diff --git a/.github/workflows/automerge.yaml b/.github/workflows/automerge.yaml index 4d24fc01..2cb73f98 100644 --- a/.github/workflows/automerge.yaml +++ b/.github/workflows/automerge.yaml @@ -1,5 +1,5 @@ --- -name: automerge +name: Automerge on: workflow_run: types: @@ -8,23 +8,5 @@ on: - 'ci' jobs: automerge: - name: Automerge - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot' }} - steps: - - name: Check out the code - uses: actions/checkout@v2 - - name: Fetch main - run: | - git remote -v - git fetch --depth=1 origin main - - name: Only allow go.mod, go.sum, *.gen.go files - run: | - find . -type f ! -name 'go.mod' ! -name 'go.sum' -exec git diff --exit-code origin/main -- {} + - - name: Merge PR - uses: ridedott/merge-me-action@master - with: - GITHUB_LOGIN: nsmbot - ENABLED_FOR_MANUAL_CHANGES: true - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - MAXIMUM_RETRIES: 25 + if: ${{ github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot'}} + uses: networkservicemesh/.github/.github/workflows/automerge.yaml@main diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 57cbf35c..e6a0eafd 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -7,16 +7,7 @@ on: - 'release/**' jobs: yamllint: - name: yamllint - runs-on: ubuntu-latest - steps: - - name: Check out code into the Go module directory - uses: actions/checkout@v2 - - name: yaml-lint - uses: ibiqlik/action-yamllint@v1 - with: - config_file: .ci/yamllint.yml - strict: true + uses: networkservicemesh/.github/.github/workflows/yamllint.yaml@main build-and-test: name: build and test @@ -41,93 +32,21 @@ jobs: run: go test -race ./... golangci-lint: - name: golangci-lint - runs-on: ubuntu-latest - steps: - - name: Check out code into the Go module directory - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Setup Go - uses: actions/setup-go@v1 - with: - go-version: 1.18.1 - - name: golangci-lint - uses: golangci/golangci-lint-action@v3 - with: - version: v1.45.2 + uses: networkservicemesh/.github/.github/workflows/golangci-lint.yaml@main - excludeFmtErrorf: - name: exclude fmt.Errorf - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Exclude fmt.Errorf - run: | - if grep -r --include=*.go fmt.Errorf . ; then - echo "Please use errors.Errorf (or errors.New or errors.Wrap or errors.Wrapf) as appropriate rather than fmt.Errorf" - exit 1 - fi + exclude-fmt-errorf: + uses: networkservicemesh/.github/.github/workflows/exclude-fmt-errorf.yaml@main - restrictNSMDeps: - name: Restrict dependencies on github.com/networkservicemesh/* - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Restrict dependencies on github.com/networkservicemesh/* - env: - ALLOWED_REPOSITORIES: "sdk, api, sdk-kernel" - run: | - for i in $(grep github.com/networkservicemesh/ go.mod | grep -v '^module' | sed 's;.*\(github.com\/networkservicemesh\/[^ ]*\).*;\1;g');do - if ! [ "$(echo ${ALLOWED_REPOSITORIES} | grep ${i#github.com/networkservicemesh/})" ]; then - echo Dependency on "${i}" is forbidden - exit 1 - fi - done + restrict-nsm-deps: + uses: networkservicemesh/.github/.github/workflows/restrict-nsm-deps.yaml@main + with: + allowed_repositories: "api, sdk, sdk-kernel" checkgomod: - name: check go.mod and go.sum - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-go@v1 - with: - go-version: 1.18.1 - - run: go mod tidy - - name: Check for changes in go.mod or go.sum - run: | - git diff --name-only --exit-code go.mod || ( echo "Run go tidy" && false ) - git diff --name-only --exit-code go.sum || ( echo "Run go tidy" && false ) + uses: networkservicemesh/.github/.github/workflows/checkgomod.yaml@main gogenerate: - name: Check generated files - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: arduino/setup-protoc@master - with: - version: '3.8.0' - - uses: actions/setup-go@v1 - with: - go-version: 1.18.1 - - name: Install proto-gen-go - run: go install github.com/golang/protobuf/protoc-gen-go@v1.4.2 - - name: Install proto-gen-go - run: go install github.com/searKing/golang/tools/cmd/go-syncmap@v1.1.68 - - name: Generate files - run: go generate ./... - - name: Check for changes in generated code - run: | - git diff -- '*.pb.go' || ( echo "Rerun go generate ./... locally and resubmit" && false ) - git diff -- '*.gen.go' || ( echo "Rerun go generate ./... locally and resubmit" && false ) + uses: networkservicemesh/.github/.github/workflows/gogenerate.yaml@main - excludereplace: - name: Exclude replace in go.mod - runs-on: ubuntu-latest - steps: - - name: Check out the code - uses: actions/checkout@v2 - - name: Exclude replace in go.mod - run: | - grep ^replace go.mod || exit 0 - exit 1 + exclude-replace: + uses: networkservicemesh/.github/.github/workflows/exclude-replace.yaml@main diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6d85c641..4db9fd20 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -4,7 +4,7 @@ # # You may wish to alter this file to override the set of languages analyzed, # or to provide custom queries or build logic. -name: "CodeQL" +name: CodeQL on: push: @@ -17,56 +17,4 @@ on: jobs: analyze: - name: Analyze - runs-on: ubuntu-latest - - strategy: - fail-fast: false - matrix: - # Override automatic language detection by changing the below list - # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] - language: ['go'] - # Learn more... - # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - with: - # We must fetch at least the immediate parents so that if this is - # a pull request then we can checkout the head. - fetch-depth: 2 - - # If this run was triggered by a pull request event, then checkout - # the head of the pull request instead of the merge commit. - - run: git checkout HEAD^2 - if: ${{ github.event_name == 'pull_request' }} - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - # - run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: networkservicemesh/.github/.github/workflows/codeql-analysis.yaml@main diff --git a/.github/workflows/pr-for-updates.yaml b/.github/workflows/pr-for-updates.yaml index ed6ef4d8..b0000e3e 100644 --- a/.github/workflows/pr-for-updates.yaml +++ b/.github/workflows/pr-for-updates.yaml @@ -1,25 +1,29 @@ --- -name: Pull Request on update/* Branch Push +name: Release on: - push: - branches: - - update/** + workflow_run: + types: + - completed + workflows: + - 'ci' jobs: - auto-pull-request: - name: Pull Request on update/* Branch Push - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Construct PR message - run: | - PULL_REQUEST_BODY=$(git log --pretty='format:%B' -1 | sed '/^$/d;$d' | sed 's/#/# /g') - echo "$PULL_REQUEST_BODY" - echo "PULL_REQUEST_BODY<> $GITHUB_ENV - echo "$PULL_REQUEST_BODY" >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - name: pull-request-action - uses: vsoch/pull-request-action@1.0.12 - env: - GITHUB_TOKEN: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - BRANCH_PREFIX: "update/" - PULL_REQUEST_BRANCH: "main" + release: + if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }} + uses: networkservicemesh/.github/.github/workflows/release.yaml@main + with: + dependent_repositories: | + ["sdk-k8s", + "sdk-kernel", + "cmd-nsmgr", + "cmd-nsmgr-proxy", + "cmd-registry-memory", + "cmd-registry-proxy-dns", + "cmd-nse-remote-vlan", + "cmd-nse-vfio", + "cmd-nsc-init", + "cmd-ipam-vl3", + "cmd-map-ip-k8s", + "cmd-admission-webhook-k8s"] + + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 61569cd6..2edcceb5 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -5,87 +5,20 @@ on: types: - completed workflows: - - "ci" + - 'ci' jobs: - print-debug-info: - name: Print debug info for Release workflow - runs-on: ubuntu-latest - steps: - - uses: hmarr/debug-action@v2 - create-release: - name: Create release - runs-on: ubuntu-latest + release: if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }} - steps: - - name: Checkout repository - uses: actions/checkout@v2 - with: - ref: refs/heads/${{github.event.workflow_run.head_branch}} - - name: Get tag - run: | - branch=${{github.event.workflow_run.head_branch}} - echo '::set-output name=tag::'${branch#release/} - id: get-tag-step - - name: Push tag ${{ steps.get-tag-step.outputs.tag }} - run: | - git status - git tag ${{ steps.get-tag-step.outputs.tag }} - git push origin ${{ steps.get-tag-step.outputs.tag }} -f - - name: Create release ${{ steps.get-tag-step.outputs.tag }} - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - with: - tag_name: refs/tags/${{ steps.get-tag-step.outputs.tag }} - release_name: ${{ steps.get-tag-step.outputs.tag }} - draft: false - prerelease: false - update-dependent-repositories: - strategy: - matrix: - repository: - - cmd-forwarder-sriov - - cmd-nsc - - cmd-nsc-init - - cmd-nse-icmp-responder - - cmd-forwarder-vpp - - cmd-nse-vlan-vpp - - sdk-ovs - name: Update ${{ matrix.repository }} - needs: create-release - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }} - steps: - - name: Get tag - run: | - branch=${{github.event.workflow_run.head_branch}} - echo '::set-output name=tag::'${branch#release/} - id: get-tag-step - - name: Create commit - run: | - echo "Update go.mod and go.sum to ${{ github.repository }}@${{ steps.get-tag-step.outputs.tag }}" >> /tmp/commit-message - - name: Checkout networkservicemesh/${{ matrix.repository }} - uses: actions/checkout@v2 - with: - path: networkservicemesh/${{ matrix.repository }} - repository: networkservicemesh/${{ matrix.repository }} - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - uses: actions/setup-go@v1 - with: - go-version: 1.18.1 - - name: Update ${{ github.repository }} locally - working-directory: networkservicemesh/${{ matrix.repository }} - run: | - GOPRIVATE=github.com/networkservicemesh go get -u github.com/${{ github.repository }}@${{ steps.get-tag-step.outputs.tag }} - go mod tidy - git diff - - name: Push update to the ${{ matrix.repository }} - working-directory: networkservicemesh/${{ matrix.repository }} - run: | - echo Starting to update repositotry ${{ matrix.repository }} - git config --global user.email "nsmbot@networkservicmesh.io" - git config --global user.name "NSMBot" - git add go.mod go.sum - git commit -s -F /tmp/commit-message - git checkout -b ${{ github.event.workflow_run.head_branch }} - git push -f origin ${{ github.event.workflow_run.head_branch }} + uses: networkservicemesh/.github/.github/workflows/release.yaml@main + with: + dependent_repositories: | + ["cmd-forwarder-sriov", + "cmd-nsc", + "cmd-nsc-init", + "cmd-nse-icmp-responder", + "cmd-forwarder-vpp", + "cmd-nse-vlan-vpp", + "sdk-ovs"] + + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/update-dependent-repositories-gomod.yaml b/.github/workflows/update-dependent-repositories-gomod.yaml index cb6f73fe..1f98990c 100644 --- a/.github/workflows/update-dependent-repositories-gomod.yaml +++ b/.github/workflows/update-dependent-repositories-gomod.yaml @@ -8,77 +8,19 @@ on: types: - completed workflows: - - "automerge" + - 'automerge' jobs: - update-dependent-repositories: - continue-on-error: true - strategy: - fail-fast: false - matrix: - repository: - - cmd-forwarder-sriov - - cmd-nsc - - cmd-nsc-init - - cmd-nse-icmp-responder - - cmd-forwarder-vpp - - cmd-nse-vlan-vpp - - sdk-ovs - name: Update ${{ matrix.repository }} - runs-on: ubuntu-latest + release: if: ${{ github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot' || github.event_name == 'push' }} - steps: - - name: Checkout ${{ github.repository }} - uses: actions/checkout@v2 - with: - path: ${{ github.repository }} - repository: ${{ github.repository }} - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - name: Find merged PR - uses: jwalton/gh-find-current-pr@v1.0.2 - id: findPr - with: - sha: ${{ github.sha }} - github-token: ${{ github.token }} - - name: Create commit message - working-directory: ${{ github.repository }} - run: | - echo "Update go.mod and go.sum to latest version from ${{ github.repository }}@main" >> /tmp/commit-message - echo "PR link: https://github.com/${{ github.repository }}/pull/${{ steps.findPr.outputs.pr }}" >> /tmp/commit-message - echo "" >> /tmp/commit-message - LOG_MSG=$(git log --date=iso --pretty='format:Commit: %h%nAuthor: %an%nDate: %ad%nMessage:%n - %B%n' -1 | sed '/^$/d;$d') - for((i=2;i<=18;i+=2)); do n=$(printf '%*s' $((i+2))) m=$(printf '%*s' $i) LOG_MSG=$(echo "$LOG_MSG" | tr '\n' '|' | sed "s/${m}-/${n}-/2g" | tr '|' '\n'); done - echo "$LOG_MSG" >> /tmp/commit-message - echo "Commit Message:" - cat /tmp/commit-message - - - name: Get current sdk version - id: get-sdk-version - working-directory: ${{ github.repository }} - run: | - echo "::set-output name=value::$(go list -m -f '{{ .Version }}' github.com/networkservicemesh/sdk)" - - name: Checkout networkservicemesh/${{ matrix.repository }} - uses: actions/checkout@v2 - with: - path: networkservicemesh/${{ matrix.repository }} - repository: networkservicemesh/${{ matrix.repository }} - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - uses: actions/setup-go@v1 - with: - go-version: 1.18.1 - - name: Update ${{ github.repository }} locally - working-directory: networkservicemesh/${{ matrix.repository }} - run: | - GONOPROXY='github.com/networkservicemesh/*' go get -u github.com/${{ github.repository }}@main - GONOPROXY='github.com/networkservicemesh/*' go get -u github.com/networkservicemesh/sdk@${{ steps.get-sdk-version.outputs.value }} - go mod tidy - git diff - - name: Push update to the ${{ matrix.repository }} - working-directory: networkservicemesh/${{ matrix.repository }} - run: | - echo Starting to update repositotry ${{ matrix.repository }} - git config --global user.email "nsmbot@networkservicmesh.io" - git config --global user.name "NSMBot" - git add go.mod go.sum - git commit -s -F /tmp/commit-message - git checkout -b update/${{ github.repository }} - git push -f origin update/${{ github.repository }} + uses: networkservicemesh/.github/.github/workflows/update-dependent-repositories-gomod.yaml@main + with: + dependent_repositories: | + ["cmd-forwarder-sriov", + "cmd-nsc", + "cmd-nsc-init", + "cmd-nse-icmp-responder", + "cmd-forwarder-vpp", + "cmd-nse-vlan-vpp", + "sdk-ovs"] + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }}