Skip to content

Commit bc8a613

Browse files
lucboudreaulucboudreau
authored
Create common_pr.yaml
1 parent 2d91690 commit bc8a613

File tree

1 file changed

+161
-0
lines changed

1 file changed

+161
-0
lines changed

.github/workflows/common_pr.yaml

Lines changed: 161 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,161 @@
1+
name: Pentaho pull request workflow
2+
on:
3+
workflow_call:
4+
inputs:
5+
slack_channels:
6+
type: string
7+
required: true
8+
description: "Slack channel(s) to send notifications to."
9+
arti_host:
10+
required: false
11+
type: string
12+
default: https://one.hitachivantara.com
13+
description: "Artifactory's Host name"
14+
additional_mvn_directives:
15+
required: false
16+
type: string
17+
description: "Extra additional directives for the Maven command"
18+
default: ""
19+
threatrix_scpid:
20+
required: false
21+
type: string
22+
description: "Threatrix Project ID to send this threatrix scan to."
23+
default: ""
24+
25+
env:
26+
27+
ARTIFACTORY_HOST: ${{ inputs.arti_host }}
28+
ARTIFACTORY_BASE_URL: ${ARTIFACTORY_HOST}/artifactory
29+
30+
RESOLVE_REPO_MIRROR: ${ARTIFACTORY_BASE_URL}/pnt-mvn
31+
32+
NEXUS_DEPLOY_USER: ${{ secrets.PENTAHO_CICD_ONE_USER }}
33+
NEXUS_DEPLOY_PASSWORD: ${{ secrets.PENTAHO_CICD_ONE_KEY }}
34+
35+
PUBLIC_RELEASE_REPO_URL: ${ARTIFACTORY_BASE_URL}/pntpub-maven-dev
36+
PRIVATE_RELEASE_REPO: pntprv-maven-dev
37+
PRIVATE_RELEASE_REPO_URL: ${ARTIFACTORY_BASE_URL}/${PRIVATE_RELEASE_REPO}
38+
39+
PUBLIC_SNAPSHOT_REPO_URL: ${ARTIFACTORY_BASE_URL}/pntpub-maven-snapshot
40+
PRIVATE_SNAPSHOT_REPO: pntprv-maven-snapshot
41+
PRIVATE_SNAPSHOT_REPO_URL: ${ARTIFACTORY_BASE_URL}/${PRIVATE_SNAPSHOT_REPO}
42+
43+
DOCKER_PULL_HOST: one.hitachivantara.com/docker/
44+
DOCKER_PUBLIC_PUSH_HOST: one.hitachivantara.com/pntpub-docker-dev/
45+
DOCKER_PRIVATE_PUSH_HOST: one.hitachivantara.com/pntprv-docker-dev/
46+
47+
SLACK_CHANNEL: "${{ inputs.slack_channels }}"
48+
49+
jobs:
50+
51+
setup-maven-settings:
52+
name: Setup Maven settings
53+
54+
runs-on: [ k8s ]
55+
56+
container:
57+
image: one.hitachivantara.com/devops-docker-release/pentaho/actions-common:20240305.137
58+
credentials:
59+
username: ${{ secrets.PENTAHO_CICD_ONE_USER }}
60+
password: ${{ secrets.PENTAHO_CICD_ONE_KEY }}
61+
volumes:
62+
- /home/runner/caches/pentaho/.m2:/root/.m2
63+
64+
steps:
65+
66+
- name: Retrieve settings file
67+
id: common-maven
68+
uses: pentaho/actions-common@stable
69+
70+
- name: Copy settings.xml to .m2 directory
71+
shell: sh
72+
run: |
73+
cp "${{ steps.common-maven.outputs.settings-file-path }}" /root/.m2
74+
75+
76+
common-job:
77+
name: Common Checks
78+
needs: setup-maven-settings
79+
runs-on: [ k8s ]
80+
81+
container:
82+
image: one.hitachivantara.com/devops-docker-release/pentaho/actions-common:20240305.137
83+
credentials:
84+
username: ${{ secrets.PENTAHO_CICD_ONE_USER }}
85+
password: ${{ secrets.PENTAHO_CICD_ONE_KEY }}
86+
volumes:
87+
- /home/runner/caches/pentaho/.m2:/root/.m2
88+
89+
steps:
90+
91+
- name: Load Job metadata into Env vars
92+
shell: bash
93+
continue-on-error: true
94+
env:
95+
JOB_CONTEXT: ${{ toJSON(job) }}
96+
run: |
97+
process_json() {
98+
local prefix=$1
99+
local json_data=$2
100+
101+
echo "$json_data" | jq -r 'to_entries | .[] | "\(.key) \(.value|tostring)"' | while read -r key value; do
102+
# Check if the value is a JSON object or array
103+
is_json=$(echo $value | jq -e . >/dev/null 2>&1 ; echo ${PIPESTATUS[1]})
104+
if [[ $is_json == 0 ]]; then
105+
# If it's an object or array, call the function recursively
106+
process_json "${prefix}${key}_" "$(echo "$json_data" | jq -c ."$key")"
107+
else
108+
echo "Creating \"${prefix}${key}\" env var with the value \"${value}\""
109+
echo "${prefix}${key}=${value}" >> $GITHUB_ENV
110+
fi
111+
done
112+
}
113+
# Start processing JSON from the root
114+
echo "Dealing with ${{ env.JOB_CONTEXT }}"
115+
process_json '' '${{ env.JOB_CONTEXT }}'
116+
117+
- name: Checkout code
118+
uses: actions/checkout@v4
119+
with:
120+
fetch-depth: 0
121+
122+
- name: Update cmd_type as per the mvn_directives
123+
if: env.SET_CMD_TYPE == null
124+
run: |
125+
if [[ -n "${{ inputs.additional_mvn_directives }}" && "${{ inputs.additional_mvn_directives }}" == *"-DrunITs"* ]]; then
126+
echo "SET_CMD_TYPE=BUILD,UNIT_TEST,INTEGRATION_TEST" >> $GITHUB_ENV
127+
else
128+
echo "SET_CMD_TYPE=BUILD,UNIT_TEST" >> $GITHUB_ENV
129+
fi
130+
shell: bash
131+
132+
- name: Determine which changes occurred
133+
id: change_detection
134+
uses: hv-actions/change-detection-builder@stable
135+
136+
- name: Build & Run tests
137+
uses: lumada-common-services/gh-composite-actions@stable
138+
with:
139+
command: |
140+
mvn clean verify -DskipTests=true -Daudit -amd \
141+
-pl "${{ steps.change_detection.outputs.changed_modules }}" \
142+
${{ inputs.additional_mvn_directives }}
143+
env:
144+
cmd_type: ${{ env.SET_CMD_TYPE }}
145+
unit_test_reporter: 'java-junit'
146+
unit_test_fail_on_error: 'true'
147+
unit_test_report_path: '**/target/surefire-reports/*.xml'
148+
int_test_reporter: 'java-junit'
149+
int_test_fail_on_error: 'true'
150+
int_test_report_path: '**/target/failsafe-reports/TEST*.xml'
151+
- run: |
152+
curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-v2.2.1.jar
153+
java -jar threat-agent-latest.jar --verbose --progress --app-name=${{ github.event.repository.name }} --branch=${{ github.head_ref || github.ref_name }} --repo-owner=pentaho --repo-name=${{ github.event.repository.name }} --scpId="${{ inputs.threatrix_scpid }}" --oid=${{ secrets.THREATRIX_OID }} --eid=${{ secrets.THREATRIX_EID }} --api-key=${{ secrets.THREATRIX_SERVER_API_KEY }} .
154+
155+
- name: Report notifications
156+
if: always()
157+
uses: lumada-common-services/gh-composite-actions@stable
158+
env:
159+
Slack_Token: ${{ secrets.SLACK_TOKEN }}
160+
Slack_Channel: ${{ env.SLACK_CHANNEL }}
161+
report: true

0 commit comments

Comments
 (0)