diff --git a/.github/workflows/check-secrets.yml b/.github/workflows/check-secrets.yml new file mode 100644 index 0000000000000..5b96e4a71d3cd --- /dev/null +++ b/.github/workflows/check-secrets.yml @@ -0,0 +1,24 @@ +name: Check Secrets + +on: + workflow_call: + inputs: + secret_name: + required: true + type: string + +jobs: + check-secrets: + runs-on: ubuntu-latest + outputs: + has-secrets: ${{ steps.check.outputs.has-secrets }} + steps: + - id: check + run: | + if [[ -n "${{ secrets[inputs.secret_name] }}" ]]; then + echo "has-secrets=true" >> "$GITHUB_OUTPUT" + echo "Secret ${{ inputs.secret_name }} is available" + else + echo "has-secrets=false" >> "$GITHUB_OUTPUT" + echo "Secret ${{ inputs.secret_name }} is NOT available" + fi diff --git a/.github/workflows/chromatic-master.yml b/.github/workflows/chromatic-master.yml index efdbfec2f65bb..f1a9646d21750 100644 --- a/.github/workflows/chromatic-master.yml +++ b/.github/workflows/chromatic-master.yml @@ -32,22 +32,13 @@ on: # List of jobs jobs: - config: - runs-on: "ubuntu-latest" - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.CHROMATIC_PROJECT_TOKEN != '') || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'CHROMATIC_PROJECT_TOKEN' chromatic-deployment: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' # Operating System runs-on: ubuntu-latest # Job steps diff --git a/.github/workflows/docker-release.yml b/.github/workflows/docker-release.yml index 3e205fdeffaaf..34f11e79ca4a5 100644 --- a/.github/workflows/docker-release.yml +++ b/.github/workflows/docker-release.yml @@ -4,22 +4,13 @@ on: release: types: [published] jobs: - config: - runs-on: "ubuntu-latest" - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.DOCKERHUB_USER != '' && secrets.DOCKERHUB_TOKEN != '') || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'DOCKERHUB_USER' docker-release: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' name: docker-release runs-on: ubuntu-latest strategy: diff --git a/.github/workflows/ephemeral-env-pr-close.yml b/.github/workflows/ephemeral-env-pr-close.yml index 7430950b453f6..6b7a728202e86 100644 --- a/.github/workflows/ephemeral-env-pr-close.yml +++ b/.github/workflows/ephemeral-env-pr-close.yml @@ -5,22 +5,13 @@ on: types: [closed] jobs: - config: - runs-on: "ubuntu-latest" - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.AWS_ACCESS_KEY_ID != '' && secrets.AWS_SECRET_ACCESS_KEY != '') || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'AWS_SECRET_ACCESS_KEY' ephemeral-env-cleanup: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' name: Cleanup ephemeral envs runs-on: ubuntu-latest permissions: diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index 2e8178199f1fd..2ff931b9a9ee8 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -5,23 +5,13 @@ on: types: [created] jobs: - config: - runs-on: "ubuntu-latest" - if: github.event.issue.pull_request - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.AWS_ACCESS_KEY_ID != '' && secrets.AWS_SECRET_ACCESS_KEY != '') || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'AWS_SECRET_ACCESS_KEY' ephemeral_env_comment: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' name: Evaluate ephemeral env comment trigger (/testenv) runs-on: ubuntu-latest permissions: @@ -80,8 +70,8 @@ jobs: core.setFailed(errMsg) docker_ephemeral_env: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' name: Push ephemeral env Docker image to ECR runs-on: ubuntu-latest diff --git a/.github/workflows/license-check.yml b/.github/workflows/license-check.yml index e9b75a100983a..574213e54248f 100644 --- a/.github/workflows/license-check.yml +++ b/.github/workflows/license-check.yml @@ -8,22 +8,13 @@ on: types: [synchronize, opened, reopened, ready_for_review] jobs: - config: - runs-on: "ubuntu-latest" - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.FOSSA_API_KEY != '' ) || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'FOSSA_API_KEY' license_check: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' name: License Check runs-on: ubuntu-20.04 steps: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7080620c95939..8da7bfbae3096 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,4 @@ -name: release-workflow +name: npm-release-workflow on: push: @@ -6,22 +6,13 @@ on: - 'master' jobs: - config: - runs-on: "ubuntu-latest" - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.NPM_TOKEN != '' && secrets.GH_PERSONAL_ACCESS_TOKEN != '') || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'NPM_TOKEN' # also note that GH_PERSONAL_ACCESS_TOKEN is used build: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' name: Bump version and publish package(s) runs-on: ubuntu-20.04 diff --git a/.github/workflows/superset-applitool-cypress.yml b/.github/workflows/superset-applitool-cypress.yml index 21ace62b02a4e..ff7827103f768 100644 --- a/.github/workflows/superset-applitool-cypress.yml +++ b/.github/workflows/superset-applitool-cypress.yml @@ -5,22 +5,13 @@ on: - cron: "0 1 * * *" jobs: - config: - runs-on: "ubuntu-latest" - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.APPLITOOLS_API_KEY != '' && secrets.APPLITOOLS_API_KEY != '') || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'APPLITOOLS_API_KEY' cypress-applitools: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' runs-on: ubuntu-20.04 strategy: fail-fast: false diff --git a/.github/workflows/superset-applitools-storybook.yml b/.github/workflows/superset-applitools-storybook.yml index 4225509e3a1a0..b7f5c4a6f33c5 100644 --- a/.github/workflows/superset-applitools-storybook.yml +++ b/.github/workflows/superset-applitools-storybook.yml @@ -11,22 +11,13 @@ env: APPLITOOLS_BATCH_NAME: Superset Storybook jobs: - config: - runs-on: "ubuntu-latest" - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.APPLITOOLS_API_KEY != '' && secrets.APPLITOOLS_API_KEY != '') || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'APPLITOOLS_API_KEY' cron: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' runs-on: ubuntu-20.04 strategy: matrix: diff --git a/.github/workflows/superset-docs.yml b/.github/workflows/superset-docs.yml index e1c2df7d1261b..91499cacb5416 100644 --- a/.github/workflows/superset-docs.yml +++ b/.github/workflows/superset-docs.yml @@ -12,22 +12,13 @@ on: types: [synchronize, opened, reopened, ready_for_review] jobs: - config: - runs-on: "ubuntu-latest" - outputs: - has-secrets: ${{ steps.check.outputs.has-secrets }} - steps: - - name: "Check for secrets" - id: check - shell: bash - run: | - if [ -n "${{ (secrets.SUPERSET_SITE_BUILD != '' && secrets.SUPERSET_SITE_BUILD != '') || '' }}" ]; then - echo "has-secrets=1" >> "$GITHUB_OUTPUT" - fi - + check-secrets: + uses: ./.github/workflows/check-secrets.yml + with: + secret_name: 'SUPERSET_SITE_BUILD' build-deploy: - needs: config - if: needs.config.outputs.has-secrets + needs: check-secrets + if: needs.check-secrets.outputs.has-secrets == 'true' name: Build & Deploy runs-on: ubuntu-20.04 defaults: diff --git a/.github/workflows/superset-translations.yml b/.github/workflows/superset-frontend-translations.yml similarity index 89% rename from .github/workflows/superset-translations.yml rename to .github/workflows/superset-frontend-translations.yml index d3d957fde2f27..aedd15f956f80 100644 --- a/.github/workflows/superset-translations.yml +++ b/.github/workflows/superset-frontend-translations.yml @@ -1,11 +1,15 @@ -name: Translations +name: Frontend Translations on: push: branches: - - 'master' + - "master" + paths: + - "superset-frontend/**" pull_request: types: [synchronize, opened, reopened, ready_for_review] + paths: + - "superset-frontend/**" jobs: frontend-check: @@ -19,7 +23,7 @@ jobs: - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: '16' + node-version: "16" - name: Install dependencies uses: ./.github/actions/cached-dependencies with: diff --git a/docs/README.md b/docs/README.md index 1427f21640a2c..1e6107564ae5c 100644 --- a/docs/README.md +++ b/docs/README.md @@ -16,5 +16,4 @@ KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> - This is the public documentation site for Superset, built using [Docusaurus 2](https://docusaurus.io/). See [CONTRIBUTING.md](../CONTRIBUTING.md#documentation) for documentation on contributing to documentation. diff --git a/scripts/docker_build_push.sh b/scripts/docker_build_push.sh index 3d0271cb2b4d2..cd060aa9f2616 100755 --- a/scripts/docker_build_push.sh +++ b/scripts/docker_build_push.sh @@ -112,6 +112,7 @@ cat<