-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reorganize GitHub workflows. #118
Changes from 3 commits
41866ce
1d935e6
5284e95
62acf6a
54c897d
c4be388
8b5444d
17f39a2
2912b5e
6418cf6
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,70 +1,37 @@ | ||
# For most projects, this workflow file will not need changing; you simply need | ||
# to commit it to your repository. | ||
# | ||
# You may wish to alter this file to override the set of languages analyzed, | ||
# or to provide custom queries or build logic. | ||
# | ||
# ******** NOTE ******** | ||
# We have attempted to detect the languages in your repository. Please check | ||
# the `language` matrix defined below to confirm you have the correct set of | ||
# supported CodeQL languages. | ||
# ******** NOTE ******** | ||
|
||
name: "CodeQL" | ||
|
||
on: | ||
pull_request: | ||
branches: | ||
- master | ||
- opendistro-* | ||
- main | ||
MaxKsyunz marked this conversation as resolved.
Show resolved
Hide resolved
|
||
push: | ||
branches: | ||
- master | ||
- opendistro-* | ||
|
||
branches-ignore: | ||
- 'dependabot/**' | ||
paths: | ||
- '**/*.java' | ||
- '.github/workflows/codeql-analysis.yml' | ||
|
||
jobs: | ||
analyze: | ||
name: CodeQL-Scan | ||
runs-on: ubuntu-18.04 | ||
|
||
runs-on: ubuntu-20.04 | ||
permissions: | ||
security-events: write | ||
actions: read | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
language: [ 'java' ] | ||
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] | ||
# Learn more... | ||
# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v2 | ||
uses: actions/checkout@v3 | ||
|
||
# Initializes the CodeQL tools for scanning. | ||
- name: Initialize CodeQL | ||
uses: github/codeql-action/init@v1 | ||
uses: github/codeql-action/init@v2 | ||
with: | ||
languages: ${{ matrix.language }} | ||
# If you wish to specify custom queries, you can do so here or in a config file. | ||
# By default, queries listed here will override any specified in a config file. | ||
# Prefix the list here with "+" to use these queries and those in the config file. | ||
# queries: ./path/to/local/query, your-org/your-repo/queries@main | ||
|
||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java). | ||
# If this step fails, then you should remove it and run the build manually (see below) | ||
- name: Autobuild | ||
uses: github/codeql-action/autobuild@v1 | ||
|
||
# ℹ️ Command-line programs to run using the OS shell. | ||
# 📚 https://git.io/JvXDl | ||
|
||
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines | ||
# and modify them (or add more) to build your code if your project | ||
# uses a compiled language | ||
|
||
#- run: | | ||
# make bootstrap | ||
# make release | ||
|
||
uses: github/codeql-action/autobuild@v2 | ||
- name: Perform CodeQL Analysis | ||
uses: github/codeql-action/analyze@v1 | ||
uses: github/codeql-action/analyze@v2 |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,7 +4,7 @@ on: [pull_request] | |
|
||
jobs: | ||
check: | ||
runs-on: ubuntu-latest | ||
runs-on: ubuntu-20.04 | ||
|
||
steps: | ||
- name: Get PR Commits | ||
|
@@ -15,4 +15,4 @@ jobs: | |
- name: DCO Check | ||
uses: tim-actions/[email protected] | ||
with: | ||
commits: ${{ steps.get-pr-commits.outputs.commits }} | ||
commits: ${{ steps.get-pr-commits.outputs.commits }} | ||
acarbonetto marked this conversation as resolved.
Show resolved
Hide resolved
|
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,17 @@ | ||
name: SQL CLI Test and Build | ||
|
||
on: [pull_request, push] | ||
on: | ||
push: | ||
branches-ignore: | ||
- 'dependabot/**' | ||
paths: | ||
- 'sql-cli/**' | ||
- '.github/workflows/sql-cli-test-and-build-workflow.yml' | ||
|
||
jobs: | ||
build: | ||
|
||
runs-on: ubuntu-latest | ||
runs-on: ubuntu-20.04 | ||
defaults: | ||
run: | ||
working-directory: sql-cli | ||
|
@@ -15,10 +21,10 @@ jobs: | |
|
||
steps: | ||
- name: Checkout SQL CLI | ||
uses: actions/checkout@v2 | ||
uses: actions/checkout@v3 | ||
|
||
- name: Set up Python ${{ matrix.python-version }} | ||
uses: actions/setup-python@v2 | ||
uses: actions/setup-python@v4 | ||
with: | ||
python-version: ${{ matrix.python-version }} | ||
|
||
|
@@ -28,26 +34,17 @@ jobs: | |
pip install -r requirements-dev.txt | ||
pip install setuptools wheel | ||
|
||
#TODO: will setup CI for IT once we have OpenSearch and sql plugin release. Not it only runs UT | ||
# It can also be refactored by launching OpenSearch instance with plugin installed from gradle. | ||
|
||
# - name: Set up ES and install SQL plugin | ||
# run: | | ||
# sudo add-apt-repository ppa:openjdk-r/ppa | ||
# sudo apt update | ||
# sudo apt install openjdk-14-jdk | ||
# sudo apt install unzip | ||
# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-7.10.0-amd64.deb | ||
# sudo dpkg -i elasticsearch-oss-7.10.0-amd64.deb | ||
# sudo /usr/share/elasticsearch/bin/elasticsearch-plugin install --batch https://d3g5vo6xdbdb9a.cloudfront.net/downloads/elasticsearch-plugins/opensearch-sql/opensearch_sql-1.12.0.0.zip | ||
# sudo systemctl start elasticsearch.service | ||
# tests are designed to run agains http://localhost:9200, so we have to disable/remove security plugin | ||
Yury-Fridlyand marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- name: Download and run OpenSearch | ||
run: | | ||
wget -q https://artifacts.opensearch.org/releases/bundle/opensearch/2.2.1/opensearch-2.2.1-linux-x64.tar.gz | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can this use docker instead of downloading artifacts? IIRC there's a parameter there as well to turn off security. At the very least, I'd like to see this parameterized by OpenSearch version. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. For using docker we need to store somewhere a custom docker-compose file. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. What does it need to customize? I thought this workflow needed an instance of opensearch to run test against. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Oh, right, my bad! Going to fix this |
||
tar xf opensearch-2.2.1-linux-x64.tar.gz | ||
opensearch-2.2.1/bin/opensearch-plugin remove opensearch-security | ||
acarbonetto marked this conversation as resolved.
Show resolved
Hide resolved
|
||
opensearch-2.2.1/bin/opensearch -d | ||
|
||
- name: Run Tox Testing | ||
run: tox | ||
|
||
# - name: Stop ES | ||
# run: sudo systemctl stop elasticsearch.service | ||
|
||
- name: Build Artifact | ||
run: python setup.py sdist bdist_wheel | ||
|
||
|
@@ -57,7 +54,7 @@ jobs: | |
cp -r ./dist/*.tar.gz ./dist/*.whl opensearchsql-builds/ | ||
|
||
- name: Upload Artifact | ||
uses: actions/upload-artifact@v2 | ||
uses: actions/upload-artifact@v3 | ||
with: | ||
name: opensearchsql | ||
path: sql-cli/opensearchsql-builds |
This file was deleted.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why did we need to switch it off of
ubuntu-latest
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To avoid any possible troubles when
ubuntu-latest
would be upgraded. See discussion thread there: #118 (comment).