From ac54c5b32b5979905258c46e0f5151db55b46035 Mon Sep 17 00:00:00 2001 From: Honest Bot Date: Mon, 2 Sep 2024 03:34:44 +0000 Subject: [PATCH] ci: synced file(s) with honestbank/.github --- .github/CODEOWNERS | 4 +- .github/pull_request_template.md | 6 - .github/workflows/build.yaml | 124 +++--------------- .github/workflows/go-version-check.yaml | 22 ++++ .../repository-pre-commit-checks.yaml | 21 +++ .github/workflows/semantic-pr.yaml | 5 +- 6 files changed, 65 insertions(+), 117 deletions(-) create mode 100644 .github/workflows/go-version-check.yaml create mode 100644 .github/workflows/repository-pre-commit-checks.yaml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 85bccce..71f1166 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -8,4 +8,6 @@ # the repo. Unless a later match takes precedence, # @global-owner1 and @global-owner2 will be requested for # review when someone opens a pull request. -* @honestbank/backend-engineers @honestbank/honestbank-engineers +* @honestbank/backend-engineers @honestbank/l3-backend-engineers +graph/*.graphqls @honestbank/graphql-admins +graph/*.graphql @honestbank/graphql-admins diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 737a013..7e799e2 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -18,9 +18,3 @@ Please confirm that you have done the following before requesting reviews: ### Description * - -### Experiment Link - - - -GrowthBook Experiment Link: https://app.growthbook.io/features/ diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 9f94ad1..edb3308 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,118 +1,24 @@ -# This is managed workflow, do not change this file in downstream repo +# DO NOT CHANGE. This file is being managed from a central repository +# To know more simply visit https://github.com/honestbank/.github/blob/main/docs/about.md name: go-tests on: push: - branches: [main] + branches: [main, master] pull_request: - branches: [main] - -env: - GOPRIVATE: github.com/honestbank + branches: [main, master] jobs: - build: - name: go-tests - runs-on: ubuntu-latest - strategy: - matrix: - go: ["1.20"] - steps: - - name: Set up Golang - uses: actions/setup-go@v4 - with: - go-version: ${{ matrix.go }} - id: go - - - name: Check out code into the Go module directory - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Configure ssh-key for private modules - env: - SSH_KEY: ${{ secrets.ENGINEERING_SSH_KEY }} - run: mkdir -p ~/.ssh; echo "$SSH_KEY" > ~/.ssh/id_rsa; chmod 600 ~/.ssh/id_rsa; git config --global url."git@github.com:".insteadOf "https://github.com/" - - - name: Setup go modules - run: go clean -modcache;go mod tidy; go mod download; go mod verify; - - - name: golangci-lint - uses: golangci/golangci-lint-action@v2 - with: - version: latest - args: --timeout=5m --modules-download-mode=readonly - skip-pkg-cache: true - skip-build-cache: true - - - name: sonarcloud-scan - uses: sonarsource/sonarcloud-github-action@master - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - continue-on-error: true - - integration-tests: - name: integration-tests - runs-on: ubuntu-latest - steps: - - name: Check out code into the Go module directory - uses: actions/checkout@v4 - with: - fetch-depth: 0 + load-secrets: + uses: "./.github/workflows/secrets-loader.yaml" + secrets: inherit - - name: Set up Golang - uses: actions/setup-go@v4 - with: - go-version: "1.20" - id: go - - - name: Start docker containers for integration tests - run: docker-compose -f docker-compose.integration.yaml up -d - - - name: Configure ssh-key for private modules - env: - SSH_KEY: ${{ secrets.ENGINEERING_SSH_KEY }} - run: mkdir -p ~/.ssh; echo "$SSH_KEY" > ~/.ssh/id_rsa; chmod 600 ~/.ssh/id_rsa; git config --global url."git@github.com:".insteadOf "https://github.com/" - - - name: Setup go modules - run: go mod tidy - - - name: Test and generate code coverage - run: go test -tags=integration_test -coverprofile=coverage.txt -covermode=atomic ./... - - - name: sonarcloud-scan - uses: sonarsource/sonarcloud-github-action@master - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - continue-on-error: true - - release: - name: semantic-release - runs-on: ubuntu-latest - needs: [build] - steps: - - name: Set up Golang - uses: actions/setup-go@v4 - with: - go-version: "1.20" - id: go - - uses: actions/setup-node@v3 - with: - node-version: '18' - - name: Check out code into the Go module directory - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: release - uses: cycjimmy/semantic-release-action@v3 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - semantic_version: 19 - extra_plugins: | - @semantic-release/git@10.0.1 - @semantic-release/exec@6.0.2 - @semantic-release/changelog@6.0.1 + go-tests: + name: go-tests + needs: + - load-secrets + uses: honestbank/workflows/.github/workflows/shared-build-go-sdk-template.yaml@main + secrets: inherit + with: + encrypted_secrets : ${{ needs.load-secrets.outputs.encrypted_secrets }} diff --git a/.github/workflows/go-version-check.yaml b/.github/workflows/go-version-check.yaml new file mode 100644 index 0000000..2b6b377 --- /dev/null +++ b/.github/workflows/go-version-check.yaml @@ -0,0 +1,22 @@ +name: go-version-check +permissions: + contents: read + +on: + push: + branches: + - main + - master + pull_request: + types: + - opened + - reopened + - synchronize + +jobs: + repository-go-version-check: + name: repository-go-version-check + uses: honestbank/workflows/.github/workflows/shared-go-version-check.yaml@main + with: + ignore_version_check: false + secrets: inherit diff --git a/.github/workflows/repository-pre-commit-checks.yaml b/.github/workflows/repository-pre-commit-checks.yaml new file mode 100644 index 0000000..37b6ce3 --- /dev/null +++ b/.github/workflows/repository-pre-commit-checks.yaml @@ -0,0 +1,21 @@ +# DO NOT CHANGE. This file is being managed from a central repository +# To know more simply visit https://github.com/honestbank/.github/blob/main/docs/about.md + +name: repository-pre-commit-checks + +on: + pull_request: + branches: [main, master] + +jobs: + load-secrets: + uses: "./.github/workflows/secrets-loader.yaml" + secrets: inherit + repository-pre-commit-checks: + name: repository-pre-commit-checks + needs: + - load-secrets + uses: honestbank/workflows/.github/workflows/shared-pre-commit-checks-go.yaml@main + secrets: inherit + with: + encrypted_secrets : ${{ needs.load-secrets.outputs.encrypted_secrets }} diff --git a/.github/workflows/semantic-pr.yaml b/.github/workflows/semantic-pr.yaml index 332f9bd..99eda8b 100644 --- a/.github/workflows/semantic-pr.yaml +++ b/.github/workflows/semantic-pr.yaml @@ -5,13 +5,16 @@ # Use template from https://github.com/honestbank/workflows/tree/main/examples/repository-workflows --- name: "repository-semantic-pr" -permissions: read-all +permissions: + contents: write + pull-requests: write on: # yamllint disable-line rule:truthy pull_request: types: - opened - edited + - reopened - synchronize jobs: