diff --git a/.circleci/config.yml b/.circleci/config.yml index 64a006b048..f1402ae714 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -4,7 +4,7 @@ setup: true parameters: gio_action: type: enum - enum: [ release, publish_rpms, publish_docker_images, pull_requests, release_notes_am, publish_maven_central, release_helm ] + enum: [ release, publish_rpms, publish_docker_images, pull_requests, release_notes_am, publish_maven_central, release_helm, publish-images-azure-registry ] default: pull_requests gio_product: type: enum diff --git a/.circleci/workflows.yml b/.circleci/workflows.yml index 5658090c92..855e23d87b 100644 --- a/.circleci/workflows.yml +++ b/.circleci/workflows.yml @@ -63,7 +63,7 @@ executors: parameters: gio_action: type: enum - enum: [ release, publish_maven_central, publish_rpms, publish_docker_images, pull_requests, release_notes_am, release_helm ] + enum: [ release, publish_maven_central, publish_rpms, publish_docker_images, pull_requests, release_notes_am, release_helm , publish-images-azure-registry] default: pull_requests gio_product: type: enum @@ -785,7 +785,7 @@ jobs: echo $TAG > /tmp/docker-tag.txt # create a latest tag for the given branch to avoid flooding SNYK project - export TAG_LATEST=$(echo "${CIRCLE_BRANCH:0:15}-latest") + export TAG_LATEST=$(echo "${CIRCLE_BRANCH}-latest") echo "export TAG_LATEST=$TAG_LATEST" >> $BASH_ENV - create_docker_context - run: @@ -1887,3 +1887,18 @@ workflows: context: cicd-orchestrator requires: - AM - Lint & Test + + publish-images-azure-registry: + when: + equal: [ publish-images-azure-registry, << pipeline.parameters.gio_action >> ] + jobs: + - setup: + context: + - cicd-orchestrator + - build: + requires: + - setup + - publish-images-azure-registry: + context: cicd-orchestrator + requires: + - build \ No newline at end of file diff --git a/.github/workflows/publish-images-for-test-env.yml b/.github/workflows/publish-images-for-test-env.yml new file mode 100644 index 0000000000..87d54eda83 --- /dev/null +++ b/.github/workflows/publish-images-for-test-env.yml @@ -0,0 +1,38 @@ +# Copyright (C) 2015 The Gravitee team (http://gravitee.io) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: Publish docker images for test environment + +on: + pull_request: + types: [ labeled ] + +jobs: + publish-images-for-test-env: + runs-on: ubuntu-latest + if: ${{ github.event.label.name == 'ready_to_test' }} + steps: + - name: "Trigger publish_docker_images CircleCI workflow" + run: | + export JSON_PAYLOAD="{ \"branch\": \"${BRANCH}\", \"parameters\": { \"gio_action\": \"publish-images-azure-registry\" } }" + + echo "payload = $JSON_PAYLOAD" + curl -X POST -d "${JSON_PAYLOAD}" \ + -H 'Content-Type: application/json' -H 'Accept: application/json' -H "Circle-Token: ${CCI_TOKEN}" \ + https://circleci.com/api/v2/project/gh/${ORG_NAME}/${REPO_NAME}/pipeline | jq . + env: + ORG_NAME: gravitee-io + REPO_NAME: gravitee-access-management + BRANCH: ${{ github.head_ref }} + CCI_TOKEN: ${{ secrets.CCI_TOKEN }} diff --git a/.github/workflows/remove-ready-to-test-labels.yml b/.github/workflows/remove-ready-to-test-labels.yml new file mode 100644 index 0000000000..61e64436dd --- /dev/null +++ b/.github/workflows/remove-ready-to-test-labels.yml @@ -0,0 +1,52 @@ +# Copyright (C) 2015 The Gravitee team (http://gravitee.io) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: Remove ready to test labels + +on: + schedule: + - cron: '0 0 * * *' + +jobs: + remove-ready-to-test-labels: + runs-on: ubuntu-latest + steps: + - name: "Scan pull requests and remove ready_to_test labels" + env: + ORG_NAME: gravitee-io + REPO_NAME: gravitee-access-management + run: | + PR_NUMBERS=$(curl -s -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/gravitee-io/gravitee-access-management/issues?state=open&labels=ready_to_test&type=pr" | jq -r '.[].number') + + for PR_NUMBER in $PR_NUMBERS; do + # Get all events for the PR + # Then, filter on "labeled" events with "ready_to_test" label + # Get the last time the PR has been labeled with "ready_to_test" + # Finally, remove the double quotes to be able to parse and compare the date + + LAST_TIMESTAMP=$(curl -s "https://api.github.com/repos/gravitee-io/gravitee-access-management/issues/$PR_NUMBER/events?per_page\=1000" | jq '.[] | select(.event == "labeled" and .label.name == "ready_to_test") | .created_at' | tail -n 1 | tr -d '"') + echo "PR $PR_NUMBER has been labeled at $LAST_TIMESTAMP" + + ONE_WEEK_AGO=$(($(date +%s) - 7*84600)) + LAST_TIMESTAMP_EPOCH=$(date -d "$LAST_TIMESTAMP" +%s) + + if [[ $LAST_TIMESTAMP_EPOCH -lt ONE_WEEK_AGO ]]; then + echo "The pull request $PR_NUMBER has been labeled for more than 1 week, removing the label ready_to_test" + + curl -s -X DELETE \ + -H "Accept: application/vnd.github.v3+json" \ + -H 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \ + "https://api.github.com/repos/gravitee-io/gravitee-access-management/issues/$PR_NUMBER/labels/ready_to_test" + fi + done