Build + Pre-Commit Fixes

.github/workflows/cd.edge.build.yml

@@ -78,4 +78,4 @@ jobs:
         id: cosign
         run: |
           cosign version
-          cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG }} --upload
+          cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ steps.build.outputs.digest }} --upload

.github/workflows/cd.release.build.yml

@@ -55,6 +55,7 @@ jobs:
           tags: |
             ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG }}
             ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG_RELEASE }}
+            ${{ env.REGISTRY }}/${{ env.IMAGE }}:v${{ env.TAG_RELEASE }}
           labels: |
             org.opencontainers.image.title=skaha
             org.opencontainers.image.version=${{ env.TAG_RELEASE }}
@@ -84,6 +85,4 @@ jobs:
         id: cosign
         run: |
           cosign version
-          cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG }} --upload
-          cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.TAG_RELEASE }} --upload
           cosign sign --yes ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ steps.build.outputs.digest }} --upload

.github/workflows/cd.release.yml

@@ -5,9 +5,6 @@ on:
   push:
     branches:
       - main
-  pull_request:
-    branches:
-      - main
 
 jobs:
   release-please:
@@ -24,7 +21,7 @@ jobs:
       -
         name: Dispatch Edge Build
         # Run this step only if the release-please completes successfully
-        if: steps.release-please.outcome == 'success' 
+        if: steps.release-please.outcome == 'success' && github.event_name == 'push'
         uses: peter-evans/[email protected]
         with:
           repository: opencadc/science-platform

.pre-commit-config.yaml

@@ -0,0 +1,56 @@
+# Pre-Commit Configuration File: https://pre-commit.com
+---
+repos:
+  # Commitizen Configuration
+  # This configuration will add commitizen to your pre-commit hooks and will run it on commit-msg stage
+  # of the git commit process.
+  - repo: https://github.com/commitizen-tools/commitizen
+    rev: v3.31.0
+    hooks:
+      - id: commitizen
+        stages: [commit-msg]
+  # Pre-Commit Hooks Configuration
+  # This configuration will add pre-commit hooks to your pre-commit hooks and will run it on pre-commit stage
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      # Prevent giant files from being committed.
+      - id: check-added-large-files
+      # Check for files with names that would conflict on a case-insensitive filesystem like MacOS HFS+ or Windows FAT.
+      - id: check-case-conflict
+      # Checks that non-binary executables have a proper shebang.
+      - id: check-executables-have-shebangs
+      # Attempts to load all json files to verify syntax.
+      - id: check-json
+      # Check for files that contain merge conflict strings.
+      - id: check-merge-conflict
+      # Checks for symlinks which do not point to anything.
+      - id: check-symlinks
+      # Attempts to load all TOML files to verify syntax.
+      - id: check-toml
+      # Attempts to load all yaml files to verify syntax.
+      - id: check-yaml
+      # Attempts to load all xml files to verify syntax.
+      - id: check-xml
+      # Check for debugger imports and py37+ breakpoint() calls in python source.
+      - id: debug-statements
+      # Makes sure files end in a newline and only a newline.
+      - id: end-of-file-fixer
+      # Trims trailing whitespace.
+      - id: trailing-whitespace
+      # Checks for private key files.
+      - id: detect-private-key
+  - repo: local
+    hooks:
+      - id: gradle-build
+        name: Skaha Gradle Build
+        entry: /bin/bash
+        args:
+          - -c
+          - |
+            cd skaha
+            ./gradlew clean check
+        language: system
+        pass_filenames: false
+        always_run: true
+        verbose: true

README.md

@@ -2,23 +2,23 @@
 
 *A container based science platform in CANFAR.*
 
----
-
+[![CI: Linting](https://github.com/opencadc/science-platform/actions/workflows/ci.linting.yml/badge.svg)](https://github.com/opencadc/science-platform/actions/workflows/ci.linting.yml)
+[![CI: Testing](https://github.com/opencadc/science-platform/actions/workflows/ci.testing.yml/badge.svg)](https://github.com/opencadc/science-platform/actions/workflows/ci.testing.yml)
+[![CD: Edge Build](https://github.com/opencadc/science-platform/actions/workflows/cd.edge.build.yml/badge.svg)](https://github.com/opencadc/science-platform/actions/workflows/cd.edge.build.yml)
+[![CD: Release Build](https://github.com/opencadc/science-platform/actions/workflows/cd.release.build.yml/badge.svg)](https://github.com/opencadc/science-platform/actions/workflows/cd.release.build.yml)
 [![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/opencadc/science-platform/badge)](https://scorecard.dev/viewer/?uri=github.com/opencadc/science-platform)
-
 ## Table of Contents
 - [Skaha](#skaha)
   - [Table of Contents](#table-of-contents)
   - [CANFAR Science Portal Documentation](#canfar-science-portal-documentation)
   - [Acknowledgements](#acknowledgements)
   - [Overview](#overview)
-  - [Helm Installation](#helm-installation)
+  - [Deployment](#deployment)
   - [System Components](#system-components)
     - [skaha](#skaha-1)
   - [Session Containers](#session-containers)
   - [Software Containers](#software-containers)
   - [Dependencies](#dependencies)
-  - [Deployment](#deployment)
 
 ## CANFAR Science Portal Documentation
 
@@ -32,17 +32,16 @@ This project has been funded in part by:
 
 ## Overview
 
-![science-platform-architecture](canfar-architecture-2024-04-08.png)
-
-skaha is a general purpose online platform for running science containers interactively.  It is part of the CANFAR science platform for containers.  In the architecture diagram below, skaha is the main API to the Science Platform.
+Skaha is a general purpose online platform for running science containers interactively.  It is part of the [CANFAR Science Platform](https://canfar.net).  In the architecture diagram below, skaha is the main API to the Science Platform.
 
-![canfar-architecture](canfar-architecture-1.0.png)
+![science-platform-architecture](docs/images/canfar-architecture-2024-04-08.png)
+The CANFAR Science Platform Architecture.  
+![canfar-architecture](docs/images/canfar-architecture-1.0.png)
+Skaha is the API to the Science Platform box.
 
-The CANFAR Science Platform Architecture.  Skaha is the API to the Science Platform box.
-
-## Helm Installation
+## Deployment
 
-Deploying the Skaha service is made up of a small number of Helm installations.  See the [Deployment Guide](./deployment/helm/README.md) for installations.
+Skaha runs on Kubernetes and and is deployed using Helm. See the [Deployment Guide](./deployment/helm/README.md) for more information.
 
 ## System Components
 
@@ -75,7 +74,4 @@ skaha relies on a number of other opencadc modules to operate.
 * access control (ac) web service (https://github.com/opencadc/ac) -- If the IdentityManager implementation is configured to use cadc-access-control-server for authentication an operational ac web service is required to be running.
 * credential delegation (cdp) web service (https://github.com/opencadc/cdp) -- The cdp service is used to obtain users' delegated proxy certificates.
 * cavern -- skaha is complimented by having the cavern VOSpace implementation mounted as a shared POSIX file system.  (https://github.com/opencadc/vos/tree/master/cavern).  cavern is a vospace implementation where both the data and metadata are based on the contents of a file system.  If the software-containers have access to the cavern file system the contents of that file system can be accessed and shared through the cavern web service.
-* posix/sssd -- Containers in skaha are always run _as the user_ and with the users' group memberships.  If skaha-desktop and software-containers are run with a SSSD configuration that points to the same LDAP instance as used by ac, the names of those uids and gids can be resolved.
-
-## Deployment
-skaha runs on kubernetes.  See the deployment directory for specifics.
+* posix/sssd -- Containers in skaha are always run _as the user_ and with the users' group memberships.  If skaha-desktop and software-containers are run with a SSSD configuration that points to the same LDAP instance as used by ac, the names of those uids and gids can be resolved.

release-please-config.json

@@ -9,7 +9,7 @@
         "draft": false,
         "prerelease": false,
         "include-component-in-tag": false,
-        "include-v-in-tag": true,
+        "include-v-in-tag": false,
         "extra-files": [
           "skaha/gradle.properties"
         ],

skaha/build.gradle

@@ -60,24 +60,19 @@ dependencies {
 
 spotless {
   java {
+    // Interpret all files as utf-8
+    encoding 'UTF-8'
+    // Only require formatting of files that diff from main
+    ratchetFrom 'origin/main'
     // Use the default importOrder configuration
     importOrder()
     // Remove unused imports
     removeUnusedImports()
     // Google Java Format, Android Open Source Project style which uses 4 spaces for indentation
-    palantirJavaFormat()
+    palantirJavaFormat('2.50.0').formatJavadoc(true)
     // Format annotations on a single line
     formatAnnotations()
   }
-  yaml {
-    target '**/*.yaml, **/*.yml, ../.github/workflows/*.yml'
-  }
-  format 'misc', {
-    target '**/*.gradle'
-    trimTrailingWhitespace()
-    indentWithSpaces(4)
-    endWithNewline()
-  }
 }
 check.dependsOn spotlessCheck