time | ||
| with: | ||
| format: 'YYYY-MM-DD HH:mm:ss' | ||
| format: "YYYY-MM-DD HH:mm:ss" | ||
| utcOffset: "+00:00" | ||
|
|
||
| - name: Find Comment | ||
| uses: peter-evans/find-comment@v3 | ||
| id: fc | ||
| with: | ||
| issue-number: ${{ github.event.pull_request.number }} | ||
| comment-author: 'github-actions[bot]' | ||
| body-includes: Buildscan url for ubuntu-workflow run | ||
|
|
||
| - name: Create comment | ||
| if: ${{ steps.fc.outputs.comment-id == 0 }} | ||
| uses: peter-evans/create-or-update-comment@v4 | ||
| with: | ||
| issue-number: ${{ github.event.pull_request.number }} | ||
| body: | | ||
| **Timestamp:** ${{ steps.current-time.outputs.formattedTime }} | ||
| **Buildscan url for ubuntu-workflow run [${{ github.run_id }}](https://github.com/Flank/flank/actions/runs/${{ github.run_id }})** | ||
| ${{ needs.build.outputs.build-scan-url }} | ||
| - name: Update comment | ||
| if: ${{ steps.fc.outputs.comment-id != 0 }} | ||
| uses: peter-evans/create-or-update-comment@v4 | ||
| with: | ||
| comment-id: ${{ steps.fc.outputs.comment-id }} | ||
| edit-mode: replace | ||
| body: | | ||
| **Timestamp:** ${{ steps.current-time.outputs.formattedTime }} | ||
| **Buildscan url for ubuntu-workflow run [${{ github.run_id }}](https://github.com/Flank/flank/actions/runs/${{ github.run_id }})** | ||
| ${{ needs.build.outputs.build-scan-url }} | ||
| - name: Write Buildscan URL to Summary | ||
| env: | ||
| TIMESTAMP: ${{ steps.current-time.outputs.formattedTime }} | ||
| BUILD_SCAN_URL: ${{ needs.build.outputs.build-scan-url }} | ||
| run: | | ||
| echo "**Timestamp:** $TIMESTAMP" >> $GITHUB_STEP_SUMMARY | ||
| echo "**Buildscan URL for ubuntu-workflow run:**" >> $GITHUB_STEP_SUMMARY | ||
| echo "[$GITHUB_RUN_ID](https://github.com/Flank/flank/actions/runs/$GITHUB_RUN_ID)" >> $GITHUB_STEP_SUMMARY | ||
| echo "$BUILD_SCAN_URL" >> $GITHUB_STEP_SUMMARY | ||
Oops, something went wrong.