Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: updated pipeline files #9

Merged
merged 1 commit into from
Oct 9, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
File renamed without changes.
60 changes: 60 additions & 0 deletions .github/workflows/01_add_patch_label.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
name: Add PATCH default label

# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the main branch
pull_request_target:
branches:
- main
types: [ opened, reopened ]

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
add_patch_label:
runs-on: ubuntu-latest
name: Add default label
steps:
- name: Check user labels
id: check_user_labels
uses: actions/github-script@v6.3.3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
var addPatch = "true";
// retrieve label list
let labels = await github.rest.issues.listLabelsOnIssue({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});

// verify if user have already added IGNORE-FOR-RELEASE, then skip add PATCH
// note: GitHub labels are added in .identity/03_github_environment.tf as github_issue_label resource
if (labels.data.find(label => label.name === 'ignore-for-release')){
addPatch = "false";
}
return addPatch;
result-encoding: string

- name: Add PATCH label
if: ${{ steps.check_user_labels.outputs.result == 'true' }}
uses: pagopa/github-actions-template/default-label@main
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
label: 'patch'

- name: Add comment
if: ${{ steps.check_user_labels.outputs.result == 'true' }}
uses: actions/github-script@v6.3.3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'The default action is to increase the `PATCH` number of `SEMVER`. Set `IGNORE-FOR-RELEASE` if you want to skip `SEMVER` bump. `BREAKING-CHANGE` and `NEW-RELEASE` must be run from GH Actions section manually.'
});
26 changes: 26 additions & 0 deletions .github/workflows/01_assignee.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: Auto Assign

# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the main branch
pull_request_target:
branches:
- main
types: [ opened, reopened ]

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Assign Me
# You may pin to the exact commit or the version.
uses: kentaro-m/auto-assign-action@v1.2.1
with:
configuration-path: '.github/auto_assign.yml'
113 changes: 113 additions & 0 deletions .github/workflows/02_check_pr.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
name: Check PR

# Controls when the workflow will run
on:
pull_request:
branches:
- main
types: [ opened, synchronize, labeled, unlabeled, reopened, edited ]


permissions:
pull-requests: write


# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:

check_labels:
name: Check Required Labels
# The type of runner that the job will run on
runs-on: ubuntu-latest

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Verify PR Labels
if: ${{ !contains(github.event.pull_request.labels.*.name, 'patch') && !contains(github.event.pull_request.labels.*.name, 'ignore-for-release') }}
uses: actions/github-script@v6.3.3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
var comments = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
for (const comment of comments.data) {
if (comment.body.includes('This pull request does not contain a valid label')){
github.rest.issues.deleteComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: comment.id
})
}
}
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'This pull request does not contain a valid label. Please add one of the following labels: `[patch, ignore-for-release]`'
})
core.setFailed('Missing required labels')


check_format:
name: Check Format
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Formatting
id: format
continue-on-error: true
uses: axel-op/googlejavaformat-action@v3
with:
args: "--set-exit-if-changed"

- uses: actions/github-script@v6.3.3
if: steps.format.outcome != 'success'
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
console.log(context);
var comments = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
for (const comment of comments.data) {
console.log(comment);
if (comment.body.includes('Comment this PR with')){
github.rest.issues.deleteComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: comment.id
})
}
}
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Comment this PR with *update_code* to format the code. Consider to use pre-commit to format the code.'
})
core.setFailed('Format your code.')


check_size:
runs-on: ubuntu-latest
name: Check Size
steps:

- name: Dump GitHub context
run: echo $JSON
env:
JSON: ${{ toJSON(github) }}

- name: Check PR Size
uses: pagopa/github-actions-template/check-pr-size@main
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
ignored_files: 'openapi.json'
46 changes: 46 additions & 0 deletions .github/workflows/03_code_review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
name: Code Review

# Controls when the workflow will run
on:
pull_request:
branches:
- main
types:
- opened
- synchronize
- reopened
push:
branches:
- main


# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

env:
PROJECT_KEY: pagopa_pagopa-mocker


permissions:
id-token: write
contents: read

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
code-review:
name: Code Review
# The type of runner that the job will run on
runs-on: ubuntu-latest

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Code Review
uses: pagopa/github-actions-template/maven-code-review@50aaf5cffa09d76b953e64a630bc9e0528a6d73b
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
sonar_token: ${{ secrets.SONAR_TOKEN }}
project_key: ${{env.PROJECT_KEY}}
coverage_exclusions: "**/config/*,**/*Mock*,**/models/**,**/entities/*"
cpd_exclusions: "**/models/**,**/entities/*"
java_distribution: "graalvm"
java_version: "17.0.7"
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ name: Release And Deploy
# Controls when the workflow will run
on:
pull_request:
branches:
- main
types: [ closed ]

# Allows you to run this workflow manually from the Actions tab
Expand All @@ -15,18 +17,28 @@ on:
options:
- dev
- uat
- all
beta:
- prod
semver:
required: false
type: boolean
description: deploy beta version on AKS
default: false
skip_release:
required: false
type: boolean
description: skip the release. Only deploy
default: false

type: choice
description: Select the version
options:
- ''
- skip
- promote
- patch
- new_release
- breaking_change

workflow_call:
inputs:
environment:
required: true
type: string
semver:
required: true
type: string
default: skip

permissions:
packages: write
Expand All @@ -42,49 +54,20 @@ jobs:
name: Setup
runs-on: ubuntu-latest
outputs:
semver: ${{ steps.get_semver.outputs.semver }}
environment: ${{ steps.get_env.outputs.environment }}
semver: ${{ steps.semver_setup.outputs.semver }}
environment: ${{ steps.semver_setup.outputs.environment }}
steps:
- name: pull request rejected
if: github.event_name == 'pull_request' && github.event.action == 'closed' && github.event.pull_request.merged != true
run: |
echo "❌ PR was closed without a merge"
exit 1

# Set Semvar
- run: echo "SEMVER=patch" >> $GITHUB_ENV

- if: ${{ (github.event.pull_request.merged && contains(github.event.pull_request.labels.*.name, 'breaking-change ')) }}
run: echo "SEMVER=major" >> $GITHUB_ENV

- if: ${{ inputs.environment == 'uat' }}
run: echo "SEMVER=minor" >> $GITHUB_ENV

- if: ${{ github.ref_name != 'main' }}
run: echo "SEMVER=buildNumber" >> $GITHUB_ENV

- if: ${{ inputs.skip_release }}
run: echo "SEMVER=skip" >> $GITHUB_ENV

- id: get_semver
name: Set Output
run: echo "semver=${{env.SEMVER}}" >> $GITHUB_OUTPUT

# Set Environment
- run: echo "ENVIRNOMENT=${{ inputs.environment}}" >> $GITHUB_ENV

- if: ${{ inputs.environment == null }}
run: echo "ENVIRNOMENT=dev" >> $GITHUB_ENV

- id: get_env
name: Set Output
run: echo "environment=${{env.ENVIRNOMENT}}" >> $GITHUB_OUTPUT

- name: Semver setup
id: semver_setup
uses: pagopa/github-actions-template/nodo5-semver-setup@89ce1bcaf0da44968cd4e72d297cc916df5a914d
with:
semver: ${{ inputs.semver }}

release:
needs: [setup]
name: Create a New Release
runs-on: ubuntu-latest
needs: [setup]
if: ${{ needs.setup.outputs.semver != 'skip' }}
outputs:
version: ${{ steps.release.outputs.version }}
steps:
Expand All @@ -101,7 +84,7 @@ jobs:
needs: [ setup, release ]
name: Build and Push Docker Image
runs-on: ubuntu-latest
if: ${{ inputs.semver != 'skip' }}
if: ${{ needs.setup.outputs.semver != 'skip' }}
steps:
- name: Build and Push
id: semver
Expand All @@ -117,9 +100,28 @@ jobs:
if: ${{ always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') }}
strategy:
matrix:
environment: [ dev, uat ]
uses: ./.github/workflows/deploy_with_github_runner.yml
environment: [ dev, uat, prod ]
uses: ./.github/workflows/04h_deploy_with_github_runner.yml
with:
environment: ${{ matrix.environment }}
target: ${{ needs.setup.outputs.environment }}
secrets: inherit

# notify:
# name: Notify
# needs: [ setup, release, deploy_aks ]
# runs-on: ubuntu-latest
# if: always()
# steps:
# - name: Report Status
# if: always()
# uses: ravsamhq/notify-slack-action@v2
# with:
# status: ${{ needs.deploy_aks.result }}
# token: ${{ secrets.GITHUB_TOKEN }}
# notification_title: 'New Release on ${{ needs.setup.outputs.environment }} for ${{ needs.release.outputs.version }} has {status_message}'
# message_format: '{emoji} <{run_url}|{workflow}> {status_message} in <{repo_url}|{repo}>'
# footer: 'Linked to <{workflow_url}| workflow file>'
# icon_success: ':white_check_mark:'
# env:
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
Loading
Loading