Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update github workflows #78

Merged
merged 9 commits into from
Nov 21, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 19 additions & 6 deletions .github/workflows/build-timestamped-master.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,15 @@ jobs:
runs-on: ubuntu-latest
if: github.repository_owner == 'ballerina-platform'
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
- name: Checkout Repository
uses: actions/checkout@v3

- name: Set up JDK 21
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17.0.7
java-version: 21.0.3

- name: Change to Timestamped Version
run: |
initialVersion=$((grep -w 'version' | cut -d= -f2) < gradle.properties )
Expand All @@ -32,6 +35,14 @@ jobs:
updatedVersion=$VERSION-$startTime-$latestCommit
echo $updatedVersion
sed -i "s/version=\(.*\)/version=$updatedVersion/g" gradle.properties

- name: Grant execute permission for gradlew
run: chmod +x gradlew

- name: Set ENV Variables
run: |
echo -e '${{ toJson(secrets) }}' | jq -r 'to_entries[] | .key + "=" + .value' >> $GITHUB_ENV

- name: Build with Gradle
env:
packageUser: ${{ secrets.BALLERINA_BOT_USERNAME }}
Expand All @@ -43,13 +54,15 @@ jobs:
REFRESH_TOKEN: ${{ secrets.REFRESH_TOKEN }}
run: |
./gradlew clean build publishAllPublicationsToGitHubPackagesRepository --scan --no-daemon

- name: Generate CodeCov Report
uses: codecov/codecov-action@v2
uses: codecov/codecov-action@v3
- name: Upload Artifact
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: ballerina-runtime
path: target/ballerina-runtime/

- name: Revert to SNAPSHOT Version
run: |
echo "version=${{ env.Initial_Version }}"
Expand All @@ -62,4 +75,4 @@ jobs:
nexusPassword: ${{ secrets.NEXUS_PASSWORD }}
run: |
./gradlew clean publishMavenJavaPublicationToWSO2NexusRepository -x test --scan --no-daemon
daneshk marked this conversation as resolved.
Show resolved Hide resolved


2 changes: 1 addition & 1 deletion .github/workflows/build-with-bal-test-graalvm.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,4 +37,4 @@ jobs:
native_image_options: '-J-Xmx7G ${{ inputs.native_image_options }}'
additional_windows_build_flags: '-x test'
secrets: inherit
daneshk marked this conversation as resolved.
Show resolved Hide resolved


34 changes: 24 additions & 10 deletions .github/workflows/central-publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,27 +17,41 @@ jobs:
runs-on: ubuntu-latest
if: github.repository_owner == 'ballerina-platform'
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
- name: Checkout Repository
uses: actions/checkout@v3

- name: Set up JDK 21
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17.0.7
distribution: "temurin"
java-version: 21.0.3

- name: Set ENV Variables
run: |
echo -e '${{ toJson(secrets) }}' | jq -r 'to_entries[] | .key + "=" + .value' >> $GITHUB_ENV

- name: Build with Gradle
env:
packageUser: ${{ github.actor }}
packagePAT: ${{ secrets.GITHUB_TOKEN }}
run: ./gradlew build -x check -x test

- name: Create lib directory if not exists
run: mkdir -p ballerina/lib

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
with:
scan-type: 'rootfs'
scan-ref: '/github/workspace/ballerina/lib'
format: 'table'
timeout: '10m0s'
exit-code: '1'
scan-type: "rootfs"
scan-ref: "${{ github.workspace }}/ballerina/lib"
format: "table"
timeout: "10m0s"
exit-code: "1"
scanners: "vuln"
cache-dir: "/tmp/trivy-cache"

- name: Ballerina Central Push
if: ${{ github.event.inputs.environment == 'CENTRAL' }}
Expand Down Expand Up @@ -84,4 +98,4 @@ jobs:
REFRESH_TOKEN: ${{ secrets.REFRESH_TOKEN }}
run: |
sed -i 's/version=\(.*\)-SNAPSHOT/version=\1/g' gradle.properties
./gradlew clean build -PpublishToCentral=true
./gradlew clean build -PpublishToCentral=true
34 changes: 25 additions & 9 deletions .github/workflows/publish-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,12 +10,19 @@ jobs:
runs-on: ubuntu-latest
if: github.repository_owner == 'ballerina-platform'
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
- name: Checkout Repository
uses: actions/checkout@v3

- name: Set up JDK 21
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17.0.7
distribution: "temurin"
java-version: 21.0.3

- name: Set ENV Variables
run: |
echo -e '${{ toJson(secrets) }}' | jq -r 'to_entries[] | .key + "=" + .value' >> $GITHUB_ENV

- name: Build with Gradle
env:
packageUser: ${{ github.actor }}
Expand All @@ -24,16 +31,24 @@ jobs:
git config --global user.name ${{ secrets.BALLERINA_BOT_USERNAME }}
git config --global user.email ${{ secrets.BALLERINA_BOT_EMAIL }}
./gradlew build -x check -x test

- name: Create lib directory if not exists
run: mkdir -p ballerina/lib

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
with:
scan-type: 'rootfs'
scan-ref: '/github/workspace/ballerina/lib'
format: 'table'
timeout: '10m0s'
exit-code: '1'
scan-type: "rootfs"
scan-ref: "${{ github.workspace }}/ballerina/lib"
format: "table"
timeout: "10m0s"
exit-code: "1"
scanners: "vuln"
cache-dir: "/tmp/trivy-cache"

- name: Set version env variable
run: echo "VERSION=$((grep -w 'version' | cut -d= -f2) < gradle.properties | rev | cut --complement -d- -f1 | rev)" >> $GITHUB_ENV
- name: Pre release dependency version update
Expand All @@ -52,6 +67,7 @@ jobs:
git commit -m "Move dependencies to stable version" || echo "No changes to commit"
- name: Grant execute permission for gradlew
run: chmod +x gradlew

- name: Publish artifact
env:
BALLERINA_CENTRAL_ACCESS_TOKEN: ${{ secrets.BALLERINA_CENTRAL_ACCESS_TOKEN }}
Expand Down
13 changes: 9 additions & 4 deletions .github/workflows/publish-snapshot-nexus.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,15 @@ jobs:
runs-on: ubuntu-latest
if: github.repository_owner == 'ballerina-platform'
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
- name: Checkout Repository
uses: actions/checkout@v3

- name: Set up JDK 21
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17.0.7
distribution: "temurin"
java-version: 21.0.3

- name: Build with Gradle
env:
packageUser: ${{ secrets.BALLERINA_BOT_USERNAME }}
Expand All @@ -24,4 +27,6 @@ jobs:
CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
REFRESH_TOKEN: ${{ secrets.REFRESH_TOKEN }}
run: |
git config --global user.name ${{ secrets.BALLERINA_BOT_USERNAME }}
git config --global user.email ${{ secrets.BALLERINA_BOT_EMAIL }}
./gradlew build publishMavenJavaPublicationToWSO2NexusRepository --scan --no-daemon
54 changes: 38 additions & 16 deletions .github/workflows/pull-request.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,38 +11,60 @@ jobs:
name: Build on Ubuntu
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17.0.7
- name: Checkout Repository
uses: actions/checkout@v3

- name: Set up JDK 21
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 21.0.3

- name: Set ENV Variables
run: |
echo -e '${{ toJson(secrets) }}' | jq -r 'to_entries[] | .key + "=" + .value' >> $GITHUB_ENV

- name: Build with Gradle
env:
packageUser: ${{ github.actor }}
packagePAT: ${{ secrets.GITHUB_TOKEN }}
CLIENT_ID: ${{ secrets.CLIENT_ID }}
CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
REFRESH_TOKEN: ${{ secrets.REFRESH_TOKEN }}
run: ./gradlew build
- name: Generate Codecov Report
uses: codecov/codecov-action@v2
with:
token: ${{ secrets.CODECOV_TOKEN }}
run: |
git config --global user.name ${{ secrets.BALLERINA_BOT_USERNAME }}
git config --global user.email ${{ secrets.BALLERINA_BOT_EMAIL }}
./gradlew build

- name: Generate Codecov Report
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}

windows-build:
name: Build on Windows
runs-on: windows-latest
concurrency:
group: ${{ github.head_ref }}-windows-build
cancel-in-progress: true
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
- name: Checkout Repository
uses: actions/checkout@v3

- name: Set up JDK 21
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17.0.7
distribution: 'temurin'
java-version: 21.0.3

- name: Set ENV Variables
run: |
echo '${{ toJson(secrets) }}' | jq -r 'to_entries[] | .key + "=" + .value' | Out-File -FilePath $env:GITHUB_ENV -Append

- name: Build with Gradle
env:
packageUser: ${{ github.actor }}
packagePAT: ${{ secrets.GITHUB_TOKEN }}
JAVA_TOOL_OPTIONS: -Dfile.encoding=UTF8
run: ./gradlew.bat build -x test
# Disabling tests because no docker in git-action windows
# Disabling tests because no docker in git-action windows
33 changes: 6 additions & 27 deletions .github/workflows/trivy-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,32 +3,11 @@ name: Trivy
on:
workflow_dispatch:
schedule:
- cron: '30 20 * * *'
- cron: "30 20 * * *"

jobs:
ubuntu-build:
name: Build on Ubuntu
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17.0.7
- name: Build with Gradle
env:
packageUser: ${{ github.actor }}
packagePAT: ${{ secrets.GITHUB_TOKEN }}
run: ./gradlew build -x check -x test
- name: Create lib directory if not exists
run: mkdir -p ballerina/lib
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'rootfs'
scan-ref: '/github/workspace/ballerina/lib'
format: 'table'
timeout: '10m0s'
exit-code: '1'

call_workflow:
name: Run Trivy Scan Workflow
if: ${{ github.repository_owner == 'ballerina-platform' }}
uses: ballerina-platform/ballerina-library/.github/workflows/trivy-scan-template.yml@main
secrets: inherit
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ This repository only contains the source code for the package.

### Set up the prerequisites

1. Download and install Java SE Development Kit (JDK) version 17 (from one of the following locations).
1. Download and install Java SE Development Kit (JDK) version 21 (from one of the following locations).
* [Oracle](https://www.oracle.com/java/technologies/downloads/)
* [OpenJDK](https://adoptium.net/)

Expand Down
6 changes: 3 additions & 3 deletions ballerina/Ballerina.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,16 @@ icon = "icon.png"
license = ["Apache-2.0"]
distribution = "2201.10.0"

[platform.java17]
[platform.java21]
graalvmCompatible = true

[[platform.java17.dependency]]
[[platform.java21.dependency]]
groupId = "io.ballerina.stdlib"
artifactId = "persist.googlesheets-native"
version = "1.4.0"
path = "../native/build/libs/persist.googlesheets-native-1.4.0.jar"

[[platform.java17.dependency]]
[[platform.java21.dependency]]
groupId = "io.ballerina.stdlib"
artifactId = "persist-native"
version = "1.4.0"
Expand Down
6 changes: 3 additions & 3 deletions build-config/resources/Ballerina.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,16 @@ icon = "icon.png"
license = ["Apache-2.0"]
distribution = "2201.10.0"

[platform.java17]
[platform.java21]
graalvmCompatible = true

[[platform.java17.dependency]]
[[platform.java21.dependency]]
groupId = "io.ballerina.stdlib"
artifactId = "persist.googlesheets-native"
version = "@toml.version@"
path = "../native/build/libs/persist.googlesheets-native-@project.version@.jar"

[[platform.java17.dependency]]
[[platform.java21.dependency]]
groupId = "io.ballerina.stdlib"
artifactId = "persist-native"
version = "@persist.version@"
Expand Down
1 change: 1 addition & 0 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ subprojects {
ballerinaStdLibs "io.ballerina.stdlib:uuid-ballerina:${stdlibUuidVersion}"
ballerinaStdLibs "io.ballerina.stdlib:cache-ballerina:${stdlibCacheVersion}"
ballerinaStdLibs "io.ballerina.stdlib:oauth2-ballerina:${stdlibOAuth2Version}"
ballerinaStdLibs "io.ballerina.lib:data.jsondata-ballerina:${stdlibDataJsonDataVersion}"
ballerinaStdLibs "io.ballerina.stdlib:auth-ballerina:${stdlibAuthVersion}"
ballerinaStdLibs "io.ballerina.stdlib:jwt-ballerina:${stdlibJwtVersion}"
ballerinaStdLibs "io.ballerina.stdlib:http-ballerina:${stdlibHttpVersion}"
Expand Down
Loading
Loading