From e470dd3bf66a7ba42163ce6057db0a8e5cff9ed2 Mon Sep 17 00:00:00 2001
From: Scott Fryer <scfryer@redhat.com>
Date: Thu, 2 May 2024 11:10:32 +0100
Subject: [PATCH 1/6] GHA: Migrate semgrep action to centralised workflow

---
 .github/workflows/semgrep_diff.yml | 20 +++-----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/semgrep_diff.yml b/.github/workflows/semgrep_diff.yml
index 4ba7372953..ba18848d55 100644
--- a/.github/workflows/semgrep_diff.yml
+++ b/.github/workflows/semgrep_diff.yml
@@ -4,20 +4,6 @@ on:
   pull_request:
 
 jobs:
-  semgrep-diff:
-    runs-on: ubuntu-latest
-    container:
-      image: returntocorp/semgrep
-
-    steps:
-      # Step 1: Clone application source code
-      - name: Checkout code
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
-        with:
-          fetch-depth: 0
-
-      # Step 2: Differential scan
-      - name: Differential scan
-        run: |
-          semgrep ci \
-            --config="p/trailofbits"
+  codefreeze:
+    uses: adoptium/.github/.github/workflows/semgrep_diff.yml@main
+    secrets: inherit

From 67507d0ccb3e68620065d59a8e081e8e8ad51996 Mon Sep 17 00:00:00 2001
From: Scott Fryer <scfryer@redhat.com>
Date: Thu, 2 May 2024 11:16:28 +0100
Subject: [PATCH 2/6] Test GHA

---
 ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml
index acbe6830fd..fc7adac135 100644
--- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml
+++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml
@@ -129,8 +129,8 @@
         - ansible_distribution != "Solaris"
         - ansible_architecture != "armv7l"
       tags: build_tools
-    - role: Nagios_Plugins        # AdoptOpenJDK Infrastructure
-      tags: [nagios_plugins, adoptopenjdk]
+    # - role: Nagios_Plugins        # AdoptOpenJDK Infrastructure
+    #  tags: [nagios_plugins, adoptopenjdk]
     - riscv_cross_compiler        # For building JDK11/J9 on RISC-V architecture
     - Clean_Up
     - Security

From c9536ca2c58b46724d433a0178a4b37fc8fd8a64 Mon Sep 17 00:00:00 2001
From: Scott Fryer <scfryer@redhat.com>
Date: Thu, 2 May 2024 11:17:36 +0100
Subject: [PATCH 3/6] Fix job name

---
 .github/workflows/semgrep_diff.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/semgrep_diff.yml b/.github/workflows/semgrep_diff.yml
index ba18848d55..400b56e4b7 100644
--- a/.github/workflows/semgrep_diff.yml
+++ b/.github/workflows/semgrep_diff.yml
@@ -4,6 +4,6 @@ on:
   pull_request:
 
 jobs:
-  codefreeze:
+  semgrep_diff:
     uses: adoptium/.github/.github/workflows/semgrep_diff.yml@main
     secrets: inherit

From eb6cc98d325232acd47983e2777cfcc4b67987c2 Mon Sep 17 00:00:00 2001
From: Scott Fryer <scfryer@redhat.com>
Date: Thu, 2 May 2024 11:18:40 +0100
Subject: [PATCH 4/6] Remove secrets

---
 .github/workflows/semgrep_diff.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/semgrep_diff.yml b/.github/workflows/semgrep_diff.yml
index 400b56e4b7..cb5f228812 100644
--- a/.github/workflows/semgrep_diff.yml
+++ b/.github/workflows/semgrep_diff.yml
@@ -4,6 +4,5 @@ on:
   pull_request:
 
 jobs:
-  semgrep_diff:
+  semgrep-diff:
     uses: adoptium/.github/.github/workflows/semgrep_diff.yml@main
-    secrets: inherit

From 4c619fa86bb3ebc67a97e751229499e281db036e Mon Sep 17 00:00:00 2001
From: Scott Fryer <scfryer@redhat.com>
Date: Thu, 2 May 2024 11:23:51 +0100
Subject: [PATCH 5/6] Test Mac Fix

---
 .../AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml
index 1b5f24865c..a24e4a1e2f 100644
--- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml
+++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml
@@ -8,7 +8,7 @@
 Build_Tool_Packages:
   - autoconf
   - automake # for compiling freetype on JDK8u
-  - cmake # OpenJ9
+  - homebrew/cask/cmake # OpenJ9
   - coreutils
   - gnupg
   - gnu-sed

From f57e684cdaf2bfba4b88f0573f72a87192896c67 Mon Sep 17 00:00:00 2001
From: Scott Fryer <scfryer@redhat.com>
Date: Thu, 2 May 2024 11:28:03 +0100
Subject: [PATCH 6/6] GHA Test

---
 ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml         | 4 ++--
 .../AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml
index fc7adac135..acbe6830fd 100644
--- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml
+++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/main.yml
@@ -129,8 +129,8 @@
         - ansible_distribution != "Solaris"
         - ansible_architecture != "armv7l"
       tags: build_tools
-    # - role: Nagios_Plugins        # AdoptOpenJDK Infrastructure
-    #  tags: [nagios_plugins, adoptopenjdk]
+    - role: Nagios_Plugins        # AdoptOpenJDK Infrastructure
+      tags: [nagios_plugins, adoptopenjdk]
     - riscv_cross_compiler        # For building JDK11/J9 on RISC-V architecture
     - Clean_Up
     - Security
diff --git a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml
index a24e4a1e2f..1b5f24865c 100644
--- a/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml
+++ b/ansible/playbooks/AdoptOpenJDK_Unix_Playbook/roles/Common/vars/MacOSX.yml
@@ -8,7 +8,7 @@
 Build_Tool_Packages:
   - autoconf
   - automake # for compiling freetype on JDK8u
-  - homebrew/cask/cmake # OpenJ9
+  - cmake # OpenJ9
   - coreutils
   - gnupg
   - gnu-sed