diff --git a/.github/workflows/bld_all.yml b/.github/workflows/bld_all.yml
deleted file mode 100644
index ab01a41f63a..00000000000
--- a/.github/workflows/bld_all.yml
+++ /dev/null
@@ -1,185 +0,0 @@
-name: bld_all
-
-permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
-
-on:
- workflow_call:
- inputs:
- version_tag:
- description: 'Version tag to use: (bump must also be set to none to keep a specific version'
- required: false
- default: 'latest'
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch'
- required: false
- default: 'patch'
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
- seed_maven_cache:
- description: Whether to seed cache
- type: boolean
- required: false
- default: true
- install_maven_dependencies:
- description: Whether to install dependencies or use a previous cache
- type: boolean
- required: false
- default: true
-
- workflow_dispatch:
- inputs:
- version_tag:
- description: 'Version tag to use: (bump must also be set to none to keep a specific version'
- required: false
- default: 'latest'
- type: string
- bump:
- description: |
- How to optionally bump the semver version ( Major.Minor.Patch ) : git log will be searched for
- '#major #minor #patch' or feat/ or fix/ branch names to optionally override the bump. Set to none to keep a specific version
- required: false
- options:
- - patch
- - minor
- - major
- - none
- type: choice
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
- seed_maven_cache:
- description: Whether to seed cache
- type: boolean
- required: false
- default: true
- install_maven_dependencies:
- description: Whether to install dependencies or use a previous cache
- type: boolean
- required: false
- default: true
-
-jobs:
-
- bld_ml:
- uses: ./.github/workflows/bld_maven.yml
- secrets: inherit # pass all secrets
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- project: orcid-message-listener
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- bld_amq:
- uses: ./.github/workflows/bld_maven.yml
- secrets: inherit # pass all secrets
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- project: orcid-activemq
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- bld_api:
- uses: ./.github/workflows/bld_maven.yml
- secrets: inherit # pass all secrets
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- project: orcid-api-web
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- bld_iapi:
- uses: ./.github/workflows/bld_maven.yml
- secrets: inherit # pass all secrets
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- project: orcid-internal-api
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- bld_pubweb:
- uses: ./.github/workflows/bld_maven.yml
- secrets: inherit # pass all secrets
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- project: orcid-pub-web
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- bld_sched:
- uses: ./.github/workflows/bld_maven.yml
- secrets: inherit # pass all secrets
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- project: orcid-scheduler-web
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- bld_web:
- uses: ./.github/workflows/bld_maven.yml
- secrets: inherit # pass all secrets
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- project: orcid-web
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
diff --git a/.github/workflows/bld_all_matrix.yml b/.github/workflows/bld_all_matrix.yml
deleted file mode 100644
index f4f09df4882..00000000000
--- a/.github/workflows/bld_all_matrix.yml
+++ /dev/null
@@ -1,293 +0,0 @@
-name: bld_all_matrix
-
-permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
-
-on:
- workflow_call:
- inputs:
- version_tag:
- description: 'Version tag to use: (bump must also be set to none to keep a specific version'
- required: false
- default: 'latest'
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch'
- required: false
- default: 'patch'
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
-
- workflow_dispatch:
- inputs:
- version_tag:
- description: 'Version tag to use: (bump must also be set to none to keep a specific version'
- required: false
- default: 'latest'
- type: string
- bump:
- description: |
- How to optionally bump the semver version ( Major.Minor.Patch ) : git log will be searched for
- '#major #minor #patch' or feat/ or fix/ branch names to optionally override the bump. Set to none to keep a specific version
- required: false
- options:
- - patch
- - minor
- - major
- - none
- type: choice
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
-
-jobs:
-
- bld:
- strategy:
- matrix:
- # The include keyword that adds a new variable
- include:
- - artifact_name: orcid-message-listener
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- - artifact_name: orcid-activemq
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- - artifact_name: orcid-api-web
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- - artifact_name: orcid-internal-api
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- - artifact_name: orcid-pub-web
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- - artifact_name: orcid-scheduler-web
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- - artifact_name: orcid-web
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
-
- runs-on: ubuntu-latest
- steps:
-
- - name: git-checkout-ref-action
- id: ref
- uses: ORCID/git-checkout-ref-action@main
- with:
- default_branch: ${{ github.event.repository.default_branch }}
- ref: ${{ inputs.ref }}
-
- - uses: actions/checkout@v3
- with:
- ref: ${{ steps.ref.outputs.ref }}
- # checkout some history so we can scan commits for bump messages
- # NOTE: history does not include tags!
- fetch-depth: 100
-
- - name: find next version
- id: version
- uses: ORCID/version-bump-action@main
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
-
- - name: Set up Open JDK 11
- uses: actions/setup-java@v3
- with:
- distribution: 'temurin'
- java-version: '11'
- cache: 'maven'
-
- - name: show path
- run: |
- echo "$PATH"
- which java
- echo "$JAVA_HOME"
- echo "$tag_numeric"
- echo "$project"
- shell: bash
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
- project: "${{ matrix.artifact_name }}"
-
- - name: populate orcid-persistence/src/main/resources/release_name.txt with numeric tag
- run: |
- echo "$version_tag_numeric" > orcid-persistence/src/main/resources/release_name.txt
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
- - name: bump version of the parent pom and connected projects
- run: |
- mvn -T 1C --batch-mode versions:set \
- -DnewVersion="$version_tag_numeric" -DgenerateBackupPoms=false -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
- - name: bump the tagged version in the poms of projects not tied to the parent pom (orcid-test)
- run: |
- mvn -T 1C --batch-mode versions:set \
- -DnewVersion="$version_tag_numeric" -DgenerateBackupPoms=false -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects orcid-test
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
- - name: install orcid-parent into our local maven repo because the builds depend a version release
- run: |
- mvn -T 1C --batch-mode --non-recursive clean install -DskipTests \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
- - name: install orcid-test into our local maven repo because the builds depend a version release
- run: |
- mvn -T 1C --batch-mode clean install -DskipTests\
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects orcid-test
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
- - name: install orcid-utils into our local maven repo because the builds depend a version release
- run: |
- mvn -T 1C --batch-mode clean install -DskipTests \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects orcid-utils
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
- - name: install orcid-persistence into our local maven repo because orcid-core depends on it
- run: |
- mvn -T 1C --batch-mode clean install -DskipTests \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects orcid-persistence
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
- - name: install orcid-core into our local maven repo because the builds depend a version release
- run: |
- mvn -T 1C --batch-mode clean install -DskipTests \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects orcid-core
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
- - name: check some build related things
- run: |
- git --version
- git config user.name "GitHub Actions Bot"
- git config user.email "<>"
- git status
- git diff
-
- - name: build our project
- run: |
- mvn -T 1C --batch-mode -am package -DskipTests \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects "$project"
- echo "------------------------------------------------------"
-
- find . -name '*.war'
- find . -name '*.jar'
- env:
- project: "${{ matrix.artifact_name }}"
-
-#
-# orcid-web customization
-#
-
- - name: setup node for angular static file
- if: ${{ matrix.artifact_name == 'orcid-web' }}
- uses: actions/setup-node@v3
- with:
- node-version: 18.7.0
-
- - name: build angular parts if we are building orcid-web
- if: ${{ matrix.artifact_name == 'orcid-web' }}
- run: |
- echo "Build angular_orcid_generated.js"
- cd orcid-nodejs
- mvn -T 1C --batch-mode -P ci clean compile \
- -Dnodejs.workingDirectory="${{ github.workspace }}/orcid-web/src/main/webapp/static/javascript/ng1Orcid" \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
-
- echo "Copying angular_orcid_generated to its final destination"
- cp ${{ github.workspace }}/orcid-web/src/main/webapp/static/javascript/ng1Orcid/angular_orcid_generated.js ${{ github.workspace }}/orcid-web/target/orcid-web/static/javascript/ng1Orcid/
-
- echo "Packaging orcid-web"
- rm -f ${{ github.workspace }}/orcid-web/target/orcid-web.war
- cd ${{ github.workspace }}/orcid-web/target/orcid-web
-
- # have a file on the webserver we can hit
- echo "$version_tag_numeric" > ${{ github.workspace }}/orcid-web/target/orcid-web/static/version
-
- echo "Creating the war file"
- jar -cf orcid-web.war .
-
- # check_error "Creating the orcid-web.war file"
- echo "Moving war file to the target folder"
- cp orcid-web.war ${{ github.workspace }}/orcid-web/target/
- echo "orcid-web.war is ready"
-
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
- project: "${{ matrix.artifact_name }}"
-
-##################################################################################################################
-
-
- - name: install orcid-api-common into our local maven repo because the deploy depends on this orcid-web orcid-iapi orcid-api
- if: ${{ matrix.artifact_name == 'orcid-web' }} || ${{ matrix.artifact_name == 'orcid-internal-api' }} || ${{ matrix.artifact_name == 'orcid-api-web' }} || ${{ matrix.artifact_name == 'orcid-pub-web' }}
- run: |
- mvn -T 1C --batch-mode clean install -DskipTests \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects orcid-api-common
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
-
- - name: deploy war file
- run: |
- mvn --batch-mode \
- --settings settings-deploy.xml \
- --file "${project}/pom.xml" \
- -Dmaven.test.skip \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- -DaltReleaseDeploymentRepository="github::${ARTIFACT_URL}${ARTIFACT_REPO_PATH}" \
- deploy -Dmaven.test.skip
- env:
- GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- ARTIFACT_URL: "${{ secrets.ARTIFACT_URL }}"
- ARTIFACT_REPO_PATH: "${{ secrets.ARTIFACT_REPO_PATH }}"
- ARTIFACT_USER: "${{ secrets.ARTIFACT_USER }}"
- ARTIFACT_PASSWORD: "${{ secrets.ARTIFACT_PASSWORD }}"
- project: "${{ matrix.artifact_name }}"
-
-
-
-
-
-
diff --git a/.github/workflows/bld_maven.yml b/.github/workflows/bld_mvn.yml
similarity index 85%
rename from .github/workflows/bld_maven.yml
rename to .github/workflows/bld_mvn.yml
index 4683cb8898b..5638a7b0dc8 100644
--- a/.github/workflows/bld_maven.yml
+++ b/.github/workflows/bld_mvn.yml
@@ -1,5 +1,4 @@
-name: bld_maven
-run-name: bld-{{ inputs.project }}
+name: bld_mvn
permissions:
checks: write
@@ -10,18 +9,13 @@ permissions:
on:
workflow_call:
inputs:
- project:
- description: 'Name of the artifact env'
- required: false
- default: 'prod'
- type: string
version_tag:
- description: 'Name of the tag to build'
+ description: 'Version tag to use: (bump must also be set to none to keep a specific version'
required: false
default: 'latest'
type: string
bump:
- description: 'whether to bump the version number by a major minor patch amount or none'
+ description: 'whether to bump the version number by a major minor patch'
required: false
default: 'patch'
type: string
@@ -40,15 +34,14 @@ on:
type: boolean
required: false
default: true
-
+ deploy:
+ description: Whether to deploy the build to artifact repo
+ type: boolean
+ required: false
+ default: true
workflow_dispatch:
inputs:
- project:
- description: 'Name of the artifact env'
- required: false
- default: 'prod'
- type: string
version_tag:
description: 'Version tag to use: (bump must also be set to none to keep a specific version'
required: false
@@ -80,10 +73,29 @@ on:
type: boolean
required: false
default: true
-
+ deploy:
+ description: Whether to deploy the build to artifact repo
+ type: boolean
+ required: false
+ default: true
jobs:
- bld_maven:
+ bld_mvn:
+ strategy:
+ matrix:
+ include:
+ - project: orcid-message-listener
+ - project: orcid-activemq
+ - project: orcid-api-web
+ - project: orcid-internal-api
+ - project: orcid-pub-web
+ - project: orcid-scheduler-web
+ - project: orcid-web
+ - project: orcid-utils
+ - project: orcid-core
+ - project: orcid-persistence
+ - project: orcid-api-common
+
runs-on: ubuntu-latest
steps:
- name: git-checkout-ref-action
@@ -93,7 +105,7 @@ jobs:
default_branch: ${{ github.event.repository.default_branch }}
ref: ${{ inputs.ref }}
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
ref: ${{ steps.ref.outputs.ref }}
# checkout some history so we can scan commits for bump messages
@@ -108,7 +120,7 @@ jobs:
bump: ${{ inputs.bump }}
- name: Set up Open JDK 11
- uses: actions/setup-java@v3
+ uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '11'
@@ -117,7 +129,7 @@ jobs:
- name: if not installing dependencies restore special previous git_sha cache
if: ${{ ! inputs.install_maven_dependencies }}
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-${{ steps.version.outputs.version_tag_numeric }}-${{ github.sha }}
@@ -136,7 +148,7 @@ jobs:
- name: if installing dependencies use a standard cache key name
if: ${{ inputs.install_maven_dependencies }}
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-seed-cache
@@ -167,20 +179,20 @@ jobs:
find . -name '*.war'
find . -name '*.jar'
env:
- project: "${{ inputs.project }}"
+ project: "${{ matrix.project }}"
#
# orcid-web customization
#
- name: setup node for angular static file
- if: ${{ inputs.project == 'orcid-web' }}
- uses: actions/setup-node@v3
+ if: ${{ matrix.project == 'orcid-web' }}
+ uses: actions/setup-node@v4
with:
node-version: 18.7.0
- name: build angular parts if we are building orcid-web
- if: ${{ inputs.project == 'orcid-web' }}
+ if: ${{ matrix.project == 'orcid-web' }}
run: |
echo "Build angular_orcid_generated.js"
cd orcid-nodejs
@@ -208,11 +220,12 @@ jobs:
env:
version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
- project: "${{ inputs.project }}"
+ project: "${{ matrix.project }}"
##################################################################################################################
- name: deploy war file
+ if: ${{ inputs.deploy }}
run: |
mvn --batch-mode \
--settings settings-deploy.xml \
@@ -227,5 +240,6 @@ jobs:
ARTIFACT_REPO_PATH: "${{ secrets.ARTIFACT_REPO_PATH }}"
ARTIFACT_USER: "${{ secrets.ARTIFACT_USER }}"
ARTIFACT_PASSWORD: "${{ secrets.ARTIFACT_PASSWORD }}"
- project: "${{ inputs.project }}"
+ project: "${{ matrix.project }}"
+
diff --git a/.github/workflows/build_debug.yml b/.github/workflows/build_debug.yml
deleted file mode 100644
index fd8f1815b51..00000000000
--- a/.github/workflows/build_debug.yml
+++ /dev/null
@@ -1,101 +0,0 @@
-name: build_debug
-
-on:
- workflow_call:
- inputs:
- version_tag:
- description: 'version tag to use(vx.x.x)'
- required: false
- default: "latest"
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch amount or try gitlog'
- required: false
- default: "patch"
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
-
- workflow_dispatch:
- inputs:
- version_tag:
- description: 'version tag to use(vx.x.x)'
- required: false
- default: "latest"
- type: string
- bump:
- description: |
- How to optionally bump the semver version ( Major.Minor.Patch ) : git log will be searched for
- '#major #minor #patch' or feat/ or fix/ branch names to optionally override the bump. Set to none to keep a specific version
- required: false
- options:
- - patch
- - minor
- - major
- - none
- type: choice
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default_branch"
- type: string
-
-
-# cancel running job if another commit comes in
-concurrency:
- group: main-${{ github.ref }}-1
- cancel-in-progress: true
-
-jobs:
- seed_maven_cache:
- uses: ./.github/workflows/seed_maven_cache.yml
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- install_maven_dependencies:
- uses: ./.github/workflows/install_maven_dependencies.yml
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- needs:
- - seed_maven_cache
-
-
-##############################################################################
-
- unit_tests_publish:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- project: orcid-message-listener
- seed_maven_cache: false
- install_maven_dependencies: false
- needs:
- - install_maven_dependencies
-
- bld_ml:
- uses: ./.github/workflows/bld_maven.yml
- secrets: inherit # pass all secrets for uploading assets
- needs:
- - seed_maven_cache
- - unit_tests_publish
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- project: orcid-message-listener
- seed_maven_cache: false
- install_maven_dependencies: false
diff --git a/.github/workflows/build_test_release.yml b/.github/workflows/build_test_release.yml
deleted file mode 100644
index 8b7ef2b2e64..00000000000
--- a/.github/workflows/build_test_release.yml
+++ /dev/null
@@ -1,119 +0,0 @@
-name: build_test_release
-
-on:
- workflow_call:
- inputs:
- version_tag:
- description: 'version tag to use(vx.x.x)'
- required: false
- default: "latest"
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch amount or try gitlog'
- required: false
- default: "patch"
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
-
- workflow_dispatch:
- inputs:
- version_tag:
- description: 'version tag to use(vx.x.x)'
- required: false
- default: "latest"
- type: string
- bump:
- description: |
- How to optionally bump the semver version ( Major.Minor.Patch ) : git log will be searched for
- '#major #minor #patch' or feat/ or fix/ branch names to optionally override the bump. Set to none to keep a specific version
- required: false
- options:
- - patch
- - minor
- - major
- - none
- type: choice
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default_branch"
- type: string
-
-
-# cancel running job if another commit comes in
-concurrency:
- group: main-${{ github.ref }}-1
- cancel-in-progress: true
-
-jobs:
-
- lint:
- uses: ./.github/workflows/lint.yml
-
- seed_maven_cache:
- uses: ./.github/workflows/seed_maven_cache.yml
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- install_maven_dependencies:
- uses: ./.github/workflows/install_maven_dependencies.yml
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- needs:
- - seed_maven_cache
-
- unit_tests_publish:
- uses: ./.github/workflows/unit_tests_publish.yml
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: false
- install_maven_dependencies: false
- needs:
- - lint
- - seed_maven_cache
- - install_maven_dependencies
-##############################################################################
- bld_all:
- uses: ./.github/workflows/bld_all.yml
- secrets: inherit # pass all secrets for uploading assets
- needs:
- - lint
- - unit_tests_publish
- - install_maven_dependencies
- permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
- seed_maven_cache: false
- install_maven_dependencies: false
-
-##############################################################################
-
-# rel_tag:
-# uses: ./.github/workflows/rel_tag.yml
-# needs: bld_all
-# with:
-# version_tag: ${{ inputs.version_tag }}
-# bump: ${{ inputs.bump }}
-# ref: ${{ inputs.ref }}
-# secrets: inherit # pass all secrets
-# permissions:
-# checks: write
-# contents: write
-# issues: read
-# pull-requests: write
diff --git a/.github/workflows/build_test_release_tag.yml b/.github/workflows/build_test_release_tag.yml
index 5a1665df619..ce821970320 100644
--- a/.github/workflows/build_test_release_tag.yml
+++ b/.github/workflows/build_test_release_tag.yml
@@ -18,6 +18,12 @@ on:
required: false
default: "default"
type: string
+ rel_tag:
+ description: Whether to tag the code
+ type: boolean
+ required: false
+ default: true
+
workflow_dispatch:
inputs:
@@ -42,7 +48,11 @@ on:
required: false
default: "default_branch"
type: string
-
+ rel_tag:
+ description: Whether to tag the code
+ type: boolean
+ required: false
+ default: true
# cancel running job if another commit comes in
concurrency:
@@ -70,8 +80,8 @@ jobs:
needs:
- seed_maven_cache
- unit_tests_publish:
- uses: ./.github/workflows/unit_tests_publish.yml
+ test_mvn:
+ uses: ./.github/workflows/test_mvn.yml
with:
version_tag: ${{ inputs.version_tag }}
bump: ${{ inputs.bump }}
@@ -83,12 +93,12 @@ jobs:
- seed_maven_cache
- install_maven_dependencies
##############################################################################
- bld_all:
- uses: ./.github/workflows/bld_all.yml
+ bld_mvn:
+ uses: ./.github/workflows/bld_mvn.yml
secrets: inherit # pass all secrets for uploading assets
needs:
- lint
- - unit_tests_publish
+ - test_mvn
- install_maven_dependencies
permissions:
checks: write
@@ -106,7 +116,8 @@ jobs:
rel_tag:
uses: ./.github/workflows/rel_tag.yml
- needs: bld_all
+ needs: bld_mvn
+ if: ${{ inputs.rel_tag }}
with:
version_tag: ${{ inputs.version_tag }}
bump: ${{ inputs.bump }}
@@ -117,3 +128,4 @@ jobs:
contents: write
issues: read
pull-requests: write
+
diff --git a/.github/workflows/install_maven_dependencies.yml b/.github/workflows/install_maven_dependencies.yml
index 265c72c3a20..7c3332bdbdb 100644
--- a/.github/workflows/install_maven_dependencies.yml
+++ b/.github/workflows/install_maven_dependencies.yml
@@ -73,7 +73,7 @@ jobs:
default_branch: ${{ github.event.repository.default_branch }}
ref: ${{ inputs.ref }}
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
ref: ${{ steps.ref.outputs.ref }}
# checkout some history so we can scan commits for bump messages
@@ -88,13 +88,13 @@ jobs:
bump: ${{ inputs.bump }}
- name: Set up Open JDK 11
- uses: actions/setup-java@v3
+ uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '11'
- name: Restore the seeded cache but save dependencies into a new unique git sha hash with the expected version of the build
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-${{ steps.version.outputs.version_tag_numeric }}-${{ github.sha }}
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index a75a9f27b19..f7e9c0d9a33 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -16,17 +16,8 @@ jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
- - uses: actions/setup-python@v4
+ - uses: actions/checkout@v4
+ - uses: actions/setup-python@v5
with:
python-version: '3.10'
- - name: set PY
- run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> "$GITHUB_ENV"
- - uses: actions/cache@v3
- with:
- path: ~/.cache
- key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }}
- # lockdown all 3rd party repos to git shas
- #- uses: cloudposse/github-action-pre-commit@32acf3179b9eda817c0f549e8057477d320827db
- # migrate to standard pre-commit
- - uses: pre-commit/action@5f528da5c95691c4cf42ff76a4d10854b62cbb82
+ - uses: pre-commit/action@576ff52938d158a24ac7e009dfa94b1455e7df99
diff --git a/.github/workflows/maven_test_artifact.yml b/.github/workflows/maven_test_artifact.yml
deleted file mode 100644
index c13b03e6538..00000000000
--- a/.github/workflows/maven_test_artifact.yml
+++ /dev/null
@@ -1,167 +0,0 @@
-name: maven_test_artifact
-
-# run maven tests and upload results as an artifact
-# can be run from a pr
-
-permissions:
- checks: write
- contents: read
- issues: read
- pull-requests: write
-
-on:
- workflow_call:
- inputs:
- project:
- description: 'Name of the artifact env'
- required: false
- default: 'prod'
- type: string
- version_tag:
- description: 'Name of the tag to build'
- required: false
- default: 'latest'
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch amount or none'
- required: false
- default: 'patch'
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
- seed_maven_cache:
- description: Whether to seed cache
- type: boolean
- required: false
- default: true
- install_maven_dependencies:
- description: Whether to install dependencies or use a previous cache
- type: boolean
- required: false
- default: true
-
- workflow_dispatch:
- inputs:
- project:
- description: 'Name of the artifact env'
- required: false
- default: 'prod'
- type: string
- version_tag:
- description: 'Name of the tag to build'
- required: false
- default: 'latest'
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch amount or none'
- required: false
- default: 'patch'
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
- seed_maven_cache:
- description: Whether to seed cache
- type: boolean
- required: false
- default: true
- install_maven_dependencies:
- description: Whether to install dependencies or use a previous cache
- type: boolean
- required: false
- default: true
-
-
-jobs:
- maven_test:
- runs-on: ubuntu-latest
- steps:
- - name: git-checkout-ref-action
- id: ref
- uses: ORCID/git-checkout-ref-action@main
- with:
- default_branch: ${{ github.event.repository.default_branch }}
- ref: ${{ inputs.ref }}
-
- - uses: actions/checkout@v3
- with:
- ref: ${{ steps.ref.outputs.ref }}
- # checkout some history so we can scan commits for bump messages
- # NOTE: history does not include tags!
- fetch-depth: 100
-
- - name: find next version
- id: version
- uses: ORCID/version-bump-action@main
- with:
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
-
- - name: Set up Open JDK 11
- uses: actions/setup-java@v3
- with:
- distribution: 'temurin'
- java-version: '11'
-
-########################################################################################
-# handle restoring a custom gha cache
-
- - name: if not installing dependencies restore special previous git_sha cache
- if: ${{ ! inputs.install_maven_dependencies }}
- uses: actions/cache@v3
- with:
- path: ~/.m2/repository
- key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-${{ steps.version.outputs.version_tag_numeric }}-${{ github.sha }}
- restore-keys: |
- ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-${{ steps.version.outputs.version_tag_numeric }}-${{ github.sha }}
-
- - name: bump version of the parent pom and connected projects
- if: ${{ ! inputs.install_maven_dependencies }}
- run: |
- mvn -T 1C --batch-mode versions:set -DskipTests \
- -DnewVersion="$version_tag_numeric" -DgenerateBackupPoms=false
- env:
- version_tag_numeric: "${{ steps.version.outputs.version_tag_numeric }}"
-
-########################################################################################
-
- - name: if installing dependencies use a standard cache key name
- if: ${{ inputs.install_maven_dependencies }}
- uses: actions/cache@v3
- with:
- path: ~/.m2/repository
- key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-seed-cache
- restore-keys: |
- ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-seed-cache
-
- - name: seed_maven_cache
- if: ${{ inputs.seed_maven_cache }}
- id: cache
- uses: ORCID/ORCID-Source-cache-action@main
- with:
- version_tag_numeric: ${{ steps.version.outputs.version_tag_numeric }}
-
- - name: install_dependencies and bump version
- if: ${{ inputs.install_maven_dependencies }}
- id: install_dependencies
- uses: ORCID/ORCID-Source-dependencies-action@main
- with:
- version_tag_numeric: ${{ steps.version.outputs.version_tag_numeric }}
-
-########################################################################################
- - name: "Test ${{ inputs.project }}"
- run: |
- mvn -T 1C --batch-mode -Dmaven.test.failure.ignore=true test \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects ${{ inputs.project }}
-
- - uses: actions/upload-artifact@v3 # upload test results
- if: success() || failure() # run this step even if previous step failed
- with:
- name: ${{ inputs.project }}
- path: ${{ inputs.project }}/target/surefire-reports/*.xml
diff --git a/.github/workflows/maven_test_report.yml b/.github/workflows/maven_test_report.yml
deleted file mode 100644
index e44b1f70c99..00000000000
--- a/.github/workflows/maven_test_report.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-name: unit_test_report
-
-on:
- workflow_call:
- inputs:
- project:
- description: 'Name of the project in the repo'
- required: false
- default: "."
- type: string
-
- workflow_dispatch:
- inputs:
- project:
- description: 'Name of the project in the repo'
- required: false
- default: "."
- type: string
-
-jobs:
- report:
- runs-on: ubuntu-latest
- steps:
- - uses: dorny/test-reporter@e9fa2f582c0ebbe2e263fd18fad744d52e0b0203
- with:
- artifact: ${{ inputs.project }}
- name: "maven_test_report_${{ inputs.project }}" # Name of the check run which will be created
- path: '*.xml' # Path to test results (inside artifact .zip)
- reporter: java-junit # Format of test results
-
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index c243064af80..4b13881b9b4 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -17,8 +17,11 @@ concurrency:
cancel-in-progress: true
jobs:
- unit_tests_artifact:
- uses: ./.github/workflows/unit_tests_artifact.yml
+ lint:
+ uses: ./.github/workflows/lint.yml
+
+ test_mvn:
+ uses: ./.github/workflows/test_mvn.yml
with:
seed_maven_cache: true
install_maven_dependencies: true
diff --git a/.github/workflows/pr_completed.yml b/.github/workflows/pr_completed.yml
deleted file mode 100644
index 3d007a37690..00000000000
--- a/.github/workflows/pr_completed.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-name: pr_completed
-
-# this is a privileged workflow that can run with secrets
-# to perform actions on work carried out in the pull_request workflow
-
-on:
- workflow_run:
- workflows:
- - pr
- types:
- - completed
-
- workflow_call:
- inputs:
- version_tag:
- description: 'version tag to use(vx.x.x)'
- required: false
- default: "next_tag"
- type: string
-
- workflow_dispatch:
- inputs:
- version_tag:
- description: 'version tag to use(vx.x.x)'
- required: false
- default: "next_tag"
- type: string
-
-jobs:
- unit_tests_report:
- uses: ./.github/workflows/unit_tests_report.yml
-
diff --git a/.github/workflows/rel_tag.yml b/.github/workflows/rel_tag.yml
index e125ac11d9a..529dc0bafb2 100644
--- a/.github/workflows/rel_tag.yml
+++ b/.github/workflows/rel_tag.yml
@@ -64,7 +64,7 @@ jobs:
ref: ${{ inputs.ref }}
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
# token with write permissions to protected branches
# standard github token does not allow this
diff --git a/.github/workflows/seed_maven_cache.yml b/.github/workflows/seed_maven_cache.yml
index aaf8d64d3b1..55eae9d17e3 100644
--- a/.github/workflows/seed_maven_cache.yml
+++ b/.github/workflows/seed_maven_cache.yml
@@ -71,7 +71,7 @@ jobs:
default_branch: ${{ github.event.repository.default_branch }}
ref: ${{ inputs.ref }}
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
ref: ${{ steps.ref.outputs.ref }}
# checkout some history so we can scan commits for bump messages
@@ -86,13 +86,13 @@ jobs:
bump: ${{ inputs.bump }}
- name: Set up Open JDK 11
- uses: actions/setup-java@v3
+ uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '11'
- name: Cache local Maven repository keyed off the pom
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-seed-cache
diff --git a/.github/workflows/maven_test_publish.yml b/.github/workflows/test_mvn.yml
similarity index 73%
rename from .github/workflows/maven_test_publish.yml
rename to .github/workflows/test_mvn.yml
index 33a6c1132d6..65e1190174c 100644
--- a/.github/workflows/maven_test_publish.yml
+++ b/.github/workflows/test_mvn.yml
@@ -1,22 +1,13 @@
-name: maven_test_publish
-
-# run maven tests and publish results in one step
-# run from privileged branch
+name: test_mvn
permissions:
checks: write
contents: read
- issues: read
- pull-requests: write
+ actions: read
on:
workflow_call:
inputs:
- project:
- description: 'Name of the artifact env'
- required: false
- default: 'prod'
- type: string
version_tag:
description: 'Name of the tag to build'
required: false
@@ -45,11 +36,6 @@ on:
workflow_dispatch:
inputs:
- project:
- description: 'Name of the artifact env'
- required: false
- default: 'prod'
- type: string
version_tag:
description: 'Name of the tag to build'
required: false
@@ -78,7 +64,22 @@ on:
jobs:
- maven_test:
+ test_mvn:
+ strategy:
+ matrix:
+ include:
+ - project: orcid-message-listener
+ - project: orcid-activemq
+ - project: orcid-api-web
+ - project: orcid-internal-api
+ - project: orcid-pub-web
+ - project: orcid-scheduler-web
+ - project: orcid-web
+ - project: orcid-utils
+ - project: orcid-core
+ - project: orcid-persistence
+ - project: orcid-api-common
+
runs-on: ubuntu-latest
steps:
- name: git-checkout-ref-action
@@ -88,7 +89,7 @@ jobs:
default_branch: ${{ github.event.repository.default_branch }}
ref: ${{ inputs.ref }}
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
ref: ${{ steps.ref.outputs.ref }}
# checkout some history so we can scan commits for bump messages
@@ -103,7 +104,7 @@ jobs:
bump: ${{ inputs.bump }}
- name: Set up Open JDK 11
- uses: actions/setup-java@v3
+ uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '11'
@@ -113,7 +114,7 @@ jobs:
- name: if not installing dependencies restore special previous git_sha cache
if: ${{ ! inputs.install_maven_dependencies }}
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-${{ steps.version.outputs.version_tag_numeric }}-${{ github.sha }}
@@ -132,7 +133,7 @@ jobs:
- name: if installing dependencies use a standard cache key name
if: ${{ inputs.install_maven_dependencies }}
- uses: actions/cache@v3
+ uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-seed-cache
@@ -154,19 +155,24 @@ jobs:
version_tag_numeric: ${{ steps.version.outputs.version_tag_numeric }}
########################################################################################
- - name: "Test ${{ inputs.project }}"
+ - name: "Test ${{ matrix.project }}"
run: |
- mvn -T 1C --batch-mode -Dmaven.test.failure.ignore=true test \
+ mvn -T 1C --batch-mode test \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- --projects ${{ inputs.project }}
+ --projects ${{ matrix.project }} --fail-at-end
- # NOTE: if the above test fail then this step will report that failure and stop the run
- - name: Publish Unit Test Results
- uses: dorny/test-reporter@e9fa2f582c0ebbe2e263fd18fad744d52e0b0203
- if: always()
+ - name: Publish unit test report for non forked repo
+ if: ${{ failure() && (github.event.pull_request.head.repo.full_name == github.repository) }} # only report if a test has failed and we are a non forked repo
+ uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1.9.1
with:
- name: "maven_test_publish_${{ inputs.project }}"
- path: ${{ inputs.project }}/target/surefire-reports/*.xml
+ name: "Unit test report for ${{ matrix.project }}"
+ path: ${{ matrix.project }}/target/surefire-reports/*.xml
reporter: java-junit
fail-on-error: true
+ - name: Annotate only test report for forked repo
+ uses: mikepenz/action-junit-report@ec3a351c13e080dc4fa94c49ab7ad5bf778a9668 # v5
+ if: ${{ failure() && (github.event.pull_request.head.repo.full_name != github.repository) }} # only report if a test has failed and we are a forked repo
+ with:
+ report_paths: ${{ matrix.project }}/target/surefire-reports/*.xml
+ annotate_only: true # forked repo cannot write to checks so just do annotations
diff --git a/.github/workflows/unit_tests_artifact.yml b/.github/workflows/unit_tests_artifact.yml
deleted file mode 100644
index 2340da69799..00000000000
--- a/.github/workflows/unit_tests_artifact.yml
+++ /dev/null
@@ -1,144 +0,0 @@
-name: unit_tests_artifact
-
-# Run tests and upload the results as an artifact
-# Can be run from a unprivileged pull_request action
-# Reporting is done in the pr_completed.yml workflow
-
-on:
- workflow_call:
- inputs:
- version_tag:
- description: 'Name of the tag to build'
- required: false
- default: 'latest'
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch amount or none'
- required: false
- default: 'patch'
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
- seed_maven_cache:
- description: Whether to seed cache
- type: boolean
- required: false
- default: true
- install_maven_dependencies:
- description: Whether to install dependencies or use a previous cache
- type: boolean
- required: false
- default: true
-
-
- workflow_dispatch:
- inputs:
- version_tag:
- description: 'Name of the tag to build'
- required: false
- default: 'latest'
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch amount or none'
- required: false
- default: 'patch'
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
- seed_maven_cache:
- description: Whether to seed cache
- type: boolean
- required: false
- default: true
- install_maven_dependencies:
- description: Whether to install dependencies or use a previous cache
- type: boolean
- required: false
- default: true
-
-jobs:
- tst_ml:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-message-listener
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_amq:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-activemq
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_api:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-api-web
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_iapi:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-internal-api
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_pubweb:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-pub-web
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_sched:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-scheduler-web
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_web:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-web
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-##########################################################
-
- tst_utils:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-utils
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_core:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-core
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_persistence:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-persistence
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
- tst_api_common:
- uses: ./.github/workflows/maven_test_artifact.yml
- with:
- project: orcid-api-common
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
-
-
diff --git a/.github/workflows/unit_tests_publish.yml b/.github/workflows/unit_tests_publish.yml
deleted file mode 100644
index e8cdbcdf91d..00000000000
--- a/.github/workflows/unit_tests_publish.yml
+++ /dev/null
@@ -1,180 +0,0 @@
-name: unit_tests_publish
-
-# full unit tests with report publishing
-
-on:
- workflow_call:
- inputs:
- version_tag:
- description: 'Name of the tag to build'
- required: false
- default: 'latest'
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch amount or none'
- required: false
- default: 'patch'
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
- seed_maven_cache:
- description: Whether to seed cache
- type: boolean
- required: false
- default: true
- install_maven_dependencies:
- description: Whether to install dependencies or use a previous cache
- type: boolean
- required: false
- default: true
-
-
- workflow_dispatch:
- inputs:
- version_tag:
- description: 'Name of the tag to build'
- required: false
- default: 'latest'
- type: string
- bump:
- description: 'whether to bump the version number by a major minor patch amount or none'
- required: false
- default: 'patch'
- type: string
- ref:
- description: 'git reference to use with the checkout use default_branch to have that calculated'
- required: false
- default: "default"
- type: string
- seed_maven_cache:
- description: Whether to seed cache
- type: boolean
- required: false
- default: true
- install_maven_dependencies:
- description: Whether to install dependencies or use a previous cache
- type: boolean
- required: false
- default: true
-
-jobs:
-
-
- tst_ml:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-message-listener
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_amq:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-activemq
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_api:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-api-web
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_iapi:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-internal-api
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_pubweb:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-pub-web
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_sched:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-scheduler-web
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_web:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-web
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
-####################################################################
-
- tst_utils:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-utils
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_core:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-core
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_persistence:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-persistence
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
- tst_api_common:
- uses: ./.github/workflows/maven_test_publish.yml
- with:
- project: orcid-api-common
- seed_maven_cache: ${{ inputs.seed_maven_cache }}
- install_maven_dependencies: ${{ inputs.install_maven_dependencies }}
- version_tag: ${{ inputs.version_tag }}
- bump: ${{ inputs.bump }}
- ref: ${{ inputs.ref }}
-
-# codeql:
-# uses: ./.github/workflows/codeql.yml
-#
diff --git a/.github/workflows/unit_tests_report.yml b/.github/workflows/unit_tests_report.yml
deleted file mode 100644
index f3c5149dd01..00000000000
--- a/.github/workflows/unit_tests_report.yml
+++ /dev/null
@@ -1,78 +0,0 @@
-name: unit_tests_report
-
-on:
- workflow_call:
- inputs:
- version_tag:
- description: 'version tag to use(vx.x.x)'
- required: false
- default: latest
- type: string
-
- workflow_dispatch:
- inputs:
- version_tag:
- description: 'version tag to use(vx.x.x)'
- required: false
- default: latest
- type: string
-
-jobs:
-
- tst_ml:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-message-listener
-
- tst_amq:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-activemq
-
- tst_api:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-api-web
-
- tst_iapi:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-internal-api
-
- tst_pubweb:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-pub-web
-
- tst_sched:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-scheduler-web
-
- tst_web:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-web
-
-#########################################################################################
-
- tst_utils:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-utils
-
- tst_core:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-core
-
- tst_persistence:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-persistence
-
- tst_api_common:
- uses: ./.github/workflows/maven_test_report.yml
- with:
- project: orcid-api-common
-
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3cd68e158fc..c529ed272a1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,15 @@
+## v2.67.14 - 2024-11-07
+
+[Full Changelog](https://github.com/ORCID/ORCID-Source/compare/v2.67.13...v2.67.14)
+
+## v2.67.13 - 2024-11-07
+
+[Full Changelog](https://github.com/ORCID/ORCID-Source/compare/v2.67.12...v2.67.13)
+
+## v2.67.12 - 2024-11-06
+
+[Full Changelog](https://github.com/ORCID/ORCID-Source/compare/v2.67.11...v2.67.12)
+
## v2.67.11 - 2024-11-05
[Full Changelog](https://github.com/ORCID/ORCID-Source/compare/v2.67.10...v2.67.11)
diff --git a/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email.ftl b/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email.ftl
index 0c4345237cd..942550a8898 100644
--- a/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email.ftl
+++ b/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email.ftl
@@ -15,5 +15,5 @@ To minimize any disruption to your ORCID integration in the future, we would rec
Warm Regards,
ORCID Support Team
https://support.orcid.org
-<@emailMacros.msg "email.common.you_have_received_this_email" />
+
<#include "email_footer.ftl"/>
diff --git a/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email_html.ftl b/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email_html.ftl
index 569cb86ebe3..f7d4ebca59b 100644
--- a/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email_html.ftl
+++ b/orcid-core/src/main/resources/org/orcid/core/template/papi_rate_limit_email_html.ftl
@@ -25,9 +25,6 @@
- <@emailMacros.msg "email.common.you_have_received_this_email" />
-
-
<#include "email_footer_html.ftl"/>
diff --git a/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java b/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java
index daa982cae36..58779274a40 100644
--- a/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java
+++ b/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java
@@ -37,6 +37,7 @@
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.MessageSource;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
@@ -80,6 +81,9 @@ public class ApiRateLimitFilter extends OncePerRequestFilter {
@Autowired
private OrcidTokenStore orcidTokenStore;
+ @Autowired
+ private MessageSource messageSource;
+
@Value("${org.orcid.papi.rate.limit.anonymous.requests:10000}")
private int anonymousRequestLimit;
@@ -91,9 +95,9 @@ public class ApiRateLimitFilter extends OncePerRequestFilter {
@Value("${org.orcid.persistence.panoply.papiExceededRate.production:false}")
private boolean enablePanoplyPapiExceededRateInProduction;
-
+
@Value("${org.orcid.papi.rate.limit.ip.whiteSpaceSeparatedWhiteList:127.0.0.1}")
- private String papiWhiteSpaceSeparatedWhiteList;
+ private String papiWhiteSpaceSeparatedWhiteList;
private static final String TOO_MANY_REQUESTS_MSG = "Too Many Requests - You have exceeded the daily allowance of API calls.\\n"
+ "You can increase your daily quota by registering for and using Public API client credentials "
@@ -123,20 +127,22 @@ protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServl
}
boolean isAnonymous = (clientId == null);
LocalDate today = LocalDate.now();
+ try {
+ if (isAnonymous) {
+ if (!isWhiteListed(ipAddress)) {
+ LOG.info("ApiRateLimitFilter anonymous request for ip: " + ipAddress);
+ this.rateLimitAnonymousRequest(ipAddress, today, httpServletResponse);
+ }
- if (isAnonymous ) {
- if(!isWhiteListed(ipAddress)) {
- LOG.info("ApiRateLimitFilter anonymous request for ip: " + ipAddress);
- this.rateLimitAnonymousRequest(ipAddress, today, httpServletResponse);
+ } else {
+ LOG.info("ApiRateLimitFilter client request with clientId: " + clientId);
+ this.rateLimitClientRequest(clientId, today);
}
-
- } else {
- LOG.info("ApiRateLimitFilter client request with clientId: " + clientId);
- this.rateLimitClientRequest(clientId, today);
+ } catch (Exception ex) {
+ LOG.error("Papi Limiting Filter unexpected error, ignore and chain request.", ex);
}
-
- filterChain.doFilter(httpServletRequest, httpServletResponse);
}
+ filterChain.doFilter(httpServletRequest, httpServletResponse);
}
private void rateLimitAnonymousRequest(String ipAddress, LocalDate today, HttpServletResponse httpServletResponse) throws IOException {
@@ -202,8 +208,10 @@ private void rateLimitClientRequest(String clientId, LocalDate today) {
private Map createTemplateParams(String clientId, String clientName, String emailName, String orcidId) {
Map templateParams = new HashMap();
+ templateParams.put("messages", messageSource);
+ templateParams.put("messageArgs", new Object[0]);
templateParams.put("clientId", clientId);
- templateParams.put("clientId", clientName);
+ templateParams.put("clientName", clientName);
templateParams.put("emailName", emailName);
templateParams.put("locale", LocaleUtils.toLocale("en"));
templateParams.put("baseUri", orcidUrlManager.getBaseUrl());
@@ -218,9 +226,9 @@ private void sendEmail(String clientId, LocalDate requestDate) {
String emailName = recordNameManager.deriveEmailFriendlyName(profile.getId());
Map templateParams = this.createTemplateParams(clientId, clientDetailsEntity.getClientName(), emailName, profile.getId());
// Generate body from template
- String body = templateManager.processTemplate("bad_orgs_email.ftl", templateParams);
+ String body = templateManager.processTemplate("papi_rate_limit_email.ftl", templateParams);
// Generate html from template
- String html = templateManager.processTemplate("bad_orgs_email_html.ftl", templateParams);
+ String html = templateManager.processTemplate("papi_rate_limit_email_html.ftl", templateParams);
String email = emailManager.findPrimaryEmail(profile.getId()).getEmail();
LOG.info("text email={}", body);
@@ -237,7 +245,7 @@ private void sendEmail(String clientId, LocalDate requestDate) {
// Send the email
boolean mailSent = mailGunManager.sendEmail(FROM_ADDRESS, email, SUBJECT, body, html);
if (!mailSent) {
- throw new RuntimeException("Failed to send email for papi limits, orcid=" + profile.getId());
+ LOG.error("Failed to send email for papi limits, orcid=" + profile.getId() + " email: " + email);
}
}
@@ -258,33 +266,34 @@ private void setPapiRateExceededItemInPanoply(PanoplyPapiDailyRateExceededItem i
});
}
-
- //gets actual client IP address, using the headers that the proxy server ads
+
+ // gets actual client IP address, using the headers that the proxy server
+ // ads
private String getClientIpAddress(HttpServletRequest request) {
String ipAddress = request.getHeader("X-FORWARDED-FOR");
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("X-REAL-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
- ipAddress = request.getRemoteAddr();
+ ipAddress = request.getRemoteAddr();
}
if (ipAddress != null && ipAddress.contains(",")) {
ipAddress = ipAddress.split(",")[0].trim();
}
return ipAddress;
- }
-
+ }
+
private boolean isWhiteListed(String ipAddress) {
List papiIpWhiteList = null;
- if(StringUtils.isNotBlank(papiWhiteSpaceSeparatedWhiteList)) {
+ if (StringUtils.isNotBlank(papiWhiteSpaceSeparatedWhiteList)) {
papiIpWhiteList = Arrays.asList(papiWhiteSpaceSeparatedWhiteList.split("\\s"));
}
-
- if(papiIpWhiteList != null) {
+
+ if (papiIpWhiteList != null) {
return papiIpWhiteList.contains(ipAddress);
-
+
}
- return false;
+ return false;
}
}
diff --git a/orcid-scheduler-web/src/main/java/org/orcid/scheduler/report/PapiDailyLimitReport.java b/orcid-scheduler-web/src/main/java/org/orcid/scheduler/report/PapiDailyLimitReport.java
index 0e63e4f9054..73b1b4258c1 100644
--- a/orcid-scheduler-web/src/main/java/org/orcid/scheduler/report/PapiDailyLimitReport.java
+++ b/orcid-scheduler-web/src/main/java/org/orcid/scheduler/report/PapiDailyLimitReport.java
@@ -37,13 +37,13 @@ public class PapiDailyLimitReport {
@Value("${org.orcid.core.orgs.load.slackUser}")
private String slackUser;
- @Value("${rate.limit.anonymous.requests}")
+ @Value("${org.orcid.papi.rate.limit.anonymous.requests:10000}")
private int anonymousRequestLimit;
- @Value("${rate.limit.known.requests}")
+ @Value("${org.orcid.papi.rate.limit.known.requests:40000}")
private int knownRequestLimit;
- @Value("${rate.limit.enabled:false}")
+ @Value("${org.orcid.papi.rate.limit.enabled:false}")
private boolean enableRateLimiting;
@Autowired
@@ -71,13 +71,13 @@ public void papiDailyLimitReport() {
if (enableRateLimiting) {
LocalDate yesterday = LocalDate.now().minusDays(1);
String mode = Features.ENABLE_PAPI_RATE_LIMITING.isActive() ? "ENFORCEMENT" : "MONITORING";
- String SLACK_INTRO_MSG = "Public API Rate limit report - Date: " + yesterday.toString() + "\n Current Anonymous Requests Limit: " + anonymousRequestLimit
- + "\n Current Public API Clients Limit: " + knownRequestLimit + "\n Mode: " + mode;
+ String SLACK_INTRO_MSG = "Public API Rate limit report - Date: " + yesterday.toString() + "\nCurrent Anonymous Requests Limit: " + anonymousRequestLimit
+ + "\nCurrent Public API Clients Limit: " + knownRequestLimit + "\nMode: " + mode;
LOG .info(SLACK_INTRO_MSG);
slackManager.sendAlert(SLACK_INTRO_MSG, slackChannel, webhookUrl, webhookUrl);
String SLACK_STATS_MSG = "Count of Anonymous IPs blocked: " + papiRateLimitingDao.countAnonymousRequestsWithLimitExceeded(yesterday, anonymousRequestLimit)
- + "\n Count of Public API clients that have exceeded the limit: "
+ + "\nCount of Public API clients that have exceeded the limit: "
+ papiRateLimitingDao.countClientRequestsWithLimitExceeded(yesterday, knownRequestLimit);
LOG .info(SLACK_STATS_MSG);
slackManager.sendAlert(SLACK_STATS_MSG, slackChannel, webhookUrl, webhookUrl);