knative
/
caching
mirror of https://github.com/knative/caching.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update actions (#619) 

Signed-off-by: Knative Automation <automation@knative.team>
This commit is contained in:
knative-automation 2022-04-01 17:50:46 -04:00 committed by GitHub
parent e3469be70e
commit 18eb21bfbc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 25 additions and 638 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
.github/workflows/knative-go-build.yaml vendored
View File

@ -22,44 +22,5 @@ on:
branches: [ 'main', 'master', 'release-*' ]
jobs:
build:
name: Build
strategy:
matrix:
go-version: [1.17.x]
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
steps:
- name: Set up Go ${{ matrix.go-version }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Check out code
uses: actions/checkout@v2
- id: go_mod
uses: andstor/file-existence-action@v1
with:
files: go.mod
- name: Build
if: ${{ steps.go_mod.outputs.files_exists == 'true' }}
run: |
tags="$(grep -I -r '// +build' . | \
grep -v '^./vendor/' | \
grep -v '^./hack/' | \
grep -v '^./third_party' | \
cut -f3 -d' ' | \
tr ',' '\n' | \
sort | uniq | \
grep -v '^!' | \
tr '\n' ' ')"
echo "Building with tags: ${tags}"
go test -vet=off -tags "${tags}" -exec echo ./...
uses: knative/actions/.github/workflows/go-build.yaml@main

57
.github/workflows/knative-go-test.yaml vendored
View File

@ -18,64 +18,9 @@
name: Test
on:
push:
branches: [ 'main', 'master' ]
pull_request:
branches: [ 'main', 'master', 'release-*' ]
jobs:
test:
name: Unit Tests
strategy:
matrix:
go-version: [1.17.x]
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
steps:
- name: Set up Go ${{ matrix.go-version }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Check out code
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Merge upstream
if: github.event_name == 'pull_request'
run: |
if ! git config user.name > /dev/null; then
git config user.name "John Doe"
fi
if ! git config user.email > /dev/null; then
git config user.email "johndoe@localhost"
fi
git remote add upstream https://github.com/${{ github.repository }}.git
git fetch upstream ${{ github.base_ref }}
git pull --no-rebase --no-commit upstream ${{ github.base_ref }}
shell: bash
- name: Check for .codecov.yaml
id: codecov-enabled
uses: andstor/file-existence-action@v1
with:
files: .codecov.yaml
- if: steps.codecov-enabled.outputs.files_exists == 'true'
name: Produce Go Coverage
run: echo 'COVER_OPTS=-coverprofile=coverage.txt -covermode=atomic' >> $GITHUB_ENV
- name: Test
run: go test -race $COVER_OPTS ./...
- if: steps.codecov-enabled.outputs.files_exists == 'true'
name: Codecov
uses: codecov/codecov-action@v1
uses: knative/actions/.github/workflows/go-test.yaml@main

139
.github/workflows/knative-releasability.yaml vendored
View File

@ -25,139 +25,20 @@ on:
inputs:
releaseFamily:
description: 'Release? (vX.Y)'
required: false
moduleReleaseFamily:
description: 'Module Release? (vX.Y)'
required: false
slackChannel:
description: 'Slack Channel? (release-#)'
required: false
jobs:
releasability:
name: Releasability
runs-on: 'ubuntu-latest'
env:
#########################################
# Update this section each release. #
RELEASE: 'v1.3'
MODULE_RELEASE: 'v0.30'
SLACK_CHANNEL: 'release-1dot3'
#########################################
steps:
- name: Defaults
run: |
# If manual trigger sent releaseFamily, moduleReleaseFamily and slackChannel, then override them
if [[ "${{ github.event.inputs.releaseFamily }}" != "" ]]; then
echo "RELEASE=${{ github.event.inputs.releaseFamily }}" >> $GITHUB_ENV
fi
if [[ "${{ github.event.inputs.moduleReleaseFamily }}" != "" ]]; then
echo "MODULE_RELEASE=${{ github.event.inputs.moduleReleaseFamily }}" >> $GITHUB_ENV
fi
if [[ "${{ github.event.inputs.slackChannel }}" != "" ]]; then
echo "SLACK_CHANNEL=${{ github.event.inputs.slackChannel }}" >> $GITHUB_ENV
fi
if [[ "${{ secrets.SLACK_WEBHOOK }}" != "" ]]; then
echo "SLACK_WEBHOOK=exists" >> $GITHUB_ENV
fi
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17.x
- name: Install Dependencies
run: go install knative.dev/test-infra/buoy@main
- name: Check out code
uses: actions/checkout@v2
- name: Exists
id: exists
run: |
EXISTS=0
buoy exists go.mod --release ${RELEASE} --module-release ${MODULE_RELEASE} --verbose || EXISTS=$?
if [[ "$EXISTS" -eq "0" ]]; then
EXISTS=true
else
EXISTS=false
fi
echo ::set-output name=release-branch::${EXISTS}
- name: Check
if: steps.exists.outputs.release-branch == 'false'
run: |
# The following pushes the stdout of buoy into $CHECK_MESSAGE
CHECK=0
echo 'CHECK_MESSAGE<<EOF' >> $GITHUB_ENV
buoy check go.mod --release ${RELEASE} --module-release ${MODULE_RELEASE} --domain knative.dev --verbose >> $GITHUB_ENV 2>&1 || CHECK=$?
echo 'EOF' >> $GITHUB_ENV
# We just captured the return code of the buoy call, test it to see
# if we should continue validating. The next steps short circuit if
# we already know we are not ready for a release.
if [[ "$CHECK" -eq "0" ]]; then
echo 'current=true' >> $GITHUB_ENV
else
echo 'current=false' >> $GITHUB_ENV
fi
- name: Upgrade
if: steps.exists.outputs.release-branch == 'false' && env.current == 'true'
run: |
# if update deps returns un-successful, then mark current to false.
if ! ./hack/update-deps.sh --release ${RELEASE} --module-release ${MODULE_RELEASE} --upgrade; then
echo "VERIFY_MESSAGE=Unable to update deps for ${{ github.repository }}." >> $GITHUB_ENV
echo 'current=false' >> $GITHUB_ENV
fi
- name: Verify
if: steps.exists.outputs.release-branch == 'false' && env.current == 'true'
run: |
# If we don't run `git status` before the "git diff-index" it seems
# to list every file that's been touched by codegen.
git status
CHANGED="$(git diff-index --name-only HEAD --)"
# If we see no changes after the upgrade, then we are up to date.
if [[ "$CHANGED" == "" ]]; then
echo "VERIFY_MESSAGE=${{ github.repository }} up to date." >> $GITHUB_ENV
else
echo "VERIFY_MESSAGE=${{ github.repository }} is out of date." >> $GITHUB_ENV
echo "The following files are changed: $CHANGED"
echo 'current=false' >> $GITHUB_ENV
fi
- name: Status GO
if: steps.exists.outputs.release-branch == 'false' && env.current == 'true'
run: |
echo 'SLACK_COLOR=#098e00' >> $GITHUB_ENV
echo 'SLACK_TITLE=Releasability for ${{ github.repository }} @ ${{ env.RELEASE }} is GO!' >> $GITHUB_ENV
- name: Status NO-GO
if: steps.exists.outputs.release-branch == 'false' && env.current == 'false'
run: |
echo 'SLACK_COLOR=#8E1600' >> $GITHUB_ENV
echo 'SLACK_TITLE=Releasability for ${{ github.repository }} @ ${{ env.RELEASE }} is NO-GO!' >> $GITHUB_ENV
- name: Post status to Slack
# Note: using env.SLACK_WEBHOOK here because secrets are not allowed in the if block.
if: env.SLACK_WEBHOOK != '' && steps.exists.outputs.release-branch == 'false'
uses: rtCamp/action-slack-notify@v2.1.0
env:
SLACK_ICON: http://github.com/knative.png?size=48
SLACK_USERNAME: github-actions
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
MSG_MINIMAL: 'true'
SLACK_MESSAGE: |
${{ env.CHECK_MESSAGE }}
${{ env.VERIFY_MESSAGE }}
For detailed logs: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
- name: Fail if NO-GO
if: steps.exists.outputs.release-branch == 'false' && env.current == 'false'
run: |
# When we have figured out that things are NO-GO, we intentionally fail the job
# so that the status badge shows up red and we can use the badges to create a
# releasability dashboard for all of the repos.
exit 1
uses: knative/actions/.github/workflows/releasability.yaml@main
with:
releaseFamily: ${{ github.event.inputs.releaseFamily }}
moduleReleaseFamily: ${{ github.event.inputs.moduleReleaseFamily }}
slackChannel: ${{ github.event.inputs.slackChannel }}
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

78
.github/workflows/knative-release-notes.yaml vendored
View File

@ -26,79 +26,15 @@ on:
default: 'main'
start-rev:
description: 'Start Tag (defaults to merge-base(branch, prev-branch))'
required: false
end-rev:
description: 'End Tag (defaults to HEAD of the target branch)'
required: false
jobs:
release-notes:
name: Release Notes
runs-on: 'ubuntu-latest'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17.x
- name: Install Dependencies
# https://github.com/kubernetes/release/tree/master/cmd/release-notes
run: go install k8s.io/release/cmd/release-notes@latest
- name: Check out code
uses: actions/checkout@v2
with:
# fetch-depth of 0 indicates all history for all branches and tags.
fetch-depth: 0
- name: Generate Notes
run: |
set -x
# The release-notes tool access ENV vars as options
# https://github.com/kubernetes/release/tree/master/cmd/release-notes#options
export ORG=$(echo '${{ github.repository }}' | awk -F '/' '{print $1}')
export REPO=$(echo '${{ github.repository }}' | awk -F '/' '{print $2}')
export BRANCH="${{ github.event.inputs.branch }}"
export START_REV=${{ github.event.inputs.start-rev }}
export END_REV=${{ github.event.inputs.end-rev }}
if [[ -z "$END_REV" ]]; then
END_REV="origin/$BRANCH"
fi
# If start rev isn't set find the merge base of
# the target branch and the previous branch
if [[ -z "$START_REV" ]]; then
BRANCHES=$(mktemp)
# List of branches sorted by semver descending
git branch -r -l "origin/release-[0-9]*\.[0-9]*" | sed 's/ //g' | sort -Vr > "$BRANCHES"
if [[ "$BRANCH" == "main" ]]; then
LAST_BRANCH="$(head -n1 "$BRANCHES")"
else
# use grep magic to find the next branch
# '-A 1' - prints the line after the match which we can parse
LAST_BRANCH="$(grep -A 1 "$BRANCH" "$BRANCHES" | tail -n1)"
fi
export START_SHA=$(git merge-base $LAST_BRANCH origin/$BRANCH)
fi
release-notes \
--required-author="" \
--output=release-notes.md \
--repo-path="$PWD" \
- name: Display Notes
run: |
cat release-notes.md
- name: Archive Release Notes
uses: actions/upload-artifact@v2
with:
name: release-notes.md
path: release-notes.md
uses: knative/actions/.github/workflows/release-notes.yaml@main
with:
branch: ${{ github.event.inputs.branch }}
start-rev: ${{ github.event.inputs.start-rev }}
end-rev: ${{ github.event.inputs.end-rev }}

29
.github/workflows/knative-security.yaml vendored
View File

@ -26,31 +26,4 @@ on:
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: go
- name: Autobuild
uses: github/codeql-action/autobuild@v1
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
- name: Find Unicode Control Characters
uses: pierdipi/unicode-control-characters-action@v0.1.1
with:
args: -d .
uses: knative/actions/.github/workflows/security.yaml@main

26
.github/workflows/knative-stale.yaml vendored
View File

@ -22,28 +22,6 @@ on:
- cron: '0 1 * * *'
jobs:
stale:
runs-on: 'ubuntu-latest'
steps:
- uses: 'actions/stale@v3'
with:
repo-token: '${{ secrets.GITHUB_TOKEN }}' # No need to setup
stale-issue-message: |-
This issue is stale because it has been open for 90 days with no
activity. It will automatically close after 30 more days of
inactivity. Reopen the issue with `/reopen`. Mark the issue as
fresh by adding the comment `/remove-lifecycle stale`.
stale-issue-label: 'lifecycle/stale'
exempt-issue-labels: 'lifecycle/frozen,triage/accepted'
stale-pr-message: |-
This Pull Request is stale because it has been open for 90 days with
no activity. It will automatically close after 30 more days of
inactivity. Reopen with `/reopen`. Mark as fresh by adding the
comment `/remove-lifecycle stale`.
stale-pr-label: 'lifecycle/stale'
exempt-pr-labels: 'lifecycle/frozen'
days-before-stale: 90
days-before-close: 30
uses: knative/actions/.github/workflows/stale.yaml@main

241
.github/workflows/knative-style.yaml vendored
View File

@ -23,242 +23,5 @@ on:
jobs:
autoformat:
name: Auto-format and Check
runs-on: ubuntu-latest
strategy:
fail-fast: false # Keep running if one leg fails.
matrix:
tool:
- goimports
- gofmt
include:
- tool: gofmt
options: -s
- tool: goimports
package: golang.org/x/tools/cmd/goimports@latest
steps:
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17.x
id: go
- name: Check out code
uses: actions/checkout@v2
- name: Install Dependencies
if: ${{ matrix.package != '' }}
run: |
cd $(mktemp -d)
go install ${{ matrix.package }}
- name: ${{ matrix.tool }} ${{ matrix.options }}
shell: bash
run: >
${{ matrix.tool }} ${{ matrix.options }} -w
$(find .
-path './vendor' -prune
-o -path './third_party' -prune
-o -name '*.pb.go' -prune
-o -name 'wire_gen.go' -prune
-o -type f -name '*.go' -print)
- name: Verify ${{ matrix.tool }}
shell: bash
run: |
# From: https://backreference.org/2009/12/23/how-to-match-newlines-in-sed/
# This is to leverage this workaround:
# https://github.com/actions/toolkit/issues/193#issuecomment-605394935
function urlencode() {
sed ':begin;$!N;s/\n/%0A/;tbegin'
}
if [[ $(git diff-index --name-only HEAD --) ]]; then
for x in $(git diff-index --name-only HEAD --); do
echo "::error file=$x::Please run ${{ matrix.tool }} ${{ matrix.options }}.%0A$(git diff $x | urlencode)"
done
echo "${{ github.repository }} is out of style. Please run ${{ matrix.tool }} ${{ matrix.options }}."
exit 1
fi
echo "${{ github.repository }} is formatted correctly."
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17.x
id: go
- name: Check out code
uses: actions/checkout@v2
- id: golangci_configuration
uses: andstor/file-existence-action@v1
with:
files: .golangci.yaml
- name: Go Lint
if: steps.golangci_configuration.outputs.files_exists == 'true'
uses: golangci/golangci-lint-action@v2
with:
version: v1.43
- name: Install Tools
if: ${{ always() }}
env:
WOKE_VERSION: v0.13.0
run: |
TEMP_PATH="$(mktemp -d)"
cd $TEMP_PATH
echo '::group::🐶 Installing reviewdog ... https://github.com/reviewdog/reviewdog'
curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b "${TEMP_PATH}" 2>&1
echo '::endgroup::'
echo '::group:: Installing misspell ... https://github.com/client9/misspell'
curl -sfL https://raw.githubusercontent.com/client9/misspell/master/install-misspell.sh | sh -s -- -b "${TEMP_PATH}" 2>&1
echo '::endgroup::'
echo '::group:: Installing woke ... https://github.com/get-woke/woke'
curl -sfL https://raw.githubusercontent.com/get-woke/woke/main/install.sh | sh -s -- -b "${TEMP_PATH}" "${WOKE_VERSION}" 2>&1
echo '::endgroup::'
echo "${TEMP_PATH}" >> $GITHUB_PATH
- name: misspell
shell: bash
if: ${{ always() }}
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }}
run: |
set -e
cd "${GITHUB_WORKSPACE}" || exit 1
echo '::group:: Running github.com/client9/misspell with reviewdog 🐶 ...'
# Don't fail because of misspell
set +o pipefail
# Exclude generated and vendored files, plus some legacy
# paths until we update all .gitattributes
git ls-files |
git check-attr --stdin linguist-generated | grep -Ev ': (set|true)$' | cut -d: -f1 |
git check-attr --stdin linguist-vendored | grep -Ev ': (set|true)$' | cut -d: -f1 |
git check-attr --stdin ignore-lint | grep -Ev ': (set|true)$' | cut -d: -f1 |
grep -Ev '^(vendor/|third_party/|.git)' |
grep -v '\.svg$' |
xargs misspell -i importas -error |
reviewdog -efm="%f:%l:%c: %m" \
-name="github.com/client9/misspell" \
-reporter="github-pr-check" \
-filter-mode="added" \
-fail-on-error="true" \
-level="error"
echo '::endgroup::'
- name: trailing whitespace
shell: bash
if: ${{ always() }}
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }}
run: |
set -e
cd "${GITHUB_WORKSPACE}" || exit 1
echo '::group:: Flagging trailing whitespace with reviewdog 🐶 ...'
# Don't fail because of grep
set +o pipefail
# Exclude generated and vendored files, plus some legacy
# paths until we update all .gitattributes
git ls-files |
git check-attr --stdin linguist-generated | grep -Ev ': (set|true)$' | cut -d: -f1 |
git check-attr --stdin linguist-vendored | grep -Ev ': (set|true)$' | cut -d: -f1 |
git check-attr --stdin ignore-lint | grep -Ev ': (set|true)$' | cut -d: -f1 |
grep -Ev '^(vendor/|third_party/|.git)' |
grep -v '\.svg$' |
xargs grep -nE " +$" |
reviewdog -efm="%f:%l:%m" \
-name="trailing whitespace" \
-reporter="github-pr-check" \
-filter-mode="added" \
-fail-on-error="true" \
-level="error"
echo '::endgroup::'
- name: EOF newline
shell: bash
if: ${{ always() }}
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }}
run: |
set -e
cd "${GITHUB_WORKSPACE}" || exit 1
echo '::group:: Flagging missing EOF newlines with reviewdog 🐶 ...'
# Don't fail because of misspell
set +o pipefail
# Lint exclude rule:
# - nothing in vendor/
# - nothing in third_party
# - nothing in .git/
# - no *.ai (Adobe Illustrator) files.
LINT_FILES=$(git ls-files |
git check-attr --stdin linguist-generated | grep -Ev ': (set|true)$' | cut -d: -f1 |
git check-attr --stdin linguist-vendored | grep -Ev ': (set|true)$' | cut -d: -f1 |
git check-attr --stdin ignore-lint | grep -Ev ': (set|true)$' | cut -d: -f1 |
grep -Ev '^(vendor/|third_party/|.git)' |
grep -v '\.ai$' |
grep -v '\.svg$')
for x in $LINT_FILES; do
# Based on https://stackoverflow.com/questions/34943632/linux-check-if-there-is-an-empty-line-at-the-end-of-a-file
if [[ -f $x && ! ( -s "$x" && -z "$(tail -c 1 $x)" ) ]]; then
# We add 1 to `wc -l` here because of this limitation (from the man page):
# Characters beyond the final <newline> character will not be included in the line count.
echo $x:$((1 + $(wc -l $x | tr -s ' ' | cut -d' ' -f 1))): Missing newline
fi
done |
reviewdog -efm="%f:%l: %m" \
-name="EOF Newline" \
-reporter="github-pr-check" \
-filter-mode="added" \
-fail-on-error="true" \
-level="error"
echo '::endgroup::'
# This is mostly copied from https://github.com/get-woke/woke-action-reviewdog/blob/main/entrypoint.sh
# since their action is not yet released under a stable version.
- name: Language
if: ${{ always() && github.event_name == 'pull_request' }}
shell: bash
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }}
run: |
set -e
cd "${GITHUB_WORKSPACE}" || exit 1
# Create a minimal .wokeignore if none already exist.
if [ ! -f .wokeignore ]; then
cat > .wokeignore <<EOF
vendor/*
third_party/*
*.svg
EOF
fi
echo '::group:: Running woke with reviewdog 🐶 ...'
woke --output simple \
| reviewdog -efm="%f:%l:%c: %m" \
-name="woke" \
-reporter="github-pr-check" \
-filter-mode="added" \
-fail-on-error="true" \
-level="error"
echo '::endgroup::'
style:
uses: knative/actions/.github/workflows/style.yaml@main

52
.github/workflows/knative-verify.yaml vendored
View File

@ -22,55 +22,5 @@ on:
branches: [ 'main', 'master', 'release-*' ]
jobs:
verify:
name: Verify Deps and Codegen
strategy:
matrix:
go-version: [1.17.x]
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
steps:
- name: Set up Go ${{ matrix.go-version }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Install Dependencies
run: |
go install github.com/google/ko@latest
go install github.com/google/go-licenses@latest
- name: Check out code
uses: actions/checkout@v2
- name: Update Codegen
shell: bash
run: |
[[ ! -f hack/update-codegen.sh ]] || ./hack/update-codegen.sh
- name: Verify
shell: bash
run: |
# From: https://backreference.org/2009/12/23/how-to-match-newlines-in-sed/
# This is to leverage this workaround:
# https://github.com/actions/toolkit/issues/193#issuecomment-605394935
function urlencode() {
sed ':begin;$!N;s/\n/%0A/;tbegin'
}
if [[ -z "$(git status --porcelain)" ]]; then
echo "${{ github.repository }} up to date."
else
# Print it both ways because sometimes we haven't modified the file (e.g. zz_generated),
# and sometimes we have (e.g. configmap checksum).
echo "Found diffs in: $(git diff-index --name-only HEAD --)"
for x in $(git diff-index --name-only HEAD --); do
echo "::error file=$x::Please run ./hack/update-codegen.sh.%0A$(git diff $x | urlencode)"
done
echo "${{ github.repository }} is out of date. Please run hack/update-codegen.sh"
exit 1
fi
uses: knative/actions/.github/workflows/verify-codegen.yaml@main