From d56c82171ede4a2f952bf0e7d1c3dae020810305 Mon Sep 17 00:00:00 2001 From: Lucas Gonze Date: Wed, 23 Oct 2024 15:10:13 -0400 Subject: [PATCH] Harmonize with the current newrelic org --- .github/workflows/fossa-caos.yml | 4 +- .github/workflows/fossa-caos.ymlbup | 31 +++++++++++++ .github/workflows/fossa-check-env.ymlbup | 21 +++++++++ .github/workflows/fossa-default.yml | 4 +- .github/workflows/fossa-default.ymlbup | 27 +++++++++++ .github/workflows/fossa-elixir.yml | 4 +- .github/workflows/fossa-elixir.ymlbup | 31 +++++++++++++ .github/workflows/fossa-gradle.yml | 4 +- .github/workflows/fossa-gradle.ymlbup | 50 +++++++++++++++++++++ .github/workflows/fossa-ruby-bundler.yml | 4 +- .github/workflows/fossa-ruby-bundler.ymlbup | 43 ++++++++++++++++++ .github/workflows/fossa-scala.yml | 6 +-- .github/workflows/fossa-scala.ymlbup | 32 +++++++++++++ .github/workflows/repolinter-apply.yml | 2 +- .github/workflows/repolinter-apply.ymlbup | 47 +++++++++++++++++++ .github/workflows/test.yml | 2 +- .github/workflows/test.ymlbup | 33 ++++++++++++++ 17 files changed, 330 insertions(+), 15 deletions(-) create mode 100644 .github/workflows/fossa-caos.ymlbup create mode 100644 .github/workflows/fossa-check-env.ymlbup create mode 100644 .github/workflows/fossa-default.ymlbup create mode 100644 .github/workflows/fossa-elixir.ymlbup create mode 100644 .github/workflows/fossa-gradle.ymlbup create mode 100644 .github/workflows/fossa-ruby-bundler.ymlbup create mode 100644 .github/workflows/fossa-scala.ymlbup create mode 100644 .github/workflows/repolinter-apply.ymlbup create mode 100644 .github/workflows/test.ymlbup diff --git a/.github/workflows/fossa-caos.yml b/.github/workflows/fossa-caos.yml index 8db2021..bb7ee77 100644 --- a/.github/workflows/fossa-caos.yml +++ b/.github/workflows/fossa-caos.yml @@ -5,7 +5,7 @@ on: jobs: check_env: - uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + uses: newrelic-csec/.github/.github/workflows/fossa-check-env.yml@main secrets: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} @@ -28,4 +28,4 @@ jobs: with: ssh-private-key: ${{ secrets.CAOS_RUST_CRATE_FOSSA }} - id: fossa-cli - uses: newrelic/.github/.github/composite/fossa-composite@main + uses: newrelic-csec/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-caos.ymlbup b/.github/workflows/fossa-caos.ymlbup new file mode 100644 index 0000000..8db2021 --- /dev/null +++ b/.github/workflows/fossa-caos.ymlbup @@ -0,0 +1,31 @@ +name: FOSSA CLI Analysis - CAOS +on: + pull_request: + branches: [ $default-branch ] + +jobs: + check_env: + uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + secrets: + FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} + + fossa: + needs: check_env + if: ${{ needs.check_env.outputs.HAS_FOSSA_API_KEY == 'true' }} + runs-on: ubuntu-latest + env: + FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}} + ORG: ${{ github.repository_owner }} + REPO: ${{ github.repository }} + CUSTOM_PROPS_PAT: ${{ secrets.FOSSA_PAT }} + HAS_FOSSA_TARGETS: "" + FOSSA_ANALYZE_RESULT: "" + + steps: + - uses: actions/checkout@v3 + - name: Give GitHub Actions access to private crates + uses: webfactory/ssh-agent@v0.8.0 + with: + ssh-private-key: ${{ secrets.CAOS_RUST_CRATE_FOSSA }} + - id: fossa-cli + uses: newrelic/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-check-env.ymlbup b/.github/workflows/fossa-check-env.ymlbup new file mode 100644 index 0000000..ee1df1f --- /dev/null +++ b/.github/workflows/fossa-check-env.ymlbup @@ -0,0 +1,21 @@ +name: FOSSA Check Env +on: + workflow_call: + secrets: + FOSSA_API_KEY: + required: false + outputs: + HAS_FOSSA_API_KEY: + description: "True if FOSSA API key is available." + value: ${{ jobs.check_env.outputs.check }} + +jobs: + check_env: + runs-on: ubuntu-latest + env: + HAS_FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY != '' }} + steps: + - id: check-fossa-api-key + run: echo "check=$HAS_FOSSA_API_KEY" >> "$GITHUB_OUTPUT" + outputs: + check: ${{ steps.check-fossa-api-key.outputs.check }} diff --git a/.github/workflows/fossa-default.yml b/.github/workflows/fossa-default.yml index e24181e..11049d1 100644 --- a/.github/workflows/fossa-default.yml +++ b/.github/workflows/fossa-default.yml @@ -5,7 +5,7 @@ on: jobs: check_env: - uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + uses: newrelic-csec/.github/.github/workflows/fossa-check-env.yml@main secrets: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} @@ -24,4 +24,4 @@ jobs: steps: - uses: actions/checkout@v3 - id: fossa-cli - uses: newrelic/.github/.github/composite/fossa-composite@main + uses: newrelic-csec/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-default.ymlbup b/.github/workflows/fossa-default.ymlbup new file mode 100644 index 0000000..e24181e --- /dev/null +++ b/.github/workflows/fossa-default.ymlbup @@ -0,0 +1,27 @@ +name: FOSSA CLI Analysis - Default +on: + pull_request: + branches: [ $default-branch ] + +jobs: + check_env: + uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + secrets: + FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} + + fossa: + needs: check_env + if: ${{ needs.check_env.outputs.HAS_FOSSA_API_KEY == 'true' }} + runs-on: ubuntu-latest + env: + FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}} + ORG: ${{ github.repository_owner }} + REPO: ${{ github.repository }} + CUSTOM_PROPS_PAT: ${{ secrets.FOSSA_PAT }} + HAS_FOSSA_TARGETS: "" + FOSSA_ANALYZE_RESULT: "" + + steps: + - uses: actions/checkout@v3 + - id: fossa-cli + uses: newrelic/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-elixir.yml b/.github/workflows/fossa-elixir.yml index 331d7a2..3b9f6f2 100644 --- a/.github/workflows/fossa-elixir.yml +++ b/.github/workflows/fossa-elixir.yml @@ -5,7 +5,7 @@ on: jobs: check_env: - uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + uses: newrelic-csec/.github/.github/workflows/fossa-check-env.yml@main secrets: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} @@ -28,4 +28,4 @@ jobs: otp-version: '26' elixir-version: '1.15' - id: fossa-cli - uses: newrelic/.github/.github/composite/fossa-composite@main + uses: newrelic-csec/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-elixir.ymlbup b/.github/workflows/fossa-elixir.ymlbup new file mode 100644 index 0000000..331d7a2 --- /dev/null +++ b/.github/workflows/fossa-elixir.ymlbup @@ -0,0 +1,31 @@ +name: FOSSA CLI Analysis - Elixir +on: + pull_request: + branches: [ $default-branch ] + +jobs: + check_env: + uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + secrets: + FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} + + fossa: + needs: check_env + if: ${{ needs.check_env.outputs.HAS_FOSSA_API_KEY == 'true' }} + runs-on: ubuntu-latest + env: + FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}} + ORG: ${{ github.repository_owner }} + REPO: ${{ github.repository }} + CUSTOM_PROPS_PAT: ${{ secrets.FOSSA_PAT }} + HAS_FOSSA_TARGETS: "" + FOSSA_ANALYZE_RESULT: "" + + steps: + - uses: actions/checkout@v3 + - uses: erlef/setup-beam@v1 + with: + otp-version: '26' + elixir-version: '1.15' + - id: fossa-cli + uses: newrelic/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-gradle.yml b/.github/workflows/fossa-gradle.yml index 406bbdc..add7f85 100644 --- a/.github/workflows/fossa-gradle.yml +++ b/.github/workflows/fossa-gradle.yml @@ -5,7 +5,7 @@ on: jobs: check_env: - uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + uses: newrelic-csec/.github/.github/workflows/fossa-check-env.yml@main secrets: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} @@ -47,4 +47,4 @@ jobs: - name: Setup Gradle options run: echo "GRADLE_OPTIONS=--console=plain --parallel -Porg.gradle.java.installations.auto-detect=false -Porg.gradle.java.installations.fromEnv=JAVA_HOME_8_X64,JAVA_HOME_11_X64,JAVA_HOME_17_X64,JAVA_HOME_21_X64" >> $GITHUB_ENV - id: fossa-cli - uses: newrelic/.github/.github/composite/fossa-composite@main + uses: newrelic-csec/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-gradle.ymlbup b/.github/workflows/fossa-gradle.ymlbup new file mode 100644 index 0000000..406bbdc --- /dev/null +++ b/.github/workflows/fossa-gradle.ymlbup @@ -0,0 +1,50 @@ +name: FOSSA CLI Analysis - Gradle +on: + pull_request: + branches: [ $default-branch ] + +jobs: + check_env: + uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + secrets: + FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} + + fossa: + needs: check_env + if: ${{ needs.check_env.outputs.HAS_FOSSA_API_KEY == 'true' }} + runs-on: ubuntu-latest + env: + FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}} + ORG: ${{ github.repository_owner }} + REPO: ${{ github.repository }} + CUSTOM_PROPS_PAT: ${{ secrets.FOSSA_PAT }} + HAS_FOSSA_TARGETS: "" + FOSSA_ANALYZE_RESULT: "" + + steps: + - name: Checkout this repo + uses: actions/checkout@v4 + - name: Setup javas + uses: actions/setup-java@v3 + with: + distribution: 'temurin' + java-version: | + 21 + 17 + 11 + 8 + - name: Set gradle.properties + run: | + export GRADLE_PROPERTIES_PATH="./gradle.properties" + echo "jdk8=${JAVA_HOME_8_X64}" >> $GRADLE_PROPERTIES_PATH + echo "jdk11=${JAVA_HOME_11_X64}" >> $GRADLE_PROPERTIES_PATH + echo "jdk17=${JAVA_HOME_17_X64}" >> $GRADLE_PROPERTIES_PATH + echo "jdk21=${JAVA_HOME_21_X64}" >> $GRADLE_PROPERTIES_PATH + - name: Setup Gradle + uses: gradle/gradle-build-action@v2 + with: + cache-read-only: true + - name: Setup Gradle options + run: echo "GRADLE_OPTIONS=--console=plain --parallel -Porg.gradle.java.installations.auto-detect=false -Porg.gradle.java.installations.fromEnv=JAVA_HOME_8_X64,JAVA_HOME_11_X64,JAVA_HOME_17_X64,JAVA_HOME_21_X64" >> $GITHUB_ENV + - id: fossa-cli + uses: newrelic/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-ruby-bundler.yml b/.github/workflows/fossa-ruby-bundler.yml index e155f92..5a2d1d3 100644 --- a/.github/workflows/fossa-ruby-bundler.yml +++ b/.github/workflows/fossa-ruby-bundler.yml @@ -5,7 +5,7 @@ on: jobs: check_env: - uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + uses: newrelic-csec/.github/.github/workflows/fossa-check-env.yml@main secrets: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} @@ -40,4 +40,4 @@ jobs: fi done - id: fossa-cli - uses: newrelic/.github/.github/composite/fossa-composite@main + uses: newrelic-csec/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-ruby-bundler.ymlbup b/.github/workflows/fossa-ruby-bundler.ymlbup new file mode 100644 index 0000000..e155f92 --- /dev/null +++ b/.github/workflows/fossa-ruby-bundler.ymlbup @@ -0,0 +1,43 @@ +name: FOSSA CLI Analysis - Ruby +on: + pull_request: + branches: [ $default-branch ] + +jobs: + check_env: + uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + secrets: + FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} + + fossa_ruby: + needs: check_env + if: ${{ needs.check_env.outputs.HAS_FOSSA_API_KEY == 'true' }} + runs-on: ubuntu-latest + env: + FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}} + ORG: ${{ github.repository_owner }} + REPO: ${{ github.repository }} + CUSTOM_PROPS_PAT: ${{ secrets.FOSSA_PAT }} + HAS_FOSSA_TARGETS: "" + FOSSA_ANALYZE_RESULT: "" + + steps: + - uses: actions/checkout@v4 + - uses: ruby/setup-ruby@v1 + with: + ruby-version: '3.3' + - name: Ensure that a Gemfile.lock file exists for each Gemfile file + run: | + echo "Ensuring that Gemfile.lock files exist..." + for gemfile in $(find . -name Gemfile -not -path './test/**' -not -path './spec/**'); do + dir=${gemfile%/*} + echo "Found Gemfile at $dir" + if [[ -e "$dir/Gemfile.lock" ]]; then + echo "Found Gemfile.lock at $dir" + else + echo "No Gemfile.lock found at $dir - generating one..." + bundle lock --gemfile "$dir/Gemfile" + fi + done + - id: fossa-cli + uses: newrelic/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-scala.yml b/.github/workflows/fossa-scala.yml index e7e6760..441a2d5 100644 --- a/.github/workflows/fossa-scala.yml +++ b/.github/workflows/fossa-scala.yml @@ -5,7 +5,7 @@ on: jobs: check_env: - uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + uses: newrelic-csec/.github/.github/workflows/fossa-check-env.yml@main secrets: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} @@ -24,9 +24,9 @@ jobs: steps: - uses: actions/checkout@v3 - name: Download newrelic.jar - if: ${{ github.repository == 'newrelic/newrelic-java-examples' }} + if: ${{ github.repository == 'newrelic-csec/newrelic-java-examples' }} run: | mkdir newrelic-java-agent/scala/segment-api-synchronous/libs curl https://download.newrelic.com/newrelic/java-agent/newrelic-agent/current/newrelic.jar --output newrelic-java-agent/scala/segment-api-synchronous/libs/newrelic.jar - id: fossa-cli - uses: newrelic/.github/.github/composite/fossa-composite@main + uses: newrelic-csec/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/fossa-scala.ymlbup b/.github/workflows/fossa-scala.ymlbup new file mode 100644 index 0000000..e7e6760 --- /dev/null +++ b/.github/workflows/fossa-scala.ymlbup @@ -0,0 +1,32 @@ +name: FOSSA CLI Analysis - Scala +on: + pull_request: + branches: [ $default-branch ] + +jobs: + check_env: + uses: newrelic/.github/.github/workflows/fossa-check-env.yml@main + secrets: + FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} + + fossa: + needs: check_env + if: ${{ needs.check_env.outputs.HAS_FOSSA_API_KEY == 'true' }} + runs-on: ubuntu-latest + env: + FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}} + ORG: ${{ github.repository_owner }} + REPO: ${{ github.repository }} + CUSTOM_PROPS_PAT: ${{ secrets.FOSSA_PAT }} + HAS_FOSSA_TARGETS: "" + FOSSA_ANALYZE_RESULT: "" + + steps: + - uses: actions/checkout@v3 + - name: Download newrelic.jar + if: ${{ github.repository == 'newrelic/newrelic-java-examples' }} + run: | + mkdir newrelic-java-agent/scala/segment-api-synchronous/libs + curl https://download.newrelic.com/newrelic/java-agent/newrelic-agent/current/newrelic.jar --output newrelic-java-agent/scala/segment-api-synchronous/libs/newrelic.jar + - id: fossa-cli + uses: newrelic/.github/.github/composite/fossa-composite@main diff --git a/.github/workflows/repolinter-apply.yml b/.github/workflows/repolinter-apply.yml index acfa670..1351aa6 100644 --- a/.github/workflows/repolinter-apply.yml +++ b/.github/workflows/repolinter-apply.yml @@ -34,7 +34,7 @@ jobs: token: ${{ secrets.REPOLINTER_TOKEN }} - name: Run Repolinter - uses: newrelic/repolinter-action@v1 + uses: newrelic-csec/repolinter-action@v1 with: directory: ${{ github.workspace }}/apply config_file: ${{ github.workspace }}/repo/${{ matrix.config }} diff --git a/.github/workflows/repolinter-apply.ymlbup b/.github/workflows/repolinter-apply.ymlbup new file mode 100644 index 0000000..acfa670 --- /dev/null +++ b/.github/workflows/repolinter-apply.ymlbup @@ -0,0 +1,47 @@ +name: Apply Repolinter +on: + push: + branches: + - main + schedule: + - cron: '24 21 * * *' + workflow_dispatch: + +jobs: + apply-repolinter: + name: Apply Repolinter (${{ matrix.repo }}) + strategy: + fail-fast: false + matrix: + include: + # Edit here to add other repositories + - repo: newrelic/newrelic-python-agent + config: repolinter-rulesets/community-plus.yml + - repo: newrelic/opentelemetry-exporter-python + config: repolinter-rulesets/community-plus.yml + runs-on: ubuntu-latest + steps: + - name: Checkout Self + uses: actions/checkout@v2 + with: + path: ./repo + + - name: Checkout ${{ matrix.repo }} + uses: actions/checkout@v2 + with: + path: ./apply + repository: ${{ matrix.repo }} + token: ${{ secrets.REPOLINTER_TOKEN }} + + - name: Run Repolinter + uses: newrelic/repolinter-action@v1 + with: + directory: ${{ github.workspace }}/apply + config_file: ${{ github.workspace }}/repo/${{ matrix.config }} + config_url: ${{ matrix.config }} + output_type: issue + username: nr-opensource-bot + repository: ${{ matrix.repo }} + token: ${{ secrets.REPOLINTER_TOKEN }} + + diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2910633..8b61e21 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -22,7 +22,7 @@ jobs: - name: Run Repolinter Action id: repolinter continue-on-error: true - uses: newrelic/repolinter-action@v1 + uses: newrelic-csec/repolinter-action@v1 with: config_file: ${{ matrix.config }} diff --git a/.github/workflows/test.ymlbup b/.github/workflows/test.ymlbup new file mode 100644 index 0000000..2910633 --- /dev/null +++ b/.github/workflows/test.ymlbup @@ -0,0 +1,33 @@ +name: Test + +on: [push, pull_request] + +jobs: + test: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + config: + # Add policies to test here. Use a path relative to the root of this repository. + - repolinter-rulesets/community-plus.yml + - repolinter-rulesets/new-relic-one-catalog-project.json + - repolinter-rulesets/example-code.yml + - repolinter-rulesets/new-relic-experimental.yml + - repolinter-rulesets/community-project.yml + steps: + - name: Checkout Repo + uses: actions/checkout@v2 + + - name: Run Repolinter Action + id: repolinter + continue-on-error: true + uses: newrelic/repolinter-action@v1 + with: + config_file: ${{ matrix.config }} + + - name: Check Repolinter Action Result + env: + DID_ERROR: ${{ steps.repolinter.outputs.errored }} + shell: bash + run: '[ "$DID_ERROR" = "false" ]'