Skip to content

Commit

Permalink
revert last commit changes
Browse files Browse the repository at this point in the history
  • Loading branch information
sahibamittal committed Apr 17, 2024
1 parent f776608 commit e97a679
Show file tree
Hide file tree
Showing 6 changed files with 85 additions and 23 deletions.
20 changes: 16 additions & 4 deletions .github/workflows/_meta-build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,10 @@ on:
required: false
default: false
description: "publish and scan the container image once its built"
ref-name:
type: string
required: true
description: "Short ref name of the branch or tag that triggered the workflow run"
secrets:
registry-0-usr:
required: true
Expand Down Expand Up @@ -111,9 +115,17 @@ jobs:
- name: Set Container Tags
id: tags
run: |-
TAGS="ghcr.io/dependencytrack/hyades-apiserver:${{ inputs.app-version }}"
if [[ "${{ inputs.app-version }}" != "snapshot" ]]; then
TAGS="${TAGS},ghcr.io/dependencytrack/hyades-apiserver:latest"
IMAGE_NAME="ghcr.io/${GITHUB_REPOSITORY_OWNER,,}/hyades-apiserver"
REF_NAME="${{ inputs.ref-name }}"
TAGS=""
if [[ $REF_NAME == feature-* ]]; then
TAGS="${IMAGE_NAME}:${REF_NAME,,}"
else
TAGS="${IMAGE_NAME}:${{ inputs.app-version }}"
if [[ "${{ inputs.app-version }}" != "snapshot" ]]; then
TAGS="${TAGS},${IMAGE_NAME}:latest"
fi
fi
echo "tags=${TAGS}" >> $GITHUB_OUTPUT
Expand Down Expand Up @@ -144,4 +156,4 @@ jobs:
if: ${{ inputs.publish-container }}
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
sarif_file: 'trivy-results.sarif'
34 changes: 18 additions & 16 deletions .github/workflows/buf.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,9 @@ name: Buf

on:
pull_request:
branches: [ "main" ]
branches:
- main
- "feature-**"

permissions: { }

Expand All @@ -28,18 +30,18 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1
- name: Setup buf
uses: bufbuild/buf-setup-action@9990c72db080fa39cf561230b8d2d7b736681f85 # tag=v1.30.1
with:
github_token: ${{ github.token }}
- name: Lint Protobuf
uses: bufbuild/buf-lint-action@06f9dd823d873146471cfaaf108a993fe00e5325 # tag=v1.1.1
with:
input: src/main/proto
- name: Detect Breaking Changes
uses: bufbuild/buf-breaking-action@c57b3d842a5c3f3b454756ef65305a50a587c5ba # tag=v1.1.4
with:
input: src/main/proto
against: https://github.com/${{ github.repository }}.git#branch=main,subdir=src/main/proto
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1
- name: Setup buf
uses: bufbuild/buf-setup-action@9990c72db080fa39cf561230b8d2d7b736681f85 # tag=v1.30.1
with:
github_token: ${{ github.token }}
- name: Lint Protobuf
uses: bufbuild/buf-lint-action@06f9dd823d873146471cfaaf108a993fe00e5325 # tag=v1.1.1
with:
input: src/main/proto
- name: Detect Breaking Changes
uses: bufbuild/buf-breaking-action@c57b3d842a5c3f3b454756ef65305a50a587c5ba # tag=v1.1.4
with:
input: src/main/proto
against: "https://github.com/${{ github.repository }}.git#branch=${{ github.base_ref }},subdir=src/main/proto"
5 changes: 4 additions & 1 deletion .github/workflows/ci-build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,15 @@ on:
push:
branches:
- 'main'
- 'feature-**'
- '[0-9]+.[0-9]+.x' # Release branches
paths-ignore:
- '**/*.md'
- 'docs/**'
pull_request:
branches:
- 'main'
- 'feature-**'
paths-ignore:
- '**/*.md'
- 'docs/**'
Expand All @@ -40,9 +42,10 @@ jobs:
with:
app-version: "snapshot"
publish-container: ${{ github.ref == 'refs/heads/main' }}
ref-name: ${{ github.ref_name }}
permissions:
packages: write # Required to push images to ghcr.io
security-events: write # Required to upload trivy's SARIF output
secrets:
registry-0-usr: ${{ github.repository_owner }}
registry-0-psw: ${{ secrets.GITHUB_TOKEN }}
registry-0-psw: ${{ secrets.GITHUB_TOKEN }}
3 changes: 2 additions & 1 deletion .github/workflows/ci-publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ jobs:
with:
app-version: ${{ needs.read-version.outputs.version }}
publish-container: true
ref-name: ${{ github.ref_name }}
permissions:
packages: write # Required to push images to ghcr.io
security-events: write # Required to upload trivy's SARIF output
Expand Down Expand Up @@ -93,4 +94,4 @@ jobs:
--clobber \
target/dependency-track-apiserver.jar \
target/checksums.txt \
target/bom.json
target/bom.json
4 changes: 3 additions & 1 deletion .github/workflows/ci-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,15 @@ on:
push:
branches:
- 'main' # Main branch
- 'feature-**' # Feature branch
- '[0-9]+.[0-9]+.x' # Release branches
paths-ignore:
- '**/*.md'
- 'docs/**'
pull_request:
branches:
- 'main' # Main branch
- 'feature-**' # Feature branch
- '[0-9]+.[0-9]+.x' # Release branches
paths-ignore:
- '**/*.md'
Expand Down Expand Up @@ -89,4 +91,4 @@ jobs:
path: |-
pr-commit.txt
pr-number.txt
target/jacoco-ut/jacoco.xml
target/jacoco-ut/jacoco.xml
42 changes: 42 additions & 0 deletions .github/workflows/config-docs-update.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# This file is part of Dependency-Track.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
# Copyright (c) OWASP Foundation. All Rights Reserved.
name: Update Config Documentation

on:
push:
branches:
- main
paths:
- src/main/resources/application.properties

permissions: { }

jobs:
trigger-update:
name: Trigger Update
runs-on: ubuntu-latest
timeout-minutes: 5
if: "${{ github.repository_owner == 'DependencyTrack' }}"
steps:
- name: Dispatch Update Event
env:
# NB: The default GITHUB_TOKEN is scoped to the repository where
# the workflow is running, thus can't trigger workflows in other
# repos. Requires a PAT with `write` role to the target instead.
GH_TOKEN: "${{ secrets.BOT_RELEASE_TOKEN }}"
run: |-
gh workflow run update-config-docs.yml -R DependencyTrack/hyades

0 comments on commit e97a679

Please sign in to comment.