Skip to content

Commit

Permalink
Added build and release steps
Browse files Browse the repository at this point in the history
  • Loading branch information
@haerter-tss
haerter-tss committed Jul 11, 2024
1 parent adf745a commit 523b01a
Show file tree
Hide file tree
Showing 3 changed files with 220 additions and 0 deletions.
1 change: 1 addition & 0 deletions .github/workflows/_build+publish-pds-solution.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ jobs:
export OWASPZAP_VERSION
export OWASPZAP_SHA256SUM
export OWASPZAP_WRAPPER_VERSION
export PREPARE_WRAPPER_VERSION
export PMD_VERSION
export SCANCODE_VERSION
export SPDX_TOOL_VERSION
Expand Down
6 changes: 6 additions & 0 deletions .github/workflows/build+publish-all-pds-solutions.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,12 @@ jobs:
pds-solution: owaspzap
pds-version: ${{ inputs.pds-version }}

call_build_pds-prepare:
uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
with:
pds-solution: prepare
pds-version: ${{ inputs.pds-version }}

call_build-and-publish-pmd:
uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
with:
Expand Down
213 changes: 213 additions & 0 deletions .github/workflows/release-wrapper-prepare.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,213 @@
# SPDX-License-Identifier: MIT
name: Release wrapper for Prepare

on:
workflow_dispatch:
inputs:
actor-email:
description: Insert your email address here. It will be used in the generated pull requests
required: true
prepare-wrapper-version:
description: Prepare-wrapper Version (e.g. 1.0.0)
required: true
prepare-wrapper-milestone-number:
description: Prepare-wrapper Milestone number (e.g. 91)
required: true
jobs:
release-version:
name: Create Prepare-wrapper release
runs-on: ubuntu-latest
steps:
- name: "Show Inputs"
run: |
echo "actor-email: '${{ inputs.actor-email }}'"
echo "Prepare-wrapper '${{ inputs.prepare-wrapper-version }}' - Milestone '${{ inputs.prepare-wrapper-milestone-number }}'"
- name: Checkout branch master
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
ref: master

# Create temporary local tags, so we build documentation for this tag...
# The final tag on git server side will be done automatically by the release when the draft is saved as "real" release
- name: Tag Prepare Wrapper version v${{ inputs.prepare-wrapper-version }}-prepare-wrapper (temporarily)
run: git tag v${{ inputs.prepare-wrapper-version }}-prepare-wrapper

# ----------------------
# Setup + Caching
# ----------------------
- name: Set up JDK 17
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
with:
java-version: 17
distribution: temurin

- name: Set up Gradle
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda
with:
cache-read-only: false

# ----------------------
# Create a pull request if license headers are missing
# ----------------------
- name: run apply-headers.sh
id: apply-headers
run: |
git config user.name "$GITHUB_TRIGGERING_ACTOR (via github-actions)"
git config user.email "${{ inputs.actor-email }}"
./apply-headers.sh
git commit -am "SPDX headers added by SecHub release job @github-actions" || true
COMMITS=`git log --oneline --branches --not --remotes`
echo "commits=$COMMITS" >> $GITHUB_OUTPUT
- name: Create a pull request for SPDX license headers
id: pr_spdx_headers
if: steps.apply-headers.outputs.commits != ''
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e
with:
branch: release-spdx-headers
branch-suffix: short-commit-hash
delete-branch: true
title: '0 - Before prepare-wrapper release: Add missing SPDX license headers [auto-generated]'
body: |
Auto-generated by Github Actions prepare-wrapper release job.
-> Please review and merge **before** publishing the prepare-wrapper release.
- name: Print PR infos
if: steps.apply-headers.outputs.commits != ''
run: |
echo "Pull Request Number - ${{ steps.pr_spdx_headers.outputs.pull-request-number }}"
echo "Pull Request URL - ${{ steps.pr_spdx_headers.outputs.pull-request-url }}"
- name: Switch back to master branch
run: git checkout master

# -----------------------------------------
# Build SecHub Prepare Wrapper
# -----------------------------------------
- name: Build Prepare Wrapper
run: ./gradlew :sechub-wrapper-prepare:buildWrapperPrepare

# -----------------------------------------
# Upload build artifacts
# -----------------------------------------
- name: Inspect GIT status
if: always()
run: |
mkdir build/reports -p
git status > build/reports/git-status.txt
- name: Archive GIT status
if: always()
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
with:
name: git-status.txt
path: build/reports/git-status.txt
retention-days: 14

- name: Archive Prepare Wrapper libs directory
if: always()
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
with:
name: sechub-wrapper-prepare
path: sechub-wrapper-prepare/build/libs
retention-days: 14

- name: Switch back to master branch
run: git checkout master

# -----------------------------------------
# Assert releaseable, so no dirty flags on releases
# even when all artifact creation parts are done!
# -----------------------------------------
- name: Assert releasable
run: ./gradlew assertReleaseable

- name: Create Prepare Wrapper release
id: create_prepare-wrapper_release
uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
with:
tag_name: v${{ inputs.prepare-wrapper-version }}-prepare-wrapper
commitish: master
release_name: Prepare Wrapper Version ${{ inputs.prepare-wrapper-version }}
body: |
Changes in this Release
- Some minor changes on Prepare Wrapper implementation
For more details please look at [Milestone ${{inputs.prepare-wrapper-milestone-number}}]( https://github.com/mercedes-benz/sechub/milestone/${{inputs.prepare-wrapper-milestone-number}}?closed=1)
draft: true
prerelease: false

# -----------------------------------------
# Upload release artifacts
# -----------------------------------------
- name: Create files and sha256 checksum for Prepare Wrapper jar
run: |
cd sechub-wrapper-prepare/build/libs/
sha256sum sechub-pds-wrapper-prepare-${{ inputs.prepare-wrapper-version }}.jar > sechub-pds-wrapper-prepare-${{ inputs.prepare-wrapper-version }}.jar.sha256sum
- name: Upload asset sechub-pds-wrapper-prepare-${{ inputs.prepare-wrapper-version }}.jar
uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_prepare-wrapper_release.outputs.upload_url }}
asset_path: sechub-wrapper-prepare/build/libs/sechub-pds-wrapper-prepare-${{ inputs.prepare-wrapper-version }}.jar
asset_name: sechub-pds-wrapper-prepare-${{ inputs.prepare-wrapper-version }}.jar
asset_content_type: application/zip

- name: Upload asset sechub-pds-wrapper-prepare-${{ inputs.prepare-wrapper-version }}.jar.sha256sum
uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_prepare-wrapper_release.outputs.upload_url }}
asset_path: sechub-wrapper-prepare/build/libs/sechub-pds-wrapper-prepare-${{ inputs.prepare-wrapper-version }}.jar.sha256sum
asset_name: sechub-pds-wrapper-prepare-${{ inputs.prepare-wrapper-version }}.jar.sha256sum
asset_content_type: text/plain

# -----------------------------------------
# Create release issue
# -----------------------------------------
- name: Create Prepare Wrapper ${{ inputs.prepare-wrapper-version }} release issue
uses: dacbd/create-issue-action@main
with:
token: ${{ github.token }}
title: Release Prepare Wrapper ${{ inputs.prepare-wrapper-version }}
body: |
See [Milestone ${{inputs.prepare-wrapper-milestone-number}}]( https://github.com/mercedes-benz/sechub/milestone/${{inputs.prepare-wrapper-milestone-number}}?closed=1) for details.
Please close this issue after the release.
milestone: ${{ inputs.prepare-wrapper-milestone-number }}

# -----------------------------------------
# Create a pull request for merging back `master` into `develop`
# -----------------------------------------
- name: pull-request master to develop
id: pr_master_to_develop
continue-on-error: true
uses: repo-sync/pull-request@7e79a9f5dc3ad0ce53138f01df2fad14a04831c5
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
source_branch: "master"
destination_branch: "develop"
pr_allow_empty: true # should allow an empty PR, but seems not to work
pr_title: '2 - After Prepare Wrapper release: Merge master back into develop [auto-generated]'
pr_body: |
Merge master branch back into develop
-> Please merge **after** the release has been published.
- name: Print PR infos if PR was created
if: steps.pr_master_to_develop.outcome == 'success'
run: |
echo "Pull Request Number - ${{ steps.pr_master_to_develop.outputs.pr_number }}"
echo "Pull Request URL - ${{ steps.pr_master_to_develop.outputs.pr_url }}"
- name: Print info if no PR was created
if: steps.pr_master_to_develop.outcome != 'success'
run: |
echo "Nothing to merge - no pull request necessary."

0 comments on commit 523b01a

Please sign in to comment.