diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 6cc44fd..0000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,107 +0,0 @@ -version: 2.1 - -orbs: - codecov: codecov/codecov@1 - snyk: snyk/snyk@0.0.10 - -executors: - java: - docker: - - image: cimg/openjdk:11.0 - -commands: - gradle: - description: 'Run the provided gradle command' - parameters: - args: - type: string - when: - default: "on_success" - type: enum - enum: ["on_fail", "on_success", "always"] - steps: - - run: - name: << parameters.args >> - command: ./gradlew << parameters.args >> --info --max-workers=2 -Dorg.gradle.jvmargs=-Xmx2g -Dorg.gradle.console=plain --continue - when: << parameters.when >> - setup_build_environment: - description: 'Generates cache key from a hash of all gradle files' - steps: - - checkout - - run: - name: Generate cache key - command: find . -type f -name "*.gradle*" -o -name "gradle-wrapper*" -exec shasum {} + | sort > /tmp/checksum.txt && cat /tmp/checksum.txt - - restore_cache: - keys: - - v1-dependencies-{{ checksum "/tmp/checksum.txt" }} - # fallback to using the latest cache if no exact match is found - - v1-dependencies- - populate_and_save_cache: - description: 'Downloads all gradle dependencies and uploads cache for later use' - steps: - - gradle: - args: downloadDependencies - - save_cache: - paths: - - ~/.gradle - key: v1-dependencies-{{ checksum "/tmp/checksum.txt" }} - -jobs: - build: - executor: java - steps: - - setup_build_environment - - setup_remote_docker - - populate_and_save_cache - - gradle: - args: build - - gradle: - args: jacocoTestReport - - gradle: - args: copyAllReports --output-dir=/tmp/test-reports - when: always - - codecov/upload - - store_test_results: - path: /tmp/test-reports - - store_artifacts: - path: /tmp/test-reports - destination: reports - - publish: - executor: java - steps: - - setup_build_environment - - setup_remote_docker - - gradle: - args: :tag -Prelease - - add_ssh_keys: - fingerprints: - - '3d:92:e9:3f:26:4c:0f:2b:34:0c:be:ba:38:71:13:89' - - run: git push origin $(./gradlew -q :printVersion) - - gradle: - args: publish - snyk-scan: - executor: java - environment: - GRADLE_OPTS: -Dorg.gradle.workers.max=1 # Snyk doesn't handle parallelism well - steps: - - setup_build_environment - - snyk/scan: - additional-arguments: --all-sub-projects - -workflows: - version: 2 - build-and-publish: - jobs: - - build - - snyk-scan: - context: hypertrace-vulnerability-scanning - - publish: - context: hypertrace-publishing - requires: - - build - - snyk-scan - filters: - branches: - only: - - main diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 9b4f6c9..da3e929 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2,3 +2,6 @@ # global * @buchi-busireddy @tim-mwangi @surajpuvvada @avinashkolluru + +# GH action +.github/ @aaron-steinfeld @jbahire @kotharironak @buchi-busireddy \ No newline at end of file diff --git a/.github/workflows/pr-build.yml b/.github/workflows/pr-build.yml new file mode 100644 index 0000000..caa6cb3 --- /dev/null +++ b/.github/workflows/pr-build.yml @@ -0,0 +1,56 @@ +name: build and validate +on: + push: + branches: + - main + pull_request_target: + branches: + - main + +jobs: + + build: + runs-on: ubuntu-20.04 + steps: + # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation + - name: Check out code + uses: actions/checkout@v2.3.4 + with: + ref: ${{github.event.pull_request.head.ref}} + repository: ${{github.event.pull_request.head.repo.full_name}} + fetch-depth: 0 + + - name: create checksum file + uses: hypertrace/github-actions/checksum@main + + - name: Cache packages + id: cache-packages + uses: actions/cache@v2 + with: + path: ~/.gradle + key: gradle-packages-${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/checksum.txt') }} + restore-keys: | + gradle-packages-${{ runner.os }}-${{ github.job }} + gradle-packages-${{ runner.os }} + + - name: Build with Gradle + uses: hypertrace/github-actions/gradle@main + with: + args: build + + snyk-scan: + runs-on: ubuntu-20.04 + steps: + # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation + - name: Check out code + uses: actions/checkout@v2.3.4 + with: + ref: ${{github.event.pull_request.head.ref}} + repository: ${{github.event.pull_request.head.repo.full_name}} + fetch-depth: 0 + - name: Setup snyk + uses: snyk/actions/setup@0.3.0 + - name: Snyk test + run: snyk test --all-sub-projects --org=hypertrace --severity-threshold=low --policy-path=.snyk --configuration-matching='^runtimeClasspath$' + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} diff --git a/.github/workflows/pr-test.yml b/.github/workflows/pr-test.yml new file mode 100644 index 0000000..cb8501e --- /dev/null +++ b/.github/workflows/pr-test.yml @@ -0,0 +1,60 @@ +name: test +on: + push: + branches: + - main + pull_request: + +jobs: + test: + runs-on: ubuntu-20.04 + steps: + # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation + - name: Check out code + uses: actions/checkout@v2.3.4 + with: + fetch-depth: 0 + + - name: create checksum file + uses: hypertrace/github-actions/checksum@main + + - name: Cache packages + id: cache-packages + uses: actions/cache@v2 + with: + path: ~/.gradle + key: gradle-packages-${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/checksum.txt') }} + restore-keys: | + gradle-packages-${{ runner.os }}-${{ github.job }} + gradle-packages-${{ runner.os }} + + - name: Unit test + uses: hypertrace/github-actions/gradle@main + with: + args: jacocoTestReport + + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v1 + with: + name: unit test reports + fail_ci_if_error: true + flags: unit + + - name: copy test reports + uses: hypertrace/github-actions/gradle@main + with: + args: copyAllReports --output-dir=/tmp/test-reports + + - name: Archive test reports + uses: actions/upload-artifact@v1 + with: + name: test-reports + path: /tmp/test-reports + if: always() + + - name: Publish Unit Test Results + uses: docker://ghcr.io/enricomi/publish-unit-test-result-action:v1.6 + if: always() + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + files: ./**/build/test-results/**/*.xml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..336a604 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,39 @@ +name: Publish artifacts +on: +# Will only run when release is published. + release: + types: + - created + workflow_dispatch: + +jobs: + publish-artifacts: + runs-on: ubuntu-20.04 + steps: + # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation + - name: Check out code + uses: actions/checkout@v2.3.4 + with: + fetch-depth: 0 + + - name: create checksum file + uses: hypertrace/github-actions/checksum@main + + - name: Cache packages + uses: actions/cache@v2 + with: + path: ~/.gradle + key: gradle-packages-${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/checksum.txt') }} + restore-keys: | + gradle-packages-${{ runner.os }}-${{ github.job }} + gradle-packages-${{ runner.os }} + + - name: publish java artifacts + uses: hypertrace/github-actions/gradle@main + with: + args: publish + env: + ORG_GRADLE_PROJECT_publishUser: ${{ secrets.BINTRAY_USER }} + ORG_GRADLE_PROJECT_publishApiKey: ${{ secrets.BINTRAY_API_KEY }} + + diff --git a/codecov.yml b/codecov.yml new file mode 100644 index 0000000..8a333e5 --- /dev/null +++ b/codecov.yml @@ -0,0 +1,2 @@ +codecov: + max_report_age: off