From 8100955f94977cda2cbb2d3249906f5c34696f39 Mon Sep 17 00:00:00 2001 From: Pavel Mikula Date: Fri, 18 Oct 2024 15:13:18 +0200 Subject: [PATCH 1/2] Add Jira integration --- .github/PULL_REQUEST_TEMPLATE.md | 7 ++++++ .github/workflows/PullRequestClosed.yml | 29 +++++++++++++++++++++++ .github/workflows/PullRequestCreated.yml | 29 +++++++++++++++++++++++ .github/workflows/RequestReview.yml | 28 ++++++++++++++++++++++ .github/workflows/SubmitReview.yml | 30 ++++++++++++++++++++++++ 5 files changed, 123 insertions(+) create mode 100644 .github/PULL_REQUEST_TEMPLATE.md create mode 100644 .github/workflows/PullRequestClosed.yml create mode 100644 .github/workflows/PullRequestCreated.yml create mode 100644 .github/workflows/RequestReview.yml create mode 100644 .github/workflows/SubmitReview.yml diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000..4ae372795 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,7 @@ +Part of + diff --git a/.github/workflows/PullRequestClosed.yml b/.github/workflows/PullRequestClosed.yml new file mode 100644 index 000000000..b50896eba --- /dev/null +++ b/.github/workflows/PullRequestClosed.yml @@ -0,0 +1,29 @@ +name: Pull Request Closed + +on: + pull_request: + types: [closed] + +jobs: + PullRequestMerged_job: + name: Pull Request Merged + runs-on: ubuntu-latest + permissions: + id-token: write + pull-requests: read + # For external PR, ticket should be moved manually + if: | + github.event.pull_request.head.repo.full_name == github.repository + && github.event.pull_request.merged + steps: + - id: secrets + uses: SonarSource/vault-action-wrapper@v3 + with: + secrets: | + development/kv/data/jira user | JIRA_USER; + development/kv/data/jira token | JIRA_TOKEN; + - uses: sonarsource/gh-action-lt-backlog/PullRequestClosed@v2 + with: + github-token: ${{secrets.GITHUB_TOKEN}} + jira-user: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }} + jira-token: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }} diff --git a/.github/workflows/PullRequestCreated.yml b/.github/workflows/PullRequestCreated.yml new file mode 100644 index 000000000..43afebb45 --- /dev/null +++ b/.github/workflows/PullRequestCreated.yml @@ -0,0 +1,29 @@ +name: Pull Request Created + +on: + pull_request: + types: ["opened"] + +jobs: + PullRequestCreated_job: + name: Pull Request Created + runs-on: ubuntu-latest + permissions: + id-token: write + # For external PR, ticket should be created manually + if: | + github.event.pull_request.head.repo.full_name == github.repository + steps: + - id: secrets + uses: SonarSource/vault-action-wrapper@v3 + with: + secrets: | + development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN; + development/kv/data/jira user | JIRA_USER; + development/kv/data/jira token | JIRA_TOKEN; + - uses: sonarsource/gh-action-lt-backlog/PullRequestCreated@v2 + with: + github-token: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }} + jira-user: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }} + jira-token: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }} + jira-project: SONARIAC diff --git a/.github/workflows/RequestReview.yml b/.github/workflows/RequestReview.yml new file mode 100644 index 000000000..5eac0d555 --- /dev/null +++ b/.github/workflows/RequestReview.yml @@ -0,0 +1,28 @@ +name: Request review + +on: + pull_request: + types: ["review_requested"] + +jobs: + RequestReview_job: + name: Request review + runs-on: ubuntu-latest + permissions: + id-token: write + # For external PR, ticket should be moved manually + if: | + github.event.pull_request.head.repo.full_name == github.repository + steps: + - id: secrets + uses: SonarSource/vault-action-wrapper@v3 + with: + secrets: | + development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN; + development/kv/data/jira user | JIRA_USER; + development/kv/data/jira token | JIRA_TOKEN; + - uses: sonarsource/gh-action-lt-backlog/RequestReview@v2 + with: + github-token: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }} + jira-user: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }} + jira-token: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }} diff --git a/.github/workflows/SubmitReview.yml b/.github/workflows/SubmitReview.yml new file mode 100644 index 000000000..d5f22e624 --- /dev/null +++ b/.github/workflows/SubmitReview.yml @@ -0,0 +1,30 @@ +name: Submit Review + +on: + pull_request_review: + types: [submitted] + +jobs: + SubmitReview_job: + name: Submit Review + runs-on: ubuntu-latest + permissions: + id-token: write + pull-requests: read + # For external PR, ticket should be moved manually + if: | + github.event.pull_request.head.repo.full_name == github.repository + && (github.event.review.state == 'changes_requested' + || github.event.review.state == 'approved') + steps: + - id: secrets + uses: SonarSource/vault-action-wrapper@v3 + with: + secrets: | + development/kv/data/jira user | JIRA_USER; + development/kv/data/jira token | JIRA_TOKEN; + - uses: sonarsource/gh-action-lt-backlog/SubmitReview@v2 + with: + github-token: ${{secrets.GITHUB_TOKEN}} + jira-user: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }} + jira-token: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }} From cd9d7c6f14eda59fcca279b37e411a813b2db062 Mon Sep 17 00:00:00 2001 From: Pavel Mikula Date: Tue, 22 Oct 2024 16:04:24 +0200 Subject: [PATCH 2/2] Add Components --- .github/workflows/PullRequestCreated.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/PullRequestCreated.yml b/.github/workflows/PullRequestCreated.yml index 43afebb45..8f7f8778c 100644 --- a/.github/workflows/PullRequestCreated.yml +++ b/.github/workflows/PullRequestCreated.yml @@ -27,3 +27,4 @@ jobs: jira-user: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }} jira-token: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }} jira-project: SONARIAC + additional-fields: '{ "components": [ { "name": "Plugin Infrastructure" } ] }'