From 9df6dfacd7a5190d7ff1a8ac005e52aed6cecf69 Mon Sep 17 00:00:00 2001 From: Nuvindu Date: Mon, 2 Oct 2023 14:45:13 +0530 Subject: [PATCH 1/4] Migrate workflows to reuse workflows from ballerina-standard-library repo --- .../workflows/build-timestamped-master.yml | 41 ++--------- .github/workflows/central-publish.yml | 73 ++----------------- .github/workflows/publish-release.yml | 72 +++--------------- .github/workflows/pull-request.yml | 46 +++--------- .github/workflows/trivy-scan.yml | 32 ++------ 5 files changed, 39 insertions(+), 225 deletions(-) diff --git a/.github/workflows/build-timestamped-master.yml b/.github/workflows/build-timestamped-master.yml index da98c69..f31c08b 100644 --- a/.github/workflows/build-timestamped-master.yml +++ b/.github/workflows/build-timestamped-master.yml @@ -9,39 +9,8 @@ on: workflow_dispatch: jobs: - build: - runs-on: ubuntu-latest - if: github.repository_owner == 'ballerina-platform' - steps: - - name: Checkout Repository - uses: actions/checkout@v2 - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - distribution: 'temurin' - java-version: 17.0.7 - - name: Change to Timestamped Version - run: | - startTime=$(TZ="Asia/Kolkata" date +'%Y%m%d-%H%M00') - latestCommit=$(git log -n 1 --pretty=format:"%h") - VERSION=$((grep -w 'version' | cut -d= -f2) < gradle.properties | rev | cut --complement -d- -f1 | rev) - updatedVersion=$VERSION-$startTime-$latestCommit - echo $updatedVersion - sed -i "s/version=\(.*\)/version=$updatedVersion/g" gradle.properties - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - name: Build with Gradle - env: - packageUser: ${{ secrets.BALLERINA_BOT_USERNAME }} - packagePAT: ${{ secrets.BALLERINA_BOT_TOKEN }} - publishUser: ${{ secrets.BALLERINA_BOT_USERNAME }} - publishPAT: ${{ secrets.BALLERINA_BOT_TOKEN }} - run: | - ./gradlew publish --scan --no-daemon - - name: Generate CodeCov Report - uses: codecov/codecov-action@v2 - - name: Upload Artifact - uses: actions/upload-artifact@v2 - with: - name: ballerina-runtime - path: target/ballerina-runtime/ + call_workflow: + name: Run Build Workflow + if: ${{ github.repository_owner == 'ballerina-platform' }} + uses: ballerina-platform/ballerina-standard-library/.github/workflows/build-timestamp-master-template.yml@master + secrets: inherit diff --git a/.github/workflows/central-publish.yml b/.github/workflows/central-publish.yml index b8ea2e3..4007314 100644 --- a/.github/workflows/central-publish.yml +++ b/.github/workflows/central-publish.yml @@ -5,74 +5,17 @@ on: inputs: environment: type: choice - description: Select environment + description: Select Environment required: true options: - - CENTRAL - DEV CENTRAL - STAGE CENTRAL jobs: - publish-release: - runs-on: ubuntu-latest - if: github.repository_owner == 'ballerina-platform' - steps: - - uses: actions/checkout@v2 - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - distribution: 'temurin' - java-version: 17.0.7 - - name: Build with Gradle - env: - packageUser: ${{ github.actor }} - packagePAT: ${{ secrets.GITHUB_TOKEN }} - run: ./gradlew build -x check -x test - - name: Create lib directory if not exists - run: mkdir -p ballerina/lib - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master - with: - scan-type: 'rootfs' - scan-ref: '/github/workspace/ballerina/lib' - format: 'table' - timeout: '10m0s' - exit-code: '1' - - - name: Ballerina Central Push - if: ${{ github.event.inputs.environment == 'CENTRAL' }} - env: - BALLERINA_DEV_CENTRAL: false - BALLERINA_STAGE_CENTRAL: false - BALLERINA_CENTRAL_ACCESS_TOKEN: ${{ secrets.BALLERINA_CENTRAL_ACCESS_TOKEN }} - packageUser: ${{ secrets.BALLERINA_BOT_USERNAME }} - packagePAT: ${{ secrets.BALLERINA_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - run: | - ./gradlew clean build -PpublishToCentral=true - - - name: Ballerina Central Dev Push - if: ${{ github.event.inputs.environment == 'DEV CENTRAL' }} - env: - BALLERINA_DEV_CENTRAL: true - BALLERINA_STAGE_CENTRAL: false - BALLERINA_CENTRAL_ACCESS_TOKEN: ${{ secrets.BALLERINA_CENTRAL_DEV_ACCESS_TOKEN }} - packageUser: ${{ secrets.BALLERINA_BOT_USERNAME }} - packagePAT: ${{ secrets.BALLERINA_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - run: | - sed -i 's/version=\(.*\)-SNAPSHOT/version=\1/g' gradle.properties - ./gradlew clean build -PpublishToCentral=true - - - name: Ballerina Central Stage Push - if: ${{ github.event.inputs.environment == 'STAGE CENTRAL' }} - env: - BALLERINA_DEV_CENTRAL: false - BALLERINA_STAGE_CENTRAL: true - BALLERINA_CENTRAL_ACCESS_TOKEN: ${{ secrets.BALLERINA_CENTRAL_STAGE_ACCESS_TOKEN }} - packageUser: ${{ secrets.BALLERINA_BOT_USERNAME }} - packagePAT: ${{ secrets.BALLERINA_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - run: | - sed -i 's/version=\(.*\)-SNAPSHOT/version=\1/g' gradle.properties - ./gradlew clean build -PpublishToCentral=true + call_workflow: + name: Run Central Publish Workflow + if: ${{ github.repository_owner == 'ballerina-platform' }} + uses: ballerina-platform/ballerina-standard-library/.github/workflows/central-publish-template.yml@master + secrets: inherit + with: + environment: ${{ github.event.inputs.environment }} diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index a01d396..e20ffa9 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -1,67 +1,17 @@ -name: Publish release +name: Publish Release on: workflow_dispatch: repository_dispatch: - types: [ stdlib-release-pipeline ] + types: [stdlib-release-pipeline] jobs: - publish-release: - runs-on: ubuntu-latest - if: github.repository_owner == 'ballerina-platform' - steps: - - uses: actions/checkout@v2 - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - distribution: 'temurin' - java-version: 17.0.7 - - name: Build with Gradle - env: - packageUser: ${{ github.actor }} - packagePAT: ${{ secrets.GITHUB_TOKEN }} - run: | - git config --global user.name ${{ secrets.BALLERINA_BOT_USERNAME }} - git config --global user.email ${{ secrets.BALLERINA_BOT_EMAIL }} - ./gradlew build -x check -x test - - name: Create lib directory if not exists - run: mkdir -p ballerina/lib - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master - with: - scan-type: 'rootfs' - scan-ref: '/github/workspace/ballerina/lib' - format: 'table' - timeout: '10m0s' - exit-code: '1' - - name: Set version env variable - run: echo "VERSION=$((grep -w 'version' | cut -d= -f2) < gradle.properties | rev | cut --complement -d- -f1 | rev)" >> $GITHUB_ENV - - name: Pre release dependency version update - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - run: | - echo "Version: ${VERSION}" - git checkout -b release-${VERSION} - sed -i 's/ballerinaLangVersion=\(.*\)-SNAPSHOT/ballerinaLangVersion=\1/g' gradle.properties - sed -i 's/ballerinaLangVersion=\(.*\)-[0-9]\{8\}-[0-9]\{6\}-.*$/ballerinaLangVersion=\1/g' gradle.properties - sed -i 's/stdlib\(.*\)=\(.*\)-SNAPSHOT/stdlib\1=\2/g' gradle.properties - sed -i 's/stdlib\(.*\)=\(.*\)-[0-9]\{8\}-[0-9]\{6\}-.*$/stdlib\1=\2/g' gradle.properties - git add gradle.properties - git commit -m "Move dependencies to stable version" || echo "No changes to commit" - - name: Publish artifact - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - BALLERINA_CENTRAL_ACCESS_TOKEN: ${{ secrets.BALLERINA_CENTRAL_ACCESS_TOKEN }} - packageUser: ${{ secrets.BALLERINA_BOT_USERNAME }} - packagePAT: ${{ secrets.BALLERINA_BOT_TOKEN }} - publishUser: ${{ secrets.BALLERINA_BOT_USERNAME }} - publishPAT: ${{ secrets.BALLERINA_BOT_TOKEN }} - run: | - ./gradlew clean release -Prelease.useAutomaticVersion=true - ./gradlew -Pversion=${VERSION} publish -x test -PpublishToCentral=true - - name: GitHub Release and Release Sync PR - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - run: | - gh release create v$VERSION --title "module-ballerina-soap-v$VERSION" - gh pr create --base master --title "[Automated] Sync master after $VERSION release" --body "Sync master after $VERSION release" + call_workflow: + name: Run Release Workflow + if: ${{ github.repository_owner == 'ballerina-platform' }} + uses: ballerina-platform/ballerina-standard-library/.github/workflows/release-package-template.yml@master + secrets: inherit + with: + package-name: soap + package-org: ballerina + additional-build-flags: "-x :soap-examples:build" diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 694d25f..bc8e821 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -1,41 +1,13 @@ -name: PR build +name: PR Build + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} + cancel-in-progress: true on: pull_request jobs: - ubuntu-build: - name: Build on Ubuntu - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - distribution: 'temurin' - java-version: 17.0.7 - - name: Build with Gradle - env: - packageUser: ${{ github.actor }} - packagePAT: ${{ secrets.GITHUB_TOKEN }} - run: ./gradlew build - - name: Generate CodeCov Report - if: github.event_name == 'pull_request' - uses: codecov/codecov-action@v2 - with: - token: ${{ secrets.CODECOV_TOKEN }} - - windows-build: - name: Build on Windows - runs-on: windows-latest - steps: - - uses: actions/checkout@v1 - - name: Set up JDK 17 - uses: actions/setup-java@v1 - with: - distribution: 'temurin' - java-version: 17.0.7 - - name: Build with Gradle - env: - packageUser: ${{ github.actor }} - packagePAT: ${{ secrets.GITHUB_TOKEN }} - run: ./gradlew.bat build + call_workflow: + name: Run PR Build Workflow + if: ${{ github.repository_owner == 'ballerina-platform' }} + uses: ballerina-platform/ballerina-standard-library/.github/workflows/pull-request-build-template.yml@master diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml index 5169bc3..61dca80 100644 --- a/.github/workflows/trivy-scan.yml +++ b/.github/workflows/trivy-scan.yml @@ -3,31 +3,11 @@ name: Trivy on: workflow_dispatch: schedule: - - cron: '30 20 * * *' + - cron: "30 20 * * *" jobs: - ubuntu-build: - name: Build on Ubuntu - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - distribution: 'temurin' - java-version: 17.0.7 - - name: Build with Gradle - env: - packageUser: ${{ github.actor }} - packagePAT: ${{ secrets.GITHUB_TOKEN }} - run: ./gradlew build -x check -x test - - name: Create lib directory if not exists - run: mkdir -p ballerina/lib - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master - with: - scan-type: 'rootfs' - scan-ref: '/github/workspace/ballerina/lib' - format: 'table' - timeout: '10m0s' - exit-code: '1' + call_workflow: + name: Run Trivy Scan Workflow + if: ${{ github.repository_owner == 'ballerina-platform' }} + uses: ballerina-platform/ballerina-standard-library/.github/workflows/trivy-scan-template.yml@master + secrets: inherit From 07a06b33c70e2a808a3f5b60844f9367c4588ada Mon Sep 17 00:00:00 2001 From: Nuvindu Date: Tue, 3 Oct 2023 10:20:28 +0530 Subject: [PATCH 2/4] Fix the branch name of the standard library repo --- .github/workflows/build-timestamped-master.yml | 2 +- .github/workflows/central-publish.yml | 2 +- .github/workflows/publish-release.yml | 2 +- .github/workflows/pull-request.yml | 2 +- .github/workflows/trivy-scan.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-timestamped-master.yml b/.github/workflows/build-timestamped-master.yml index f31c08b..b4f793f 100644 --- a/.github/workflows/build-timestamped-master.yml +++ b/.github/workflows/build-timestamped-master.yml @@ -12,5 +12,5 @@ jobs: call_workflow: name: Run Build Workflow if: ${{ github.repository_owner == 'ballerina-platform' }} - uses: ballerina-platform/ballerina-standard-library/.github/workflows/build-timestamp-master-template.yml@master + uses: ballerina-platform/ballerina-standard-library/.github/workflows/build-timestamp-master-template.yml@main secrets: inherit diff --git a/.github/workflows/central-publish.yml b/.github/workflows/central-publish.yml index 4007314..c0bd478 100644 --- a/.github/workflows/central-publish.yml +++ b/.github/workflows/central-publish.yml @@ -15,7 +15,7 @@ jobs: call_workflow: name: Run Central Publish Workflow if: ${{ github.repository_owner == 'ballerina-platform' }} - uses: ballerina-platform/ballerina-standard-library/.github/workflows/central-publish-template.yml@master + uses: ballerina-platform/ballerina-standard-library/.github/workflows/central-publish-template.yml@main secrets: inherit with: environment: ${{ github.event.inputs.environment }} diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index e20ffa9..b9a6cca 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -9,7 +9,7 @@ jobs: call_workflow: name: Run Release Workflow if: ${{ github.repository_owner == 'ballerina-platform' }} - uses: ballerina-platform/ballerina-standard-library/.github/workflows/release-package-template.yml@master + uses: ballerina-platform/ballerina-standard-library/.github/workflows/release-package-template.yml@main secrets: inherit with: package-name: soap diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index bc8e821..6f9a523 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -10,4 +10,4 @@ jobs: call_workflow: name: Run PR Build Workflow if: ${{ github.repository_owner == 'ballerina-platform' }} - uses: ballerina-platform/ballerina-standard-library/.github/workflows/pull-request-build-template.yml@master + uses: ballerina-platform/ballerina-standard-library/.github/workflows/pull-request-build-template.yml@main diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml index 61dca80..f3b9cba 100644 --- a/.github/workflows/trivy-scan.yml +++ b/.github/workflows/trivy-scan.yml @@ -9,5 +9,5 @@ jobs: call_workflow: name: Run Trivy Scan Workflow if: ${{ github.repository_owner == 'ballerina-platform' }} - uses: ballerina-platform/ballerina-standard-library/.github/workflows/trivy-scan-template.yml@master + uses: ballerina-platform/ballerina-standard-library/.github/workflows/trivy-scan-template.yml@main secrets: inherit From 3dc9954814ea148b9d7cea823f19ce0644285b51 Mon Sep 17 00:00:00 2001 From: Nuvindu Date: Wed, 4 Oct 2023 11:02:07 +0530 Subject: [PATCH 3/4] Remove unnecessary code segment --- .github/workflows/publish-release.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index b9a6cca..f5be73e 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -11,7 +11,3 @@ jobs: if: ${{ github.repository_owner == 'ballerina-platform' }} uses: ballerina-platform/ballerina-standard-library/.github/workflows/release-package-template.yml@main secrets: inherit - with: - package-name: soap - package-org: ballerina - additional-build-flags: "-x :soap-examples:build" From 32a174047090b7beb9cd3bbb15584e47e7e5a0dd Mon Sep 17 00:00:00 2001 From: Nuvindu Date: Wed, 4 Oct 2023 12:00:57 +0530 Subject: [PATCH 4/4] Fix issue in the publish-release workflow file --- .github/workflows/publish-release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index f5be73e..b2a680f 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -11,3 +11,6 @@ jobs: if: ${{ github.repository_owner == 'ballerina-platform' }} uses: ballerina-platform/ballerina-standard-library/.github/workflows/release-package-template.yml@main secrets: inherit + with: + package-name: soap + package-org: ballerina