diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 89c25fdd07..4fa1bf44f4 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -134,7 +134,14 @@ jobs: - name: Publish run: c2cciutils-publish if: env.SECRETS == 'TRUE' - - run: git diff + - run: git diff --exit-code --patch > /tmp/dpkg-versions.patch || true + if: failure() + - uses: actions/upload-artifact@v4 + with: + name: Update dpkg versions list.patch + path: /tmp/dpkg-versions.patch + retention-days: 1 + if: failure() - run: docker run --rm --env=GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} mapfish_print_builder bash -c 'gradle build && gradle publish' @@ -145,63 +152,63 @@ jobs: - name: Create Release id: create_release uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: tag_name: ${{ github.ref }} release_name: Release ${{ steps.tag.outputs.tag }} draft: false prerelease: false + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} if: startsWith(github.ref, 'refs/tags/') && env.SECRETS == 'TRUE' - name: Upload Release Asset uses: actions/upload-release-asset@v1.0.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./core/build/libs/print-servlet-${{ steps.version.outputs.version }}.war asset_name: print-servlet-${{ steps.version.outputs.version }}.war asset_content_type: application/java-archive + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} if: startsWith(github.ref, 'refs/tags/') && env.SECRETS == 'TRUE' - name: Upload Release Asset uses: actions/upload-release-asset@v1.0.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./core/build/distributions/core-${{ steps.version.outputs.version }}.zip asset_name: print-cli-${{ steps.version.outputs.version }}.zip asset_content_type: application/zip + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} if: startsWith(github.ref, 'refs/tags/') && env.SECRETS == 'TRUE' - name: Upload Release Asset uses: actions/upload-release-asset@v1.0.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./core/build/libs/print-lib-${{ steps.version.outputs.version }}.jar asset_name: print-lib-${{ steps.version.outputs.version }}.jar asset_content_type: application/java-archive + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} if: startsWith(github.ref, 'refs/tags/') && env.SECRETS == 'TRUE' - name: Upload Release Asset uses: actions/upload-release-asset@v1.0.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./core/build/libs/print-lib-${{ steps.version.outputs.version }}-sources.jar asset_name: print-lib-${{ steps.version.outputs.version }}-sources.jar asset_content_type: application/java-archive + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} if: startsWith(github.ref, 'refs/tags/') && env.SECRETS == 'TRUE' - name: Upload Release Asset uses: actions/upload-release-asset@v1.0.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./core/build/libs/print-lib-${{ steps.version.outputs.version }}-javadoc.jar asset_name: print-lib-${{ steps.version.outputs.version }}-javadoc.jar asset_content_type: application/java-archive + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} if: startsWith(github.ref, 'refs/tags/') && env.SECRETS == 'TRUE' # Update the documentation diff --git a/.github/workflows/pr-checks.yaml b/.github/workflows/pr-checks.yaml deleted file mode 100644 index 48e057c487..0000000000 --- a/.github/workflows/pr-checks.yaml +++ /dev/null @@ -1,32 +0,0 @@ -name: Pull request check - -on: - pull_request: - types: - - opened - - reopened - - edited - - synchronize - -env: - POETRY_DYNAMIC_VERSIONING_BYPASS: 0.0.0 - -jobs: - build: - name: Pull request check - runs-on: ubuntu-22.04 - timeout-minutes: 5 - if: github.event.pull_request.user.login != 'renovate[bot]' - - steps: - - run: pip install --upgrade attrs - - uses: actions/checkout@v3 - - - run: echo "${HOME}/.local/bin" >> ${GITHUB_PATH} - - run: python3 -m pip install --user --pre c2cciutils[pr_checks] - - - name: Check pull request - run: c2cciutils-pull-request-checks - env: - GITHUB_EVENT: ${{ toJson(github) }} - GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }} diff --git a/.github/workflows/pull-request-automation.yaml b/.github/workflows/pull-request-automation.yaml index 14746f2894..0fab602720 100644 --- a/.github/workflows/pull-request-automation.yaml +++ b/.github/workflows/pull-request-automation.yaml @@ -26,7 +26,7 @@ jobs: with: script: |- console.log(context); - - name: Auto reviews Renovate updates + - name: Auto reviews GHCI updates uses: actions/github-script@v7 with: script: |- @@ -37,10 +37,13 @@ jobs: event: 'APPROVE', }) if: |- - github.event.pull_request.user.login == 'renovate[bot]' + startsWith(github.head_ref, 'ghci/audit/') + && (github.event.pull_request.user.login == 'ghci-test[bot]' + || github.event.pull_request.user.login == 'ghci-int[bot]' + || github.event.pull_request.user.login == 'ghci[bot]') && (github.event.action == 'opened' || github.event.action == 'reopened') - - name: Auto review and merge snyk auto fix + - name: Auto reviews Renovate updates uses: actions/github-script@v7 with: script: |- @@ -49,62 +52,8 @@ jobs: repo: context.repo.repo, pull_number: context.payload.pull_request.number, event: 'APPROVE', - }); - github.graphql(` - mutation { - enablePullRequestAutoMerge(input: { - pullRequestId: "${context.payload.pull_request.node_id}", - mergeMethod: SQUASH, - }) { - pullRequest { - autoMergeRequest { - enabledAt - } - } - } - } - `) - if: |- - github.event.pull_request.user.login == 'c2c-bot-gis-ci-2' - && startsWith(github.head_ref, 'snyk-fix/') - && (github.event.action == 'opened' - || github.event.action == 'reopened') - - name: Restart audit workflow - uses: actions/github-script@v7 - with: - script: |- - let runs = await github.rest.actions.listWorkflowRuns({ - owner: context.repo.owner, - repo: context.repo.repo, - workflow_id: 'audit.yaml', - per_page: 1, - }); - runs = runs.data.workflow_runs; - if (runs.length == 1 && runs[0].status != 'success') { - console.log(`Rerun workflow ${runs[0].id} ${runs[0].status}`); - github.rest.actions.reRunWorkflowFailedJobs({ - owner: context.repo.owner, - repo: context.repo.repo, - run_id: runs[0].id, - }); - } - if: |- - github.event.pull_request.user.login == 'c2c-bot-gis-ci-2' - && (startsWith(github.head_ref, 'snyk-fix/') - || startsWith(github.head_ref, 'dpkg-update/')) - && github.event.action == 'closed' - && github.event.pull_request.merged == true - - name: Auto close pre-commit.ci autoupdate - uses: actions/github-script@v7 - with: - script: |- - github.rest.pulls.update({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.payload.pull_request.number, - state: 'closed', - }); + }) if: |- - github.event.pull_request.user.login == 'pre-commit-ci' + github.event.pull_request.user.login == 'renovate[bot]' && (github.event.action == 'opened' || github.event.action == 'reopened')