Skip to content

feat(secu): git leaks integration #35

feat(secu): git leaks integration

feat(secu): git leaks integration #35

Workflow file for this run

name: awie
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
on:
workflow_dispatch:
pull_request:
types:
- opened
- synchronize
- reopened
- ready_for_review
paths:
- "centreon-awie/**"
- "!centreon-awie/features/**"
- "!centreon-awie/behat.yml"
push:
branches:
- develop
- dev-[2-9][0-9].[0-9][0-9].x
- master
- "[2-9][0-9].[0-9][0-9].x"
paths:
- "centreon-awie/**"
- "!centreon-awie/features/**"
- "!centreon-awie/behat.yml"
env:
module: awie
jobs:
get-environment:
uses: ./.github/workflows/get-environment.yml
with:
version_file: centreon-awie/www/modules/centreon-awie/conf.php
changes:
runs-on: ubuntu-24.04
outputs:
has_backend_changes: ${{ steps.filter.outputs.has_backend_changes }}
has_test_changes: ${{ steps.filter.outputs.has_test_changes }}
trigger_delivery: ${{ steps.changes_trigger_checks.outputs.trigger_delivery }}
trigger_api_testing: ${{ steps.changes_trigger_checks.outputs.trigger_api_testing }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: filter
with:
filters: |
has_backend_changes:
- 'centreon-awie/*.php'
- 'centreon-awie/!(features)/*.php'
- 'centreon-awie/phpstan*'
- 'centreon-awie/ruleset.xml'
- 'centreon-awie/libinstall/**'
- 'centreon-awie/www/modules/centreon-awie/**'
has_test_changes:
- 'centreon-awie/features/**'
- uses: ./.github/actions/changes-trigger-checks
id: changes_trigger_checks
with:
is_nightly: 'false'
has_frontend_changes: 'false'
has_backend_changes: ${{ steps.filter.outputs.has_backend_changes }}
has_test_changes: ${{ steps.filter.outputs.has_test_changes }}
backend-lint:
runs-on: ubuntu-24.04
needs: [changes, get-environment]
if: ${{ needs.get-environment.outputs.skip_workflow == 'false' && needs.changes.outputs.has_backend_changes == 'true' }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup PHP
uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 # v2.32.0
with:
php-version: 8.2
coverage: none
env:
runner: ubuntu-24.04
- name: Install Dependencies
run: composer install --optimize-autoloader
working-directory: centreon-awie
shell: bash
- name: Run of phpstan on /www at level 6
run: vendor/bin/phpstan analyse --no-progress --level=6 --configuration=phpstan.neon
working-directory: centreon-awie
package:
needs: [get-environment, backend-lint]
if: ${{ needs.get-environment.outputs.skip_workflow == 'false' && needs.get-environment.outputs.stability != 'stable' }}
strategy:
fail-fast: false
matrix:
distrib: [el8, el9, bookworm]
include:
- package_extension: rpm
image: packaging-nfpm-alma8
distrib: el8
- package_extension: rpm
image: packaging-nfpm-alma9
distrib: el9
- package_extension: deb
image: packaging-nfpm-bookworm
distrib: bookworm
runs-on: ubuntu-24.04
container:
image: ${{ vars.DOCKER_INTERNAL_REGISTRY_URL }}/${{ matrix.image }}:${{ needs.get-environment.outputs.major_version }}
credentials:
username: ${{ secrets.HARBOR_CENTREON_PULL_USERNAME }}
password: ${{ secrets.HARBOR_CENTREON_PULL_TOKEN }}
name: package ${{ matrix.distrib }}
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Package
uses: ./.github/actions/package-nfpm
with:
nfpm_file_pattern: "centreon-awie/packaging/*.yaml"
distrib: ${{ matrix.distrib }}
package_extension: ${{ matrix.package_extension }}
major_version: ${{ needs.get-environment.outputs.major_version }}
minor_version: ${{ needs.get-environment.outputs.minor_version }}
release: ${{ needs.get-environment.outputs.release }}
arch: all
commit_hash: ${{ github.sha }}
cache_key: ${{ github.sha }}-${{ github.run_id }}-${{ matrix.package_extension }}-${{ matrix.distrib }}
rpm_gpg_key: ${{ secrets.RPM_GPG_SIGNING_KEY }}
rpm_gpg_signing_key_id: ${{ secrets.RPM_GPG_SIGNING_KEY_ID }}
rpm_gpg_signing_passphrase: ${{ secrets.RPM_GPG_SIGNING_PASSPHRASE }}
stability: ${{ needs.get-environment.outputs.stability }}
deliver-sources:
runs-on: [self-hosted, common]
needs: [get-environment, package]
if: ${{ needs.get-environment.outputs.skip_workflow == 'false' && contains(fromJson('["stable"]'), needs.get-environment.outputs.stability) && github.event_name != 'workflow_dispatch' }}
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Deliver sources
uses: ./.github/actions/release-sources
with:
bucket_directory: centreon-awie
module_directory: centreon-awie
module_name: centreon-awie
major_version: ${{ needs.get-environment.outputs.major_version }}
minor_version: ${{ needs.get-environment.outputs.minor_version }}
token_download_centreon_com: ${{ secrets.TOKEN_DOWNLOAD_CENTREON_COM }}
deliver-rpm:
needs: [changes, get-environment, package]
if: ${{ needs.get-environment.outputs.skip_workflow == 'false' && contains(fromJson('["testing", "unstable"]'), needs.get-environment.outputs.stability) && needs.changes.outputs.trigger_delivery == 'true' }}
runs-on: [self-hosted, common]
strategy:
matrix:
distrib: [el8, el9]
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Delivery
uses: ./.github/actions/rpm-delivery
with:
module_name: awie
distrib: ${{ matrix.distrib }}
version: ${{ needs.get-environment.outputs.major_version }}
artifactory_token: ${{ secrets.ARTIFACTORY_ACCESS_TOKEN }}
cache_key: ${{ github.sha }}-${{ github.run_id }}-rpm-${{ matrix.distrib }}
stability: ${{ needs.get-environment.outputs.stability }}
release_type: ${{ needs.get-environment.outputs.release_type }}
is_cloud: ${{ needs.get-environment.outputs.is_cloud }}
deliver-deb:
needs: [changes, get-environment, package]
if: ${{ needs.get-environment.outputs.skip_workflow == 'false' && contains(fromJson('["testing", "unstable"]'), needs.get-environment.outputs.stability) && needs.changes.outputs.trigger_delivery == 'true' }}
runs-on: [self-hosted, common]
strategy:
matrix:
distrib: [bookworm]
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Delivery
uses: ./.github/actions/deb-delivery
with:
module_name: awie
distrib: ${{ matrix.distrib }}
version: ${{ needs.get-environment.outputs.major_version }}
artifactory_token: ${{ secrets.ARTIFACTORY_ACCESS_TOKEN }}
cache_key: ${{ github.sha }}-${{ github.run_id }}-deb-${{ matrix.distrib }}
stability: ${{ needs.get-environment.outputs.stability }}
release_type: ${{ needs.get-environment.outputs.release_type }}
is_cloud: ${{ needs.get-environment.outputs.is_cloud }}
promote:
needs: [get-environment, deliver-rpm, deliver-deb]
if: |
needs.get-environment.outputs.skip_workflow == 'false' &&
(contains(fromJson('["stable", "testing"]'), needs.get-environment.outputs.stability) && github.event_name != 'workflow_dispatch') &&
! cancelled() &&
! contains(needs.*.result, 'failure') &&
! contains(needs.*.result, 'cancelled')
runs-on: [self-hosted, common]
strategy:
matrix:
distrib: [el8, el9, bookworm]
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Promote ${{ matrix.distrib }} to stable
uses: ./.github/actions/promote-to-stable
with:
artifactory_token: ${{ secrets.ARTIFACTORY_ACCESS_TOKEN }}
module: awie
distrib: ${{ matrix.distrib }}
major_version: ${{ needs.get-environment.outputs.major_version }}
minor_version: ${{ needs.get-environment.outputs.minor_version }}
stability: ${{ needs.get-environment.outputs.stability }}
github_ref_name: ${{ github.ref_name }}
release_type: ${{ needs.get-environment.outputs.release_type }}
is_cloud: ${{ needs.get-environment.outputs.is_cloud }}
set-skip-label:
needs: [get-environment, deliver-rpm, deliver-deb, promote]
if: |
needs.get-environment.outputs.skip_workflow == 'false' &&
! cancelled() &&
! contains(needs.*.result, 'failure') &&
! contains(needs.*.result, 'cancelled')
uses: ./.github/workflows/set-pull-request-skip-label.yml