From 1fbd8033702e82088478d3b06cf05ee48f513135 Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Tue, 26 Apr 2022 17:04:17 -0400 Subject: [PATCH 01/10] Archive on tag pushes as well --- .github/workflows/build.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f9af4a443..88b5aa8ed 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,6 +16,7 @@ jobs: run: echo "::set-output name=modules::$(cat .java_modules)" outputs: modules: ${{ steps.echo-modules.outputs.modules }} + build_jre: needs: get_modules uses: yetanalytics/runtimer/.github/workflows/runtimer.yml@3c6a902caaf0c6db272842055d9f8cca5cb3fcbc @@ -23,6 +24,7 @@ jobs: java-version: '11' java-distribution: 'temurin' java-modules: ${{ needs.get_modules.outputs.modules }} + build: runs-on: ubuntu-latest needs: build_jre @@ -66,7 +68,7 @@ jobs: cd target/bundle zip -r ../../lrsql.zip ./ - - name: Archive Bundle (Branch Pushes) + - name: Archive Bundle if: ${{ startsWith(github.ref, 'refs/heads') }} uses: actions/upload-artifact@v2 with: From 6f556453ef4ab94dfe7860e53a3388277673dafc Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Tue, 26 Apr 2022 17:15:37 -0400 Subject: [PATCH 02/10] Extract tag-push release steps into their own job --- .github/workflows/build.yml | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 88b5aa8ed..041ea7e48 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -63,20 +63,37 @@ jobs: unzip windows-2019-jre.zip -d target/bundle/runtimes mv target/bundle/runtimes/windows-2019 target/bundle/runtimes/windows + # ARCHIVE BUNDLE - LABEL WITH COMMIT SHA OR TAG NAME - name: Compress Bundle run: | # Need to cd so that the zip file doesn't contain the parent dirs cd target/bundle zip -r ../../lrsql.zip ./ - - name: Archive Bundle - if: ${{ startsWith(github.ref, 'refs/heads') }} + - name: Archive Bundle (Branch Pushes) + if: ${{ github.ref_type == 'branch' }} uses: actions/upload-artifact@v2 with: name: lrsql-artifact-${{ github.sha }} path: lrsql.zip - - name: Craft Draft Release (Tag Pushes) - if: ${{ startsWith(github.ref, 'refs/tags') }} + - name: Archive Bundle (Tag Pushes) + if: ${{ github.ref_type == 'tag' }} + uses: actions/upload-artifact@v2 + with: + name: lrsql-artifact-${{ github.ref_name }} + path: lrsql.zip + + release: + runs-on: ubuntu-latest + needs: build + if: ${{ github.ref_type == 'tag' }} + steps: + - name: Download Bundle Artifact + uses: actions/download-artifact@v2 + with: + name: lrsql-artifact-${{ github.ref_name }} + + - name: Craft Draft Release uses: softprops/action-gh-release@v1 with: # Defaults: @@ -86,29 +103,25 @@ jobs: draft: true files: lrsql.zip - - name: Deploy Documentation (Tag Pushes) - if: ${{ startsWith(github.ref, 'refs/tags') }} + - name: Deploy Documentation uses: JamesIves/github-pages-deploy-action@4.1.5 with: branch: gh-pages folder: target/bundle/doc - - name: Log in to Docker Hub (Tag Pushes) - if: ${{ startsWith(github.ref, 'refs/tags') }} + - name: Log in to Docker Hub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - - name: Extract metadata (tags, labels) for Docker (Tag Pushes) - if: ${{ startsWith(github.ref, 'refs/tags') }} + - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v3 with: images: yetanalytics/lrsql - - name: Build and push Docker image (Tag Pushes) - if: ${{ startsWith(github.ref, 'refs/tags') }} + - name: Build and push Docker image uses: docker/build-push-action@v2 with: context: . From 85bb456777f47132d3c76cd6e16fa89a3e0a92dd Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Tue, 26 Apr 2022 17:21:01 -0400 Subject: [PATCH 03/10] Don't forget to checkout repo and rename artifact download --- .github/workflows/build.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 041ea7e48..e4f523149 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,6 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + - id: echo-modules run: echo "::set-output name=modules::$(cat .java_modules)" outputs: @@ -88,10 +89,13 @@ jobs: needs: build if: ${{ github.ref_type == 'tag' }} steps: + - uses: actions/checkout@v2 + - name: Download Bundle Artifact uses: actions/download-artifact@v2 with: name: lrsql-artifact-${{ github.ref_name }} + path: lrsql.zip - name: Craft Draft Release uses: softprops/action-gh-release@v1 From c07111410365b1359a5ffcab899cd9f694af015e Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Tue, 26 Apr 2022 17:33:37 -0400 Subject: [PATCH 04/10] Unzip lrsql.zip --- .github/workflows/build.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e4f523149..efb9a9e48 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - + - id: echo-modules run: echo "::set-output name=modules::$(cat .java_modules)" outputs: @@ -96,6 +96,9 @@ jobs: with: name: lrsql-artifact-${{ github.ref_name }} path: lrsql.zip + + - name: Unzip Bundle Artifact # For Docker and Documentation + run: unzip lrsql.zip -d target/bundle - name: Craft Draft Release uses: softprops/action-gh-release@v1 From 7ec77790a4305b4b62585c3a053ccba5aab2501d Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Tue, 26 Apr 2022 17:45:41 -0400 Subject: [PATCH 05/10] Add Slack notification for periodic NVD scan --- .github/workflows/nvd.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/nvd.yml b/.github/workflows/nvd.yml index 34cd268df..50fd3ccce 100644 --- a/.github/workflows/nvd.yml +++ b/.github/workflows/nvd.yml @@ -2,7 +2,7 @@ name: Periodic NVD Scan on: schedule: - - cron: '0 8 * * *' # Every day at 8:00 AM + - cron: '0 8 * * 1-5' # Every weekday at 8:00 AM jobs: nvd_scan: @@ -11,3 +11,18 @@ jobs: nvd-clojure-version: '2.0.0' classpath-command: 'clojure -Spath -A:db-h2:db-sqlite:db-postgres' nvd-config-filename: '.nvd/config.json' + + notify_slack: + runs-on: ubuntu-latest + needs: [nvd_scan] + if: ${{ always() && (needs.nvd_scan.result == 'failure') }} + steps: + - name: Notify Slack SQL LRS NVD Scan Reporter + uses: slackapi/slack-github-action@v1.18.0 + with: + payload: | + { + "run_link": "https://github.com/yetanalytics/lrsql/actions/runs/${{ github.run_id }}" + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} From a45ed7e33e1701f8f331982781f2ebf0c472aacf Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Tue, 26 Apr 2022 17:47:38 -0400 Subject: [PATCH 06/10] Remove redundant array --- .github/workflows/nvd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nvd.yml b/.github/workflows/nvd.yml index 50fd3ccce..aed7033e3 100644 --- a/.github/workflows/nvd.yml +++ b/.github/workflows/nvd.yml @@ -14,7 +14,7 @@ jobs: notify_slack: runs-on: ubuntu-latest - needs: [nvd_scan] + needs: nvd_scan if: ${{ always() && (needs.nvd_scan.result == 'failure') }} steps: - name: Notify Slack SQL LRS NVD Scan Reporter From fa41ca404f5dd3786dc388c7e0dc6a495197e47b Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Wed, 27 Apr 2022 11:34:59 -0400 Subject: [PATCH 07/10] Fix artifact unzip step --- .github/workflows/build.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index efb9a9e48..80973c0be 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -95,10 +95,12 @@ jobs: uses: actions/download-artifact@v2 with: name: lrsql-artifact-${{ github.ref_name }} - path: lrsql.zip - - name: Unzip Bundle Artifact # For Docker and Documentation - run: unzip lrsql.zip -d target/bundle + - name: Unzip Bundle Artifact + run: | + mkdir -p target/bundle + unzip lrsql-artifact-${{ github.ref_name }}.zip + unzip lrsql.zip -d target/bundle - name: Craft Draft Release uses: softprops/action-gh-release@v1 From 84ac74b3e40c1f6db5ad04212275fe21913f434a Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Wed, 27 Apr 2022 11:45:02 -0400 Subject: [PATCH 08/10] Add temporary release_test job --- .github/workflows/build.yml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 80973c0be..33d8e0146 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -84,6 +84,27 @@ jobs: name: lrsql-artifact-${{ github.ref_name }} path: lrsql.zip + release_test: + runs-on: ubuntu-latest + needs: build + if: ${{ github.ref_type == 'branch' }} + steps: + - uses: actions/checkout@v2 + + - name: Download Bundle Artifact + uses: actions/download-artifact@v2 + with: + name: lrsql-artifact-${{ github.sha }} + + - name: Display structure of downloaded files + run: ls -R + + - name: Unzip Bundle Artifact + run: | + mkdir -p target/bundle + unzip lrsql-artifact-${{ github.sha }}.zip + unzip lrsql.zip -d target/bundle + release: runs-on: ubuntu-latest needs: build From 6cddb01e73699f67090802ae72c992ec0d68c919 Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Wed, 27 Apr 2022 11:57:21 -0400 Subject: [PATCH 09/10] Artifact is already unzipped once --- .github/workflows/build.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 33d8e0146..8b78411a9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -102,7 +102,6 @@ jobs: - name: Unzip Bundle Artifact run: | mkdir -p target/bundle - unzip lrsql-artifact-${{ github.sha }}.zip unzip lrsql.zip -d target/bundle release: @@ -120,7 +119,6 @@ jobs: - name: Unzip Bundle Artifact run: | mkdir -p target/bundle - unzip lrsql-artifact-${{ github.ref_name }}.zip unzip lrsql.zip -d target/bundle - name: Craft Draft Release From 54a8a69fcc2162dfa11672c55a78313f72d301d1 Mon Sep 17 00:00:00 2001 From: kelvinqian00 Date: Wed, 27 Apr 2022 12:21:08 -0400 Subject: [PATCH 10/10] Remove temporary release_test job --- .github/workflows/build.yml | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8b78411a9..5477d5fa8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -84,26 +84,6 @@ jobs: name: lrsql-artifact-${{ github.ref_name }} path: lrsql.zip - release_test: - runs-on: ubuntu-latest - needs: build - if: ${{ github.ref_type == 'branch' }} - steps: - - uses: actions/checkout@v2 - - - name: Download Bundle Artifact - uses: actions/download-artifact@v2 - with: - name: lrsql-artifact-${{ github.sha }} - - - name: Display structure of downloaded files - run: ls -R - - - name: Unzip Bundle Artifact - run: | - mkdir -p target/bundle - unzip lrsql.zip -d target/bundle - release: runs-on: ubuntu-latest needs: build