diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml deleted file mode 100644 index e8be9e2..0000000 --- a/.github/workflows/changelog.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: Changelog updated? -on: - pull_request: - types: - - opened - - labeled - - unlabeled - - synchronize - branches: - - main - - develop -jobs: - changelog-udated: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - - name: Changelog check - uses: Zomzog/changelog-checker@v1.0.0 - with: - fileName: CHANGELOG.md - noChangelogLabel: bumpless - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/labeled-pr.yml b/.github/workflows/labeled-pr.yml deleted file mode 100644 index 7b548e2..0000000 --- a/.github/workflows/labeled-pr.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: Is PR labeled? - -on: - pull_request: - types: - - opened - - labeled - - unlabeled - - synchronize - branches: - - main - -jobs: - bump-labeled: - runs-on: ubuntu-latest - steps: - - name: Require Labels - uses: mheap/github-action-required-labels@v1 - with: - mode: exactly - count: 1 - labels: "major, minor, patch, bumpless" \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 3c1b2a7..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: Write release and finish - -on: - push: - tags: - - v* - - -jobs: - finish: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - token: ${{ secrets.TOOLS_BOT_PAK }} - - - name: Create Release - uses: docker://antonyurchenko/git-release:latest - env: - GITHUB_TOKEN: ${{ secrets.TOOLS_BOT_PAK }} - ALLOW_TAG_PREFIX: "true" - RELEASE_NAME_PREFIX: "HyP3 Back Projection " - - - name: Attempt fast-forward develop from main - run: | - git fetch --prune - git checkout develop && git pull --ff-only - git merge --ff-only origin/main - git push - - name: Open PR to bring main back to develop - if: ${{ failure() }} - uses: repo-sync/pull-request@v2 - with: - source_branch: main - destination_branch: develop - pr_title: Pulling ${{ github.ref }} into default - pr_body: Fast-forward of main to default failed! - pr_assignee: ${{ github.actor }} - pr_label: tools-bot - pr_draft: false - pr_allow_empty: true - github_token: ${{ secrets.TOOLS_BOT_PAK }} \ No newline at end of file diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml deleted file mode 100644 index 860a2d9..0000000 --- a/.github/workflows/static-analysis.yml +++ /dev/null @@ -1,53 +0,0 @@ -name: Static analysis - -on: push - -jobs: - flake8: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - uses: actions/setup-python@v1 - with: - python-version: 3.x - - - name: Install dependencies - run: | - python -m pip install --upgrade pip - python -m pip install flake8 flake8-import-order flake8-blind-except flake8-builtins - - name: Lint with flake8 - run: | - flake8 --max-line-length=120 --import-order-style=pycharm --statistics \ - --application-import-names hyp3_back_projection - gitleaks: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - name: Scan for secrets with gitleaks - uses: zricethezav/gitleaks-action@master - - - trufflehog: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - uses: actions/setup-python@v1 - with: - python-version: 3.x - - - name: Install dependencies - run: | - python -m pip install trufflehog gitdb2=="2.*" - - name: Scan for secrets with trufflehog - run: | - git fetch origin +refs/tags/*:refs/tags/* - export LAST_TAG_HASH=$(git show-ref --hash -- $(git describe --abbrev=0)) - trufflehog --regex --entropy True --since_commit "${LAST_TAG_HASH}" \ - --exclude_paths .trufflehog.txt file://"${PWD}" \ No newline at end of file diff --git a/.github/workflows/test-and-build.yml b/.github/workflows/test-and-build.yml deleted file mode 100644 index 06ab196..0000000 --- a/.github/workflows/test-and-build.yml +++ /dev/null @@ -1,161 +0,0 @@ -# Builds the Docker Image and pushes it into an Amazon ECR Repo - -name: Build and Deploy - -on: - push: - branches: - - main - - develop - pull_request: - branches: - - main - - develop - -env: - HYP3_REGISTRY: 845172464411.dkr.ecr.us-west-2.amazonaws.com - S3_PYPI_HOST: hyp3-pypi-west.s3-website-us-west-2.amazonaws.com - S3_PYPI_BUCKET: hyp3-pypi-west - AWS_REGION: us-west-2 - AWS_ACCESS_KEY_ID: ${{ secrets.V2_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.V2_AWS_SECRET_ACCESS_KEY }} - -jobs: - package: - runs-on: ubuntu-latest - outputs: - SDIST_VERSION: ${{ steps.build.outputs.version }} - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - token: ${{ secrets.TOOLS_BOT_PAK }} - - - name: Get associated PR - if: github.ref == 'refs/heads/main' - uses: helaili/github-graphql-action@2.0.1 - env: - GITHUB_TOKEN: ${{ secrets.TOOLS_BOT_PAK }} - with: - query: .github/queries/associated-pr.query.yml - outputFile: pr.json - owner: ASFHyP3 - name: hyp3-back-projection - sha: ${{ github.sha }} - - - name: Get PR labels - if: github.ref == 'refs/heads/main' - uses: helaili/github-graphql-action@2.0.1 - env: - GITHUB_TOKEN: ${{ secrets.TOOLS_BOT_PAK }} - with: - query: .github/queries/pr-labels.query.yml - outputFile: labels.json - owner: ASFHyP3 - name: hyp3-back-projection - - - name: Upload a Build Artifact - if: github.ref == 'refs/heads/main' - uses: actions/upload-artifact@v2 - with: - name: query-responces - path: '*.json' - - - uses: actions/setup-python@v1 - with: - python-version: 3.x - - - name: Install dependencies - run: | - python -m pip install --upgrade pip - python -m pip install --upgrade setuptools wheel twine s3pypi "setuptools-scm[toml]" importlib_metadata - python -m pip install bump2version - - name: Tag version - if: github.ref == 'refs/heads/main' - run: | - git fetch origin +refs/tags/*:refs/tags/* - git config user.email "UAF-asf-apd@alaska.edu" - git config user.name "tools-bot" - LABEL_QUERY='.data.repository.pullRequest.labels.nodes[].name' - SELECT='select(. == "major" or . == "minor" or . == "patch")' - BUMP_PART=$(jq --raw-output "${LABEL_QUERY} | ${SELECT}" labels.json | sort | head -1) - PR_QUERY='.data.repository.commit.associatedPullRequests.edges[0].node.title' - TAG_MSG=$(jq --raw-output "${PR_QUERY}" pr.json) - bump2version --current-version $(git describe --abbrev=0) \ - --tag --tag-message "${TAG_MSG}" "${BUMP_PART}" - git push --tags - echo "Tagged version $(git describe --abbrev=0) and pushed back to repo" - - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ env.AWS_REGION }} - - - name: Build distribuion and upload to S3-PyPI - id: build - run: | - git fetch origin +refs/tags/*:refs/tags/* - export SDIST_VERSION=$(python setup.py --version) - echo "::set-output name=version::${SDIST_VERSION}" - python setup.py sdist bdist_wheel - echo "Uploading version ${SDIST_VERSION} to ${S3_PYPI_BUCKET}" - - dockerize: - runs-on: ubuntu-latest - needs: package - steps: - - uses: actions/checkout@v2 - - - name: Get Back Projection Code - uses: actions/checkout@v2 - with: - repository: ASFHyP3/back-projection - path: ./back_projection/src/ - ref: 'main' - token: ${{ secrets.TOOLS_BOT_PAK }} - - - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ env.AWS_REGION }} - - - name: Login to Amazon ECR - uses: aws-actions/amazon-ecr-login@v1 - - - name: Build, tag, and push image to Amazon ECR - run: | - python setup.py sdist - export SDIST_VERSION=${{ needs.package.outputs.SDIST_VERSION }} - export CI_JOB_TIMESTAMP=$(date --utc --rfc-3339=seconds) - echo "Building ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:${SDIST_VERSION/+/_}" - docker pull ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:test || true - docker build --no-cache \ - -t ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:${SDIST_VERSION/+/_} \ - --label org.opencontainers.image.created="${CI_JOB_TIMESTAMP}" \ - --label org.opencontainers.image.version="${SDIST_VERSION}" \ - --label org.opencontainers.image.revision="${GITHUB_SHA}" \ - --build-arg S3_PYPI_HOST=${S3_PYPI_HOST} \ - --build-arg SDIST_SPEC="==${SDIST_VERSION}" . - docker push ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:${SDIST_VERSION/+/_} - - - - name: Add test tag - if: github.ref == 'refs/heads/develop' - run: | - export SDIST_VERSION=${{ needs.package.outputs.SDIST_VERSION }} - docker tag ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:${SDIST_VERSION/+/_} \ - ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:test - docker push ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:test - - - name: Add latest tag - if: github.ref == 'refs/heads/main' - run: | - export SDIST_VERSION=${{ needs.package.outputs.SDIST_VERSION }} - docker tag ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:${SDIST_VERSION/+/_} \ - ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:latest - docker push ${HYP3_REGISTRY}/${GITHUB_REPOSITORY##*/}:latest - - - name: Logout of Amazon ECR - if: always() - run: docker logout ${HYP3_REGISTRY}