Skip to content

Commit

Permalink
Merge pull request #3164 from mapfish/c2cciutils-upgrade
Browse files Browse the repository at this point in the history
CI updates
  • Loading branch information
sbrunner authored Jan 25, 2024
2 parents ae788c0 + d3ba363 commit e472ed6
Show file tree
Hide file tree
Showing 11 changed files with 191 additions and 78 deletions.
17 changes: 5 additions & 12 deletions .github/renovate.json5
Original file line number Diff line number Diff line change
Expand Up @@ -27,13 +27,6 @@
matchStrings: ['toolVersion = "(?<currentValue>.*)" // (?<depName>.*)'],
datasourceTemplate: 'maven',
},
/** Do update on packages update (trigger a rebuild) */
{
fileMatch: ['^ci/dpkg\\-versions\\.yaml$'],
matchStrings: [" *(?<depName>[^'\\s]+): '?(?<currentValue>[^'\\s/]*[0-9][^'\\s/]*)'?"],
datasourceTemplate: 'repology',
versioningTemplate: 'loose',
},
/** Do update on the schema present in the ci/config.yaml */
{
fileMatch: ['^ci/config\\.yaml$'],
Expand Down Expand Up @@ -154,13 +147,13 @@
matchPackageNames: ['shellcheck-py/shellcheck-py'],
versioning: 'regex:^v(?<major>\\d+)\\.(?<minor>\\d+)\\.(?<patch>\\d+)\\.(?<build>\\d+)$',
},
/** Update dpkg versions at any time */
/** Group and auto merge the CI dependencies */
{
matchBaseBranches: ['/^[0-9]+\\.[0-9]+$/'],
matchPaths: ['^ci/dpkg\\-versions\\.yaml$'],
schedule: ['at any time'],
groupName: 'dpkg',
matchFileNames: ['.github/**', '.pre-commit-config.yaml', 'ci/**'],
groupName: 'CI dependencies',
automerge: true,
separateMajorMinor: false,
separateMinorPatch: false,
},
],
}
14 changes: 12 additions & 2 deletions .github/workflows/audit.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ on:

jobs:
audit:
runs-on: ubuntu-22.04
name: Audit
runs-on: ubuntu-22.04
timeout-minutes: 20

strategy:
Expand All @@ -34,7 +34,17 @@ jobs:
- run: ~/.venv/bin/pip install --pre c2cciutils[audit]
- run: python3 -m pip install --pre c2cciutils[audit]

- name: Audit
- name: Snyk audit
run: ~/.venv/bin/c2cciutils-audit --branch=${{ matrix.branch }}
env:
GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
- name: Check ci/dpkg-versions.yaml file existence
id: dpkg-versions
uses: andstor/file-existence-action@v2
with:
files: ci/dpkg-versions.yaml
- name: Update dpkg packages versions
run: ~/.venv/bin/c2cciutils-docker-versions-update --branch=${{ matrix.branch }}
env:
GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
if: steps.dpkg-versions.outputs.files_exists == 'true'
2 changes: 1 addition & 1 deletion .github/workflows/backport.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ env:

jobs:
backport:
runs-on: ubuntu-22.04
name: Backport
runs-on: ubuntu-22.04
timeout-minutes: 5

steps:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/clean.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ on:

jobs:
clean:
runs-on: ubuntu-22.04
name: Clean docker hub tags
runs-on: ubuntu-22.04
timeout-minutes: 5

steps:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/delete-old-workflows-run.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@ env:

jobs:
build:
name: Delete old workflow runs
runs-on: ubuntu-22.04
timeout-minutes: 25
name: Delete old workflow runs

steps:
- name: Delete old workflow runs
Expand All @@ -20,4 +20,4 @@ jobs:
repository: ${{ github.repository }}
older-than-seconds: 43200000 # 500 days
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
25 changes: 0 additions & 25 deletions .github/workflows/dependency-auto-review.yaml

This file was deleted.

35 changes: 17 additions & 18 deletions .github/workflows/main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@ env:

jobs:
main:
name: Continuous integration
runs-on: ubuntu-22.04
timeout-minutes: 30
name: Continuous integration
if: "!startsWith(github.event.head_commit.message, '[skip ci] ')"

steps:
Expand Down Expand Up @@ -101,9 +101,8 @@ jobs:
if-no-files-found: ignore
if: always()

- run: make tests
# Tntented to fail earlier than the standard 30min for workflow failure
timeout-minutes: 10
- timeout-minutes: 10
run: make tests

- uses: actions/upload-artifact@v4
with:
Expand Down Expand Up @@ -148,63 +147,63 @@ jobs:
- name: Create Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: ${{ steps.tag.outputs.tag }}
draft: false
prerelease: false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: startsWith(github.ref, 'refs/tags/') && env.HAS_SECRETS == 'HAS_SECRETS'
- name: Upload Release Asset
uses: actions/upload-release-asset@v1.0.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./core/build/libs/print-servlet-${{ steps.version.outputs.version }}.war
asset_name: print-servlet-${{ steps.version.outputs.version }}.war
asset_content_type: application/java-archive
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: startsWith(github.ref, 'refs/tags/') && env.HAS_SECRETS == 'HAS_SECRETS'
- name: Upload Release Asset
uses: actions/upload-release-asset@v1.0.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./core/build/distributions/core-${{ steps.version.outputs.version }}.zip
asset_name: print-cli-${{ steps.version.outputs.version }}.zip
asset_content_type: application/zip
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: startsWith(github.ref, 'refs/tags/') && env.HAS_SECRETS == 'HAS_SECRETS'
- name: Upload Release Asset
uses: actions/upload-release-asset@v1.0.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./core/build/libs/print-lib-${{ steps.version.outputs.version }}.jar
asset_name: print-lib-${{ steps.version.outputs.version }}.jar
asset_content_type: application/java-archive
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: startsWith(github.ref, 'refs/tags/') && env.HAS_SECRETS == 'HAS_SECRETS'
- name: Upload Release Asset
uses: actions/upload-release-asset@v1.0.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./core/build/libs/print-lib-${{ steps.version.outputs.version }}-sources.jar
asset_name: print-lib-${{ steps.version.outputs.version }}-sources.jar
asset_content_type: application/java-archive
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: startsWith(github.ref, 'refs/tags/') && env.HAS_SECRETS == 'HAS_SECRETS'
- name: Upload Release Asset
uses: actions/upload-release-asset@v1.0.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./core/build/libs/print-lib-${{ steps.version.outputs.version }}-javadoc.jar
asset_name: print-lib-${{ steps.version.outputs.version }}-javadoc.jar
asset_content_type: application/java-archive
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: startsWith(github.ref, 'refs/tags/') && env.HAS_SECRETS == 'HAS_SECRETS'

# Update the documentation
Expand Down Expand Up @@ -238,8 +237,8 @@ jobs:
if (process.env.GITHUB_REF_TYPE == 'tag') {
console.log('Trigger changelog');
await github.rest.repos.createDispatchEvent({
owner: 'camptocamp',
repo: 'helm-mutualize',
owner: 'mapfish',
repo: 'mapfish-print',
event_type: 'changelog',
});
}
3 changes: 1 addition & 2 deletions .github/workflows/pr-checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,6 @@ on:
types:
- opened
- reopened
- labeled
- unlabeled
- edited
- synchronize

Expand All @@ -15,6 +13,7 @@ jobs:
name: Pull request check
runs-on: ubuntu-22.04
timeout-minutes: 5
if: github.event.pull_request.user.login != 'renovate[bot]'

steps:
- run: pip install --upgrade attrs
Expand Down
139 changes: 139 additions & 0 deletions .github/workflows/pull-request-automation.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,139 @@
name: Auto reviews, merge and close pull requests

on:
pull_request:
types:
- opened
- reopened
- closed
pull_request_target:
types:
- closed

jobs:
auto-merge:
name: Auto reviews, merge and close pull requests
runs-on: ubuntu-22.04
timeout-minutes: 5

steps:
- name: Print event
run: echo "${GITHUB}" | jq
env:
GITHUB: ${{ toJson(github) }}
- name: Print context
uses: actions/github-script@v7
with:
script: |-
console.log(context);
- name: Auto reviews Renovate updates
uses: actions/github-script@v7
with:
script: |-
github.rest.pulls.createReview({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.payload.pull_request.number,
event: 'APPROVE',
})
if: |-
github.event.pull_request.user.login == 'renovate[bot]'
&& (github.event.action == 'opened'
|| github.event.action == 'reopened')
- name: Auto review and merge dpkg updates
uses: actions/github-script@v7
with:
script: |-
github.rest.pulls.createReview({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.payload.pull_request.number,
event: 'APPROVE',
});
github.graphql(`
mutation {
enablePullRequestAutoMerge(input: {
pullRequestId: "${context.payload.pull_request.node_id}",
mergeMethod: SQUASH,
}) {
pullRequest {
autoMergeRequest {
enabledAt
}
}
}
}
`)
if: |-
github.event.pull_request.user.login == 'c2c-bot-gis-ci'
&& startsWith(github.head_ref, 'dpkg-update/')
&& (github.event.action == 'opened'
|| github.event.action == 'reopened')
- name: Auto review and merge snyk auto fix
uses: actions/github-script@v7
with:
script: |-
github.rest.pulls.createReview({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.payload.pull_request.number,
event: 'APPROVE',
});
github.graphql(`
mutation {
enablePullRequestAutoMerge(input: {
pullRequestId: "${context.payload.pull_request.node_id}",
mergeMethod: SQUASH,
}) {
pullRequest {
autoMergeRequest {
enabledAt
}
}
}
}
`)
if: |-
github.event.pull_request.user.login == 'c2c-bot-gis-ci'
&& startsWith(github.head_ref, 'snyk-fix/')
&& (github.event.action == 'opened'
|| github.event.action == 'reopened')
- name: Restart audit workflow
uses: actions/github-script@v7
with:
script: |-
let runs = await github.rest.actions.listWorkflowRuns({
owner: context.repo.owner,
repo: context.repo.repo,
workflow_id: 'audit.yaml',
per_page: 1,
});
runs = runs.data.workflow_runs;
if (runs.length == 1 && runs[0].status != 'success') {
console.log(`Rerun workflow ${runs[0].id} ${runs[0].status}`);
github.rest.actions.reRunWorkflowFailedJobs({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: runs[0].id,
});
}
if: |-
github.event.pull_request.user.login == 'c2c-bot-gis-ci'
&& (startsWith(github.head_ref, 'snyk-fix/')
|| startsWith(github.head_ref, 'dpkg-update/'))
&& github.event.action == 'closed'
&& github.event.pull_request.merged == true
- name: Auto close pre-commit.ci autoupdate
uses: actions/github-script@v7
with:
script: |-
github.rest.pulls.update({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.payload.pull_request.number,
state: 'closed',
});
if: |-
github.event.pull_request.user.login == 'pre-commit-ci'
&& (github.event.action == 'opened'
|| github.event.action == 'reopened')
Loading

0 comments on commit e472ed6

Please sign in to comment.