GitHub actions setup

.github/workflows/close-milestone.yml

@@ -0,0 +1,39 @@
+# Description
+# ===========
+# This workflow is triggered each time the Java CI workflow succeeds
+# on master.
+# It looks for a milestone that is completed and close it.
+---
+name: Close Milestone
+
+on:
+  workflow_run:
+    workflows: ["Java CI"]
+    branches: [master]
+    types: 
+      - completed
+
+jobs:
+  close:
+    name: Close completed milestone
+    runs-on: ubuntu-latest
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    steps:
+      - name: Close a milestone if completed
+        run: |
+          milestones=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+              https://api.github.com/repos/${{ github.repository }}/milestones \
+            | jq -r '. | map(select(.open_issues == 0 and .closed_issues > 0 and .state == "open"))')
+          if [ "$milestones" != "[]" ]
+          then
+            milestone_number=$(echo "$milestones" | jq -r '.[0].number')
+            curl -s \
+              -X PATCH \
+              -H "Authorization: token ${GITHUB_TOKEN}" \
+              -H "Accept: application/vnd.github.v3+json" \
+              https://api.github.com/repos/${{ github.repository }}/milestones/${milestone_number} \
+              -d '{"state":"closed"}'
+          fi
+        env:
+          # Personal access tokens should be generated from https://github.com/settings/tokens with repository scope
+          GITHUB_TOKEN: ${{ secrets.REPO_SCOPED_TOKEN }}

.github/workflows/draft-release.yml

@@ -0,0 +1,57 @@
+# Description
+# ===========
+# This workflow is triggered each time a milestone is closed
+# It builds the jar, generates release notes, pushes a new tag
+# and makes a draft release with these elements.
+---
+name: Draft Release
+
+on: 
+  milestone:
+    types: [closed]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out repository code
+      uses: actions/checkout@v2
+    - name: Setup java
+      uses: actions/setup-java@v2
+      with:
+        distribution: 'adopt'
+        java-version: '11'
+    - name: Cache Maven packages
+      uses: actions/cache@v2
+      with:
+        path: ~/.m2
+        key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+        restore-keys: ${{ runner.os }}-m2
+    - name: Build with Maven
+      run: mvn -B clean package
+    - name: Create Release Notes
+      uses: docker://decathlon/release-notes-generator-action:2.0.1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        OUTPUT_FOLDER: temp_release_notes
+    - name: Set tag and project values
+      run: |
+        echo "tag=$(cat pom.xml | grep "<version>.*</version>" | head -1 |awk -F'[><]' '{print $3}')" >> $GITHUB_ENV
+        echo "project=$(echo ${{ github.repository }} | awk -F '/' '{print $2}')" >> $GITHUB_ENV
+    - name: Create a tag for the release
+      run: |
+        git config --global user.name "GitHub Actions"
+        git config --global user.email catlab@cnes.fr
+        git tag -a ${{ env.tag }} -m "Release ${{ env.tag }}"
+        git push origin ${{ env.tag }}
+    - name: Create GitHub Release
+      uses: ncipollo/release-action@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        artifacts: "target/${{ env.project }}-${{ env.tag }}.jar"
+        tag: ${{ env.tag }}
+        name: ${{ env.project }} ${{ env.tag }}
+        bodyFile: "temp_release_notes/release_file.md"
+        draft: true
+        token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/java-continuous-integration.yml

@@ -0,0 +1,128 @@
+# Description
+# ===========
+# This workflow is triggered each time
+# commits are pushed to GitHub or a pull request is opened.
+# It launches three jobs in parallel : a build with java 8,
+# a build with java 11 and a SonarCloud analysis.
+---
+name: Java CI
+
+on: [push, pull_request]
+
+env:
+  SONARQUBE_VERSION: 8.9.0-community 
+
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java: [ '8', '11' ]
+    name: Java ${{ matrix.Java }} CI
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Setup java
+        uses: actions/setup-java@v2
+        with:
+          distribution: 'adopt'
+          java-version: ${{ matrix.java }}
+      - name: Cache Maven packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+      - name: Cache node_modules
+        uses: actions/cache@v2
+        with:
+          path: node_modules
+          key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: ${{ runner.os }}-yarn-
+      - name: Build with Maven
+        run: mvn -B clean package
+      - name: Test cnes-report
+        env:
+          SONARQUBE_VERSION: 8.9.0-community
+        run: |
+          version=$(cat pom.xml | grep "<version>.*</version>" | head -1 |awk -F'[><]' '{print $3}');
+          echo "Starting docker";
+          docker run --name sonarqube_${SONARQUBE_VERSION} -d -p 9000:9000 sonarqube:${SONARQUBE_VERSION};
+          echo "Inject plugin";
+          docker cp target/sonar-cnes-report-${version}.jar sonarqube_${SONARQUBE_VERSION}:/opt/sonarqube/extensions/plugins/;
+          docker exec -u root sonarqube_${SONARQUBE_VERSION} chown sonarqube:sonarqube /opt/sonarqube/extensions/plugins/sonar-cnes-report-${version}.jar;
+          docker restart sonarqube_${SONARQUBE_VERSION};
+          echo "Waiting up to 5 minutes for SonarQube...";
+          counter=0;
+          limit=300;
+          status_sonar=$(curl -s "http://localhost:9000/api/system/status" | grep "\"status\":\"UP\"" > /dev/null; echo $?);
+          while [[ 0 -ne $status_sonar && $counter -le $limit ]]; do
+              sleep 1;
+              counter=$(( $counter + 1 ));
+              status_sonar=$(curl -s "http://localhost:9000/api/system/status" | grep "\"status\":\"UP\"" > /dev/null; echo $?);
+          done;
+          mvn sonar:sonar -Dsonar.host.url=http://localhost:9000 -Dsonar.login=admin -Dsonar.password=admin -Dsonar.organization=default-organization;
+          echo "Waiting for the SonarQube Compute Engine task to be completed...";
+          ce=$(grep ceTaskUrl= target/sonar/report-task.txt);
+          ceTaskUrl=${ce:10};
+          continue=true;
+          while [ $continue = true ]; do
+              status=$(curl -s -u admin:admin ${ceTaskUrl} | jq -r '.task.status');
+              if [ $status = SUCCESS ]
+              then
+                  continue=false;
+              elif [ $status = FAILED ] || [ $status = CANCELED ]
+              then
+                  exit 1;
+              else
+                  sleep 1;
+              fi
+          done;
+          token_sonarqube=$(curl -s -X POST -H "Content-Type&#58; application/x-www-form-urlencoded" -d "name=admin_token" -u admin:admin http://localhost:9000/api/user_tokens/generate | jq -r '.token');
+          java -jar target/sonar-cnes-report-${version}.jar -t ${token_sonarqube} -p fr.cnes.sonar:cnesreport -s http://localhost:9000;
+          url_cnesreport="http://localhost:9000/api/cnesreport/report?key=fr.cnes.sonar%3Acnesreport&author=github-actions&token=${token_sonarqube}";
+          curl -u admin:admin ${url_cnesreport} -O -J;
+
+  code-analysis:
+    runs-on: ubuntu-latest    
+    name: SonarCloud Code Analysis
+    # It's not possible to launch an analysis on external pull requests
+    if: ${{ github.repository_owner == 'cnescatlab' }}
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Setup java
+        uses: actions/setup-java@v2
+        with:
+          distribution: 'adopt'
+          java-version: '11'
+      - name: Cache Maven packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+      - name: Cache node_modules
+        uses: actions/cache@v2
+        with:
+          path: node_modules
+          key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: ${{ runner.os }}-yarn-
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Build and analyze
+        env:
+          # Needed to get some information about the pull request, if any
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # SonarCloud access token should be generated from https://sonarcloud.io/account/security/
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar -Dsonar.organization=lequal -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN

pom.xml

@@ -210,7 +210,7 @@
                 <version>${sonar-packaging-maven-plugin.version}</version>
                 <extensions>true</extensions>
                 <configuration>
-                    <jarName>sonar-cnes-report</jarName>
+                    <jarName>sonar-cnes-report-${project.version}</jarName>
                 </configuration>
             </plugin>
 

yarn.lock

@@ -4608,12 +4608,7 @@ lodash.topath@4.5.2:
   resolved "https://registry.yarnpkg.com/lodash.topath/-/lodash.topath-4.5.2.tgz#3616351f3bba61994a0931989660bd03254fd009"
   integrity sha1-NhY1Hzu6YZlKCTGYlmC9AyVP0Ak=
 
-lodash@4.17.21:
-  version "4.17.21"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
-  integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
-
-lodash@^4.17.19, lodash@^4.17.4, lodash@^4.2.0, lodash@^4.6.1:
+lodash@4.17.21, lodash@^4.17.19, lodash@^4.17.4, lodash@^4.2.0:
   version "4.17.21"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
   integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==