Skip to content

Commit

Permalink
backport of commit a4ac202
Browse files Browse the repository at this point in the history
  • Loading branch information
dduzgun-security authored Dec 17, 2024
1 parent 7746f29 commit 2f44fde
Show file tree
Hide file tree
Showing 78 changed files with 214 additions and 586 deletions.
3 changes: 0 additions & 3 deletions .changelog/24415.txt

This file was deleted.

3 changes: 0 additions & 3 deletions .changelog/24668.txt

This file was deleted.

35 changes: 0 additions & 35 deletions .github/pull_request_template.md

This file was deleted.

14 changes: 7 additions & 7 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -90,15 +90,15 @@ jobs:
with:
ref: ${{ github.event.inputs.build-ref }}
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}

- name: Build dependencies
run: make deps

- name: Setup node and yarn
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: "18"
cache-dependency-path: "ui/yarn.lock"
Expand Down Expand Up @@ -142,15 +142,15 @@ jobs:
with:
ref: ${{ github.event.inputs.build-ref }}
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}

- name: Build dependencies
run: make deps

- name: Setup node and yarn
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: "18"
cache-dependency-path: "ui/yarn.lock"
Expand Down Expand Up @@ -265,15 +265,15 @@ jobs:
run: git config --global url.'https://${{ env.ELEVATED_GITHUB_TOKEN }}@github.com'.insteadOf 'https://github.com'

- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ needs.get-go-version.outputs.go-version }}

- name: Build dependencies
run: make deps

- name: Setup node and yarn
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: "18"
cache-dependency-path: "ui/yarn.lock"
Expand Down Expand Up @@ -356,7 +356,7 @@ jobs:
goos: [linux]
goarch: [amd64]
steps:
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{needs.get-go-version.outputs.go-version}}
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,9 @@ jobs:
- name: Git config token
if: endsWith(github.repository, '-enterprise')
run: git config --global url.'https://${{ env.ELEVATED_GITHUB_TOKEN }}@github.com'.insteadOf 'https://github.com'
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
cache: true
go-version-file: .go-version
cache-dependency-path: '**/go.sum'
- name: Run make check
Expand Down
87 changes: 87 additions & 0 deletions .github/workflows/ember-test-audit.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
name: Ember test audit comparison
on:
pull_request:
paths:
- '.github/workflows/ember*'
- 'ui/**'

defaults:
run:
working-directory: ui

# There’s currently no way to share steps between jobs so there’s a lot of duplication
# for running the audit for the base and PR.
jobs:
time-base:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.base.sha }}
- uses: nanasess/setup-chromedriver@42cc2998329f041de87dc3cfa33a930eacd57eaa # v2.2.2
- name: Use Node.js
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: '18'
- run: yarn --frozen-lockfile
- run: mkdir -p /tmp/test-reports
- run: npx ember-test-audit 1 --json --output ../base-audit.json
- name: Upload result
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: base-audit
path: base-audit.json
time-pr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: nanasess/setup-chromedriver@42cc2998329f041de87dc3cfa33a930eacd57eaa # v2.2.2
- name: Use Node.js
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: '18'
- run: yarn --frozen-lockfile
- run: mkdir -p /tmp/test-reports
- run: npx ember-test-audit 1 --json --output ../pr-audit.json
- name: Upload result
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: pr-audit
path: pr-audit.json
compare:
needs: [time-base, time-pr]
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: base-audit
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: pr-audit
- uses: backspace/ember-test-audit-comparison-action@21e9492d0033bc7e84b6189ae94537a6ed045cfa # v2
with:
base-report-path: base-audit.json
comparison-report-path: pr-audit.json
base-identifier: ${{ github.event.pull_request.base.ref }}
comparison-identifier: ${{ github.event.pull_request.head.sha }}
timing-output-path: audit-diff.md
flakiness-output-path: flakiness-report.md
- uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
path: audit-diff.md
- name: Check for existence of flakiness report
id: check_file
uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
with:
files: "flakiness-report.md"
- name: comment PR
if: steps.check_file.outputs.files_exists == 'true'
uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
message-path: flakiness-report.md
permissions:
contents: read
pull-requests: write
4 changes: 2 additions & 2 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -82,12 +82,12 @@ jobs:
echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT"
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ steps.get-go-version.outputs.go-version }}

- name: Setup node and yarn
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: "18"
cache-dependency-path: "ui/yarn.lock"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/security-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:

steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/test-core.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ jobs:
timeout-minutes: 20
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand All @@ -74,7 +74,7 @@ jobs:
timeout-minutes: 8
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: true
go-version-file: .go-version
Expand Down Expand Up @@ -102,7 +102,7 @@ jobs:
- quick
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/test-e2e.yml
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ jobs:
- name: Git config token
if: endsWith(github.repository, '-enterprise')
run: git config --global url.'https://${{ env.ELEVATED_GITHUB_TOKEN }}@github.com'.insteadOf 'https://github.com'
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand All @@ -70,7 +70,7 @@ jobs:
- name: Git config token
if: endsWith(github.repository, '-enterprise')
run: git config --global url.'https://${{ secrets.ELEVATED_GITHUB_TOKEN }}@github.com'.insteadOf 'https://github.com'
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
cache: ${{ contains(runner.name, 'Github Actions') }}
go-version-file: .go-version
Expand Down
40 changes: 5 additions & 35 deletions .github/workflows/test-ui.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,14 @@ name: test-ui
on:
pull_request:
paths:
- "ui/**"
- 'ui/**'
push:
branches:
- main
- release/**
- test-ui
paths:
- "ui/**"
- 'ui/**'

jobs:
pre-test:
Expand All @@ -36,15 +36,14 @@ jobs:
- pre-test
runs-on: ${{ endsWith(github.repository, '-enterprise') && fromJSON('["self-hosted", "ondemand", "linux", "type=m7a.2xlarge;m6a.2xlarge"]') || 'ubuntu-latest' }}
timeout-minutes: 30
continue-on-error: true
defaults:
run:
working-directory: ui
strategy:
matrix:
partition: [1, 2, 3, 4]
split: [4]
# Note: If we ever change the number of partitions, we'll need to update the
# finalize.combine step to match
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-js
Expand All @@ -64,19 +63,8 @@ jobs:
env:
PERCY_TOKEN: ${{ env.PERCY_TOKEN || secrets.PERCY_TOKEN }}
PERCY_PARALLEL_NONCE: ${{ needs.pre-test.outputs.nonce }}
run: |
yarn exam:parallel --split=${{ matrix.split }} --partition=${{ matrix.partition }} --json-report=test-results/test-results.json
continue-on-error: true
- name: Express timeout failure
if: ${{ failure() }}
run: exit 1
- name: Upload partition test results
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: test-results-${{ matrix.partition }}
path: ui/test-results/test-results.json
retention-days: 90
run: yarn exam:parallel --split=${{ matrix.split }} --partition=${{ matrix.partition }}

finalize:
needs:
- pre-test
Expand All @@ -100,24 +88,6 @@ jobs:
jwtGithubAudience: ${{ vars.CI_VAULT_AUD }}
secrets: |-
kv/data/teams/nomad/ui PERCY_TOKEN ;
- name: Download all test results
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
pattern: test-results-*
path: test-results

- name: Combine test results for comparison
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
run: node ../scripts/combine-ui-test-results.js
- name: Upload combined results for comparison
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: test-results-${{ github.sha }}
path: ui/combined-test-results.json
retention-days: 90

- name: finalize
env:
PERCY_TOKEN: ${{ env.PERCY_TOKEN || secrets.PERCY_TOKEN }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test-windows.yml
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:
- run: git config --global core.autocrlf false
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: ".go-version"
- name: Show installed Go version
Expand Down
7 changes: 0 additions & 7 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -137,10 +137,3 @@ tools/missing/missing

# allow security scanner file
!scan.hcl

# generated variables for upgrade tests
enos.vars.hcl
enos/modules/*/*.tfvars

# local license files
*.hclic
Loading

0 comments on commit 2f44fde

Please sign in to comment.