-
Notifications
You must be signed in to change notification settings - Fork 1
308 lines (265 loc) · 10.7 KB
/
pr.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
name: PR CI
on:
pull_request_target:
types:
- opened
- edited
- synchronize
- reopened
env:
GO111MODULE: on
GO_VERSION: 1.21
NODE_VERSION: 22
LINT_ARGS: -v --skip-files .*_test.go --timeout 5m0s --out-format colored-line-number
GOLANGCI_LINT_VERSION: v1.50
TEST_ARGS: -v -short -coverprofile=coverage.out
jobs:
validate_pr_title_job:
if: ${{ ! contains(github.head_ref, 'release-please--branches--main') }}
name: Validate PR title
runs-on: ubuntu-latest
steps:
- uses: amannn/action-semantic-pull-request@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
requireScope: false
# Configure additional validation for the subject based on a regex.
# This example ensures the subject doesn't start with an uppercase character.
subjectPattern: ^(?![A-Z]).+$
# If `subjectPattern` is configured, you can use this property to override
# the default error message that is shown when the pattern doesn't match.
# The variables `subject` and `title` can be used within the message.
subjectPatternError: |
The subject "{subject}" found in the pull request title "{title}"
didn't match the configured pattern. Please ensure that the subject
doesn't start with an uppercase character.
# Linting multiple Dockerfiles to ensure adherence to best practices and coding standards.
hadolint_job:
if: ${{ ! contains(github.head_ref, 'release-please--branches--main') }}
name: Hadolint
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
dockerfile:
- ./validator/docker/csv-validator/Dockerfile
- ./validator/docker/validator/Dockerfile
- ./validator/docker/xml-validator/Dockerfile
- ./registry/docker/compatibility-checker/Dockerfile
- ./registry/docker/initdb/Dockerfile
- ./registry/docker/registry/Dockerfile
- ./registry/docker/validity-checker/Dockerfile
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Run Hadolint for ${{ matrix.dockerfile }}
uses: hadolint/[email protected]
with:
config: ./.hadolint.yaml
dockerfile: ${{ matrix.dockerfile }}
editor_config_job:
if: ${{ ! contains(github.head_ref, 'release-please--branches--main') }}
name: Check editor config
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Editor Config
run: |
npm install --save-dev editorconfig-checker
./node_modules/.bin/editorconfig-checker
# Ensures that the code adheres to the lint checks defined in .golangci.yaml.
lint_job:
if: ${{ ! contains(github.head_ref, 'release-please--branches--main') }}
name: Go lint
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
component:
- ./registry
- ./validator
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v4
# Using `tj-actions/changed-files` to check if any files in the component folder have changes
- name: Check if component folder has changed
id: check_changed_files
uses: tj-actions/changed-files@v45
with:
files: ${{ matrix.component }}/**
# Running lint steps if changes are detected in the component folder
- name: Set up Go
if: steps.check_changed_files.outputs.any_changed == 'true'
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
# Add all component folders for monorepos
cache-dependency-path: |
${{ matrix.component }}/go.sum
- name: Tidy Go mod for ${{ matrix.component }}
if: steps.check_changed_files.outputs.any_changed == 'true'
run: |
cd ${{ matrix.component }}
go mod tidy
- name: Run Go Lint for ${{ matrix.component }}
if: steps.check_changed_files.outputs.any_changed == 'true'
uses: golangci/golangci-lint-action@v6
with:
version: v1.61.0
args: ${{env.LINT_ARGS}}
skip-cache: true
skip-save-cache: true
working-directory: ${{ matrix.component }}
licenses_check_job:
if: ${{ ! contains(github.head_ref, 'release-please--branches--main') }}
name: 3rd party licenses check
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Retrieve PR and branch info
run: |
PR_TITLE="chore: update 3rd-party licenses (#${{ github.event.number }})"
PR_INFO=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/repos/${{ github.repository }}/pulls?state=open" | \
jq --arg TITLE "$PR_TITLE" '.[] | select(.title == $TITLE) | { number: .number, head: .head.ref }')
echo "PR_INFO=$PR_INFO"
PR_NUMBER=$(echo "$PR_INFO" | jq -r .number)
BRANCH_NAME=$(echo "$PR_INFO" | jq -r .head)
echo "PR_TITLE=$PR_TITLE" >> $GITHUB_ENV
echo "PR_NUMBER=$PR_NUMBER" >> $GITHUB_ENV
echo "BRANCH_NAME=${BRANCH_NAME:-update-third-party-licenses-${{ github.run_id }}}" >> $GITHUB_ENV
echo "PARENT_BRANCH=${{ github.head_ref }}" >> $GITHUB_ENV
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
# if PR already exists
- name: Pull latest changes to existing branch
if: env.PR_NUMBER != ''
run: |
git fetch origin
git switch ${{ env.BRANCH_NAME }}
git pull origin ${{ env.PARENT_BRANCH }} --no-rebase
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
# Add all component folders for monorepos
cache-dependency-path: |
./registry/go.sum
./validator/go.sum
- name: Install Go licenses
run: go install github.com/google/[email protected]
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.9'
cache: 'pip'
cache-dependency-path: '.github/workflows/requirements.txt'
- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install -r .github/workflows/requirements.txt
- name: Run go mod tidy, go mod vendor & license check
# switch to each component folder first
run: |
cd ./registry
go mod tidy
go mod vendor
go-licenses report ./... 2>/dev/null | python ../.github/workflows/generate_and_check_licenses.py
cd ../validator
go mod tidy
go mod vendor
go-licenses report ./... 2>/dev/null | python ../.github/workflows/generate_and_check_licenses.py
- name: Check and Commit changes
run: |
git add ./registry/licenses ./validator/licenses
if ! git diff-index --quiet HEAD; then
git commit -m "chore: update third party licenses"
echo "changes_committed=true" >> $GITHUB_ENV
else
echo "changes_committed=false" >> $GITHUB_ENV
fi
# This will fail if the incorrect go.mod or go.sum is committed
- name: Push changes
if: env.changes_committed == 'true'
run: |
git diff
if [[ -z "$PR_NUMBER" ]]; then
git switch -c ${{ env.BRANCH_NAME }}
fi
git push origin HEAD
- name: Create new PR
if: env.changes_committed == 'true' && env.PR_NUMBER == ''
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
echo "Creating a new PR..."
gh pr create --base "${{ env.PARENT_BRANCH }}" --head "update-third-party-licenses-${{ github.run_id }}" --title "${{ env.PR_TITLE }}" --body "This is an automated PR that updates the list of 3rd party licenses."
# Runs unit tests for all components in this repo
test_job:
if: ${{ ! contains(github.head_ref, 'release-please--branches--main') }}
name: Test job
runs-on: ubuntu-latest
strategy:
matrix:
component:
- ./registry
- ./validator
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
# Add all component folders for monorepos
cache-dependency-path: |
${{ matrix.component }}/go.sum
- name: Tidy Go mod for ${{ matrix.component }}
working-directory: ${{ matrix.component }}
run: go mod tidy
- name: Run Go Test for ${{ matrix.component }}
working-directory: ${{ matrix.component }}
run: go test ${{env.TEST_ARGS}} ./...
# Builds docker images for all components of the repo to test if they can successfully be built
test_docker_image_builds_job:
if: ${{ ! contains(github.head_ref, 'release-please--branches--main') }}
name: Test docker image builds
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
component:
- dockerfile-path: ./validator/docker/csv-validator/Dockerfile
image-name: schema-registry-csv-val
- dockerfile-path: ./validator/docker/validator/Dockerfile
image-name: schema-registry-validator
- dockerfile-path: ./validator/docker/xml-validator/Dockerfile
image-name: schema-registry-xml-val
- dockerfile-path: ./registry/docker/compatibility-checker/Dockerfile
image-name: schema-registry-compatibility
- dockerfile-path: ./registry/docker/initdb/Dockerfile
image-name: schema-registry-initdb
- dockerfile-path: ./registry/docker/registry/Dockerfile
image-name: schema-registry-api
- dockerfile-path: ./registry/docker/validity-checker/Dockerfile
image-name: schema-registry-validity
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Set Tag
run: |
TAG="build-docker-test"
echo "TAG=$TAG" >> $GITHUB_ENV # Exporting the TAG variable to the environment
- name: Build Docker image
run: |
docker build -t ${{ matrix.component.image-name }}:${{ env.TAG }} -f ${{ matrix.component.dockerfile-path }} .