diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml deleted file mode 100644 index 4895c00..0000000 --- a/.github/workflows/codeql.yml +++ /dev/null @@ -1,69 +0,0 @@ -# Ref: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning -name: "CodeQL" - -on: - push: - branches: [ main, develop ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ develop ] - schedule: - - cron: '0 09 * * 1' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'java' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] - # Learn more about CodeQL language support at https://git.io/codeql-language-support - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - with: - # We must fetch at least the immediate parents so that if this is - # a pull request then we can checkout the head. - fetch-depth: 2 - - # If this run was triggered by a pull request event, then checkout - # the head of the pull request instead of the merge commit. - - run: git checkout HEAD^2 - if: ${{ github.event_name == 'pull_request' }} - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 \ No newline at end of file diff --git a/.github/workflows/dangerci.yml b/.github/workflows/dangerci.yml new file mode 100644 index 0000000..da98376 --- /dev/null +++ b/.github/workflows/dangerci.yml @@ -0,0 +1,29 @@ +name: Danger CI + +on: + pull_request: + branches: + - 'main' + +jobs: + test: + name: Danger CI + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - uses: actions/setup-node@v2 + with: + node-version: 16.x + + - name: Install dependencies + run: yarn add danger + + - name: Danger CI Check + uses: danger/danger-js@9.1.8 + env: + CI: true + GITHUB_TOKEN: ${{ secrets.GH_RELEASE_TOKEN }} + DANGER_GITHUB_API_TOKEN: ${{ secrets.GH_RELEASE_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/lint_test_build.yml b/.github/workflows/lint_test_build.yml index 0c313b1..b44e88c 100644 --- a/.github/workflows/lint_test_build.yml +++ b/.github/workflows/lint_test_build.yml @@ -65,7 +65,16 @@ jobs: - uses: actions/checkout@v2 - name: Run tests - run: ./gradlew test + run: make test + + # Ref: https://github.com/codecov/codecov-action + - name: Upload Test Coverage + uses: codecov/codecov-action@v2 + with: + files: ./build/reports/jacoco/test/jacocoTestReport.xml + flags: unittests + fail_ci_if_error: true + verbose: true build: name: Build @@ -77,13 +86,13 @@ jobs: - uses: actions/checkout@v2 - name: Run Build - run: ./gradlew build + run: make build - name: Upload App Build uses: actions/upload-artifact@v2 with: name: build - path: build/libs/app-0.0.1.jar + path: build/libs/cachey.jar - name: Cleanup Gradle Cache # Remove some files from the Gradle cache, so they aren't cached by GitHub Actions. diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..d3f9c46 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,24 @@ +name: Release +on: + workflow_run: + workflows: + - "Lint, Test & Build" + types: + - completed + branches: + - main + +jobs: + release: + name: Release + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Release + run: npx semantic-release + env: + GITHUB_TOKEN: ${{ secrets.GH_RELEASE_TOKEN }} diff --git a/.github/workflows/slack_notification.yml b/.github/workflows/slack_notification.yml index 3569d25..ba21714 100644 --- a/.github/workflows/slack_notification.yml +++ b/.github/workflows/slack_notification.yml @@ -11,7 +11,6 @@ on: - "Deploy" - "Gitlab Sync" - "BitBucket Sync" - - "CodeQL" types: - completed diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index 3c13042..0000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,62 +0,0 @@ -# Ref: https://docs.gitlab.com/ee/ci/yaml/README.html -# This is the Gradle build system for JVM applications -# https://gradle.org/ -# https://github.com/gradle/gradle -image: gradle:alpine - -# Disable the Gradle daemon for Continuous Integration servers as correctness -# is usually a priority over speed in CI environments. Using a fresh -# runtime for each build is more reliable since the runtime is completely -# isolated from any previous builds. -variables: - GRADLE_OPTS: "-Dorg.gradle.daemon=false" - -before_script: - - export GRADLE_USER_HOME=`pwd`/.gradle - -stages: - - lint - - test - - build - -cache: - paths: - - .gradle - -lint_code: - stage: lint - script: - - make lint - -test: - stage: test - script: - - ./gradlew test - artifacts: - when: always - paths: - - build/reports/ - reports: - junit: - - build/test-results/test/**/TEST-*.xml - expire_in: 3 days - cache: - key: "$CI_COMMIT_REF_NAME" - policy: push - paths: - - build - - .gradle - -build: - stage: build - script: ./gradlew build -x test - artifacts: - paths: - - build/libs - expire_in: 1 week - cache: - key: "$CI_COMMIT_REF_NAME" - policy: push - paths: - - build - - .gradle diff --git a/.releaserc b/.releaserc new file mode 100644 index 0000000..971e3c2 --- /dev/null +++ b/.releaserc @@ -0,0 +1,9 @@ +{ + "branches": ["main", {"name":"beta", "prerelease": true}], + "tagFormat": "v${version}", + "plugins": [ + "@semantic-release/commit-analyzer", + "@semantic-release/release-notes-generator", + "@semantic-release/github" + ] +} \ No newline at end of file diff --git a/Makefile b/Makefile index d273c81..2f1f20c 100644 --- a/Makefile +++ b/Makefile @@ -13,6 +13,6 @@ lint: build: @echo "Building application" - ./gradlew build + ./gradlew build -x test all: install lint test \ No newline at end of file diff --git a/dangerfile.ts b/dangerfile.ts new file mode 100644 index 0000000..ad3aec4 --- /dev/null +++ b/dangerfile.ts @@ -0,0 +1,26 @@ +import { danger, warn, markdown } from 'danger'; + +// Setup +const { pr } = danger.github; +const modifiedFiles = danger.git.modified_files; +const packageChanged = modifiedFiles.includes('package.json'); +const lockfileChanged = modifiedFiles.includes('yarn.lock'); + +// Always ensure we assign someone, so that our Slackbot can do its work correctly +if (pr.assignee === null) { + fail('Please assign someone to merge this PR, and optionally include people who should review.'); +} + +const bigPRThreshold = 600; +if (pr.additions + pr.deletions > bigPRThreshold) { + warn(`:exclamation: Big PR`); + markdown( + `>: Pull Request size seems relatively large. If Pull Request contains multiple changes, split each into separate PR will helps faster, easier review.`, + ); +} + +if (packageChanged && !lockfileChanged) { + const message = 'Changes were made to package.json, but not to yarn.lock'; + const idea = 'Perhaps you need to run `yarn install`?'; + warn(`${message} - ${idea}`); +} \ No newline at end of file