Skip to content
This repository has been archived by the owner on Dec 15, 2021. It is now read-only.

Commit

Permalink
Update actions
Browse files Browse the repository at this point in the history
Signed-off-by: Knative Automation <[email protected]>
  • Loading branch information
knative-automation committed Nov 18, 2021
1 parent 9cf1259 commit fb039e8
Show file tree
Hide file tree
Showing 6 changed files with 591 additions and 0 deletions.
96 changes: 96 additions & 0 deletions .github/workflows/knative-boilerplate.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
# Copyright 2020 The Knative Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is automagically synced here from github.com/knative-sandbox/.github
# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten.

name: Boilerplate

on:
pull_request:
branches: [ 'main', 'master', 'release-*' ]

jobs:

check:
name: Boilerplate Check
runs-on: ubuntu-latest
strategy:
fail-fast: false # Keep running if one leg fails.
matrix:
extension:
- go
- sh

# Map between extension and human-readable name.
include:
- extension: go
language: Go
- extension: sh
language: Bash

steps:

- name: Set up Go 1.17.x
uses: actions/setup-go@v2
with:
go-version: 1.17.x
id: go

- name: Check out code
uses: actions/checkout@v2

- name: Install Tools
run: |
TEMP_PATH="$(mktemp -d)"
cd $TEMP_PATH
echo '::group::🐶 Installing reviewdog ... https://github.com/reviewdog/reviewdog'
curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b "${TEMP_PATH}" 2>&1
echo '::endgroup::'
echo '::group:: Installing boilerplate-check ... https://github.com/mattmoor/boilerplate-check'
go install github.com/mattmoor/boilerplate-check/cmd/boilerplate-check@latest
echo '::endgroup::'
echo "${TEMP_PATH}" >> $GITHUB_PATH
- id: boilerplate_txt
uses: andstor/file-existence-action@v1
with:
files: ./hack/boilerplate/boilerplate.${{ matrix.extension }}.txt
- name: ${{ matrix.language }} license boilerplate
shell: bash
if: ${{ steps.boilerplate_txt.outputs.files_exists == 'true' }}
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }}
run: |
set -e
cd "${GITHUB_WORKSPACE}" || exit 1
echo '::group:: Running github.com/mattmoor/boilerplate-check for ${{ matrix.language }} with reviewdog 🐶 ...'
# Don't fail because of boilerplate-check
set +o pipefail
boilerplate-check check \
--boilerplate ./hack/boilerplate/boilerplate.${{ matrix.extension }}.txt \
--file-extension ${{ matrix.extension }} \
--exclude "(vendor|third_party)/" |
reviewdog -efm="%A%f:%l: %m" \
-efm="%C%.%#" \
-name="${{ matrix.language }} headers" \
-reporter="github-pr-check" \
-filter-mode="diff_context" \
-fail-on-error="true" \
-level="error"
echo '::endgroup::'
61 changes: 61 additions & 0 deletions .github/workflows/knative-donotsubmit.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
# Copyright 2020 The Knative Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is automagically synced here from github.com/knative-sandbox/.github
# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten.

name: Do Not Submit

on:
pull_request:
branches: [ 'main', 'master', 'release-*' ]

jobs:

donotsubmit:
name: Do Not Submit
runs-on: ubuntu-latest

steps:
- name: Check out code
uses: actions/checkout@v2

- name: Do Not Submit
shell: bash
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }}
run: |
set -e
cd "${GITHUB_WORKSPACE}" || exit 1
TEMP_PATH="$(mktemp -d)"
PATH="${TEMP_PATH}:$PATH"
echo '::group::🐶 Installing reviewdog ... https://github.com/reviewdog/reviewdog'
curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b "${TEMP_PATH}" 2>&1
echo '::endgroup::'
echo '::group:: Running DO NOT SUBMIT with reviewdog 🐶 ...'
# Don't fail because of grep
set +o pipefail
find . -type f -not -path './vendor/*' -not -path './third_party/*' -not -path './.git/*' -not -path './.github/workflows/*' |
xargs grep -n "DO NOT SUBMIT" |
reviewdog -efm="%f:%l:%m" \
-name="DO NOT SUBMIT" \
-reporter="github-pr-check" \
-filter-mode="added" \
-fail-on-error="true" \
-level="error"
echo '::endgroup::'
50 changes: 50 additions & 0 deletions .github/workflows/knative-security.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# Copyright 2020 The Knative Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is automagically synced here from github.com/knative-sandbox/.github
# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten.

name: 'Security'

on:
push:
branches: [ 'main', 'master', 'release-*' ]

pull_request:
branches: [ 'main', 'master', 'release-*' ]

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: go

- name: Autobuild
uses: github/codeql-action/autobuild@v1

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
49 changes: 49 additions & 0 deletions .github/workflows/knative-stale.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
# Copyright 2020 The Knative Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is automagically synced here from github.com/knative-sandbox/.github
# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten.

name: 'Close stale'

on:
schedule:
- cron: '0 1 * * *'

jobs:
stale:
runs-on: 'ubuntu-latest'
steps:
- uses: 'actions/stale@v3'
with:
repo-token: '${{ secrets.GITHUB_TOKEN }}' # No need to setup

stale-issue-message: |-
This issue is stale because it has been open for 90 days with no
activity. It will automatically close after 30 more days of
inactivity. Reopen the issue with `/reopen`. Mark the issue as
fresh by adding the comment `/remove-lifecycle stale`.
stale-issue-label: 'lifecycle/stale'
exempt-issue-labels: 'lifecycle/frozen,triage/accepted'

stale-pr-message: |-
This Pull Request is stale because it has been open for 90 days with
no activity. It will automatically close after 30 more days of
inactivity. Reopen with `/reopen`. Mark as fresh by adding the
comment `/remove-lifecycle stale`.
stale-pr-label: 'lifecycle/stale'
exempt-pr-labels: 'lifecycle/frozen'

days-before-stale: 90
days-before-close: 30
Loading

0 comments on commit fb039e8

Please sign in to comment.