migrate CI to github action (#15)

* migrate CI to github action Signed-off-by: Woojoong Kim <[email protected]> * migrate CI to github action Signed-off-by: Woojoong Kim <[email protected]> --------- Signed-off-by: Woojoong Kim <[email protected]>
onosproject · Jun 30, 2024 · 7d89cc0 · 7d89cc0
1 parent 9555c5c
commit 7d89cc0
Show file tree

Hide file tree

Showing 8 changed files with 305 additions and 29 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,15 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2024 Intel Corporation
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml
@@ -0,0 +1,31 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2024 Intel Corporation
+
+name: Build and test workflow
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+      - name: build
+        run: make build
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+      - name: Unit tests
+        run: make test
diff --git a/.github/workflows/code-scan.yml b/.github/workflows/code-scan.yml
@@ -0,0 +1,43 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2024 Intel Corporation
+
+name: Code scan workflow
+
+on:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+jobs:
+  version-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: check version
+        run: make check-version
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+      - name: golang-lint
+        run: make lint
+  license:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: check license
+        run: make license
+  fossa-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: FOSSA scan
+        uses: fossa-contrib/fossa-action@v3
+        with:
+          fossa-api-key: 6d304c09a3ec097ba4517724e4a4d17d
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,98 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2024 Intel Corporation
+# Copyright 2024 Kyunghee University
+name: Publish image and tag/release code
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  version-check:
+    if: (github.repository_owner == 'onosproject')
+    runs-on: ubuntu-latest
+    outputs:
+      valid_version: ${{ steps.version-check-step.outputs.valid_version }}
+      dev_version: ${{ steps.dev-version-check-step.outputs.dev_version }}
+      target_version: ${{ steps.get-target-version-step.outputs.target_version }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: check version
+        id: version-check-step
+        run: |
+          make check-version; if [[ $? == 0 ]]; then echo "valid_version=true" >> $GITHUB_OUTPUT; else echo "valid_version=false" >> $GITHUB_OUTPUT; fi
+          cat $GITHUB_OUTPUT
+
+      - name: check dev version
+        id: dev-version-check-step
+        run: |
+          f_dev=$(./build/bin/version_check.sh is_dev)
+          if [[ $f_dev == "true" ]]; then echo "dev_version=true" >> $GITHUB_OUTPUT; else echo "dev_version=false" >> $GITHUB_OUTPUT; fi
+          cat $GITHUB_OUTPUT
+
+      - name: get target version
+        id: get-target-version-step
+        run: | 
+          echo "target_version=$(cat VERSION)" >> $GITHUB_OUTPUT
+          cat $GITHUB_OUTPUT
+
+  tag_versions:
+    runs-on: ubuntu-latest
+    needs: version-check
+    if: (github.repository_owner == 'onosproject') && (needs.version-check.outputs.valid_version == 'true') && (needs.version-check.outputs.dev_version == 'false')
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: create release using REST API
+        run: |
+          curl -L \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.GH_ONOS_PAT }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/repos/${{ github.repository }}/releases \
+            -d '{
+              "tag_name": "v${{ needs.version-check.outputs.target_version }}",
+              "target_commitish": "${{ github.event.repository.default_branch }}",
+              "name": "v${{ needs.version-check.outputs.target_version }}",
+              "draft": false,
+              "prerelease": false,
+              "generate_release_notes": true
+              }'
+
+  bump-up-version:
+    runs-on: ubuntu-latest
+    needs: version-check
+    if: (github.repository_owner == 'onosproject') && (needs.version-check.outputs.valid_version == 'true') && (needs.version-check.outputs.dev_version == 'false')
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: increment version
+        run: |
+          IFS='.' read -r major minor patch <<< ${{ needs.version-check.outputs.target_version }}
+          patch_update=$((patch+1))
+          NEW_VERSION="$major.$minor.$patch_update-dev"
+          echo $NEW_VERSION > VERSION
+          echo "Updated version: $NEW_VERSION"
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v6
+        with:
+          token: ${{ secrets.GH_ONOS_PAT }}
+          commit-message: Update version
+          committer: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
+          author: ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>
+          signoff: true
+          branch: version-update
+          delete-branch: true
+          title: Update version
+          body: |
+            Update VERSION file
+          add-paths: |
+            VERSION
diff --git a/.gitignore b/.gitignore
@@ -13,3 +13,4 @@ coverage.txt
 *-output.out
 build/build-tools
 
+venv
diff --git a/Makefile b/Makefile
@@ -8,35 +8,39 @@ export GO111MODULE=on
 .PHONY: build
 
 ONOS_PROTOC_VERSION := v0.6.7
+GOLANG_CI_VERSION := v1.52.2
 
-build-tools:=$(shell if [ ! -d "./build/build-tools" ]; then cd build && git clone https://github.com/onosproject/build-tools.git; fi)
-include ./build/build-tools/make/onf-common.mk
+all: build
 
-golang: # @HELP compile Golang sources
+build: # @HELP compile Golang sources
 	go build ./...
 
 test: # @HELP run the unit tests and source code validation  producing a golang style report
-test: deps license linters
+test: build lint license
 	go test -race github.com/onosproject/rrm-son-lib/pkg/...
 
-jenkins-test:  # @HELP run the unit tests and source code validation producing a junit style report for Jenkins
-jenkins-test: build deps license linters
-	TEST_PACKAGES=github.com/onosproject/rrm-son-lib/pkg/... ./build/build-tools/build/jenkins/make-unit
+lint: # @HELP examines Go source code and reports coding problems
+	golangci-lint --version | grep $(GOLANG_CI_VERSION) || curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b `go env GOPATH`/bin $(GOLANG_CI_VERSION)
+	golangci-lint run --timeout 15m
 
-protos: # @HELP compile the protobuf files (using protoc-go Docker)
-	docker run -it -v `pwd`:/go/src/github.com/onosproject/rrm-son-lib/go \
-		-v `pwd`/./build/build-tools/licensing:/build-tools/licensing \
-		-w /go/src/github.com/onosproject/rrm-son-lib/go \
-		--entrypoint build/bin/compile-protos.sh \
-		onosproject/protoc-go:${ONOS_PROTOC_VERSION}
+license: # @HELP run license checks
+	rm -rf venv
+	python3 -m venv venv
+	. ./venv/bin/activate;\
+	python3 -m pip install --upgrade pip;\
+	python3 -m pip install reuse;\
+	reuse lint
 
-publish: # @HELP publish version on github and dockerhub
-	./build/build-tools/publish-version ${VERSION}
-
-jenkins-publish: # @HELP Jenkins calls this to publish artifacts
-	./build/build-tools/release-merge-commit
-
-all: test golang
+check-version: # @HELP check version is duplicated
+	./build/bin/version_check.sh all
 
 clean:: # @HELP remove all the build artifacts
 	rm -rf ./build/_output ./vendor
+
+help:
+	@grep -E '^.*: *# *@HELP' $(MAKEFILE_LIST) \
+    | sort \
+    | awk ' \
+        BEGIN {FS = ": *# *@HELP"}; \
+        {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}; \
+    '
diff --git a/build/bin/compile-protos.sh b/build/bin/compile-protos.sh
diff --git a/build/bin/version_check.sh b/build/bin/version_check.sh
@@ -0,0 +1,93 @@
+#!/bin/bash
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2024 Intel Corporation
+
+set +x
+
+# input should be all, is_valid_format, is_dev, and is_unique
+INPUT=$1
+
+function is_valid_format() {
+    # check if version format is matched to SemVer
+    VER_REGEX='^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)$'
+    if [[ ! $(cat VERSION | tr -d '\n' | sed s/-dev//) =~ $VER_REGEX ]]
+    then
+      return 1
+    fi
+    return 0
+}
+
+function is_dev_version() {
+    # check if version has '-dev'
+    # if there is, no need to check version
+    if [[ $(cat VERSION | tr -d '\n' | tail -c 4) =~ "-dev" ]]
+    then
+      return 0
+    fi
+    return 1
+}
+
+function is_unique_version() {
+    # check if the version is already tagged in GitHub repository
+    for t in $(git tag | cat)
+    do
+      if [[ $t == $(echo v$(cat VERSION | tr -d '\n')) ]]
+      then
+        return 1
+      fi
+    done
+    return 0
+}
+
+case $INPUT in
+  all)
+    is_valid_format
+    f_valid=$?
+    if [[ $f_valid == 1 ]]
+    then
+        echo "ERROR: Version $(cat VERSION) is not in SemVer format"
+        exit 2
+    fi
+
+    is_dev_version
+    f_dev=$?
+    if [[ $f_dev == 0 ]]
+    then
+        echo "This is dev version"
+        exit 0
+    fi
+
+    is_unique_version
+    f_unique=$?
+    if [[ $f_unique == 1 ]]
+    then
+        echo "ERROR: duplicated tag $(cat VERSION)"
+        exit 2
+      fi
+    ;;
+
+  is_valid_format)
+    is_valid_format
+    ;;
+
+  is_dev)
+    is_dev_version
+    f_dev=$?
+    if [[ $f_dev == 0 ]]
+    then
+        echo "true"
+        exit 0
+    fi
+    echo "false"
+    ;;
+
+  is_unique)
+    is_unique_version
+    ;;
+
+  *)
+    echo -n "unknown input"
+    exit 2
+    ;;
+
+esac