Skip to content
This repository has been archived by the owner on Dec 15, 2021. It is now read-only.

[main] Update actions #329

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
96 changes: 96 additions & 0 deletions .github/workflows/knative-boilerplate.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
# Copyright 2020 The Knative Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is automagically synced here from github.com/knative-sandbox/.github
# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten.

name: Boilerplate

on:
pull_request:
branches: [ 'main', 'master', 'release-*' ]

jobs:

check:
name: Boilerplate Check
runs-on: ubuntu-latest
strategy:
fail-fast: false # Keep running if one leg fails.
matrix:
extension:
- go
- sh

# Map between extension and human-readable name.
include:
- extension: go
language: Go
- extension: sh
language: Bash

steps:

- name: Set up Go 1.17.x
uses: actions/setup-go@v2
with:
go-version: 1.17.x
id: go

- name: Check out code
uses: actions/checkout@v2

- name: Install Tools
run: |
TEMP_PATH="$(mktemp -d)"
cd $TEMP_PATH

echo '::group::🐶 Installing reviewdog ... https://github.com/reviewdog/reviewdog'
curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b "${TEMP_PATH}" 2>&1
echo '::endgroup::'

echo '::group:: Installing boilerplate-check ... https://github.com/mattmoor/boilerplate-check'
go install github.com/mattmoor/boilerplate-check/cmd/boilerplate-check@latest
echo '::endgroup::'

echo "${TEMP_PATH}" >> $GITHUB_PATH

- id: boilerplate_txt
uses: andstor/file-existence-action@v1
with:
files: ./hack/boilerplate/boilerplate.${{ matrix.extension }}.txt
- name: ${{ matrix.language }} license boilerplate
shell: bash
if: ${{ steps.boilerplate_txt.outputs.files_exists == 'true' }}
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }}
run: |
set -e
cd "${GITHUB_WORKSPACE}" || exit 1

echo '::group:: Running github.com/mattmoor/boilerplate-check for ${{ matrix.language }} with reviewdog 🐶 ...'
# Don't fail because of boilerplate-check
set +o pipefail
boilerplate-check check \
--boilerplate ./hack/boilerplate/boilerplate.${{ matrix.extension }}.txt \
--file-extension ${{ matrix.extension }} \
--exclude "(vendor|third_party)/" |
reviewdog -efm="%A%f:%l: %m" \
-efm="%C%.%#" \
-name="${{ matrix.language }} headers" \
-reporter="github-pr-check" \
-filter-mode="diff_context" \
-fail-on-error="true" \
-level="error"
echo '::endgroup::'
61 changes: 61 additions & 0 deletions .github/workflows/knative-donotsubmit.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
# Copyright 2020 The Knative Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is automagically synced here from github.com/knative-sandbox/.github
# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten.

name: Do Not Submit

on:
pull_request:
branches: [ 'main', 'master', 'release-*' ]

jobs:

donotsubmit:
name: Do Not Submit
runs-on: ubuntu-latest

steps:
- name: Check out code
uses: actions/checkout@v2

- name: Do Not Submit
shell: bash
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }}
run: |
set -e
cd "${GITHUB_WORKSPACE}" || exit 1

TEMP_PATH="$(mktemp -d)"
PATH="${TEMP_PATH}:$PATH"

echo '::group::🐶 Installing reviewdog ... https://github.com/reviewdog/reviewdog'
curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b "${TEMP_PATH}" 2>&1
echo '::endgroup::'

echo '::group:: Running DO NOT SUBMIT with reviewdog 🐶 ...'
# Don't fail because of grep
set +o pipefail
find . -type f -not -path './vendor/*' -not -path './third_party/*' -not -path './.git/*' -not -path './.github/workflows/*' |
xargs grep -n "DO NOT SUBMIT" |
reviewdog -efm="%f:%l:%m" \
-name="DO NOT SUBMIT" \
-reporter="github-pr-check" \
-filter-mode="added" \
-fail-on-error="true" \
-level="error"

echo '::endgroup::'
50 changes: 50 additions & 0 deletions .github/workflows/knative-security.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# Copyright 2020 The Knative Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is automagically synced here from github.com/knative-sandbox/.github
# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten.

name: 'Security'

on:
push:
branches: [ 'main', 'master', 'release-*' ]

pull_request:
branches: [ 'main', 'master', 'release-*' ]

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: go

- name: Autobuild
uses: github/codeql-action/autobuild@v1

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
49 changes: 49 additions & 0 deletions .github/workflows/knative-stale.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
# Copyright 2020 The Knative Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is automagically synced here from github.com/knative-sandbox/.github
# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten.

name: 'Close stale'

on:
schedule:
- cron: '0 1 * * *'

jobs:
stale:
runs-on: 'ubuntu-latest'
steps:
- uses: 'actions/stale@v3'
with:
repo-token: '${{ secrets.GITHUB_TOKEN }}' # No need to setup

stale-issue-message: |-
This issue is stale because it has been open for 90 days with no
activity. It will automatically close after 30 more days of
inactivity. Reopen the issue with `/reopen`. Mark the issue as
fresh by adding the comment `/remove-lifecycle stale`.
stale-issue-label: 'lifecycle/stale'
exempt-issue-labels: 'lifecycle/frozen,triage/accepted'

stale-pr-message: |-
This Pull Request is stale because it has been open for 90 days with
no activity. It will automatically close after 30 more days of
inactivity. Reopen with `/reopen`. Mark as fresh by adding the
comment `/remove-lifecycle stale`.
stale-pr-label: 'lifecycle/stale'
exempt-pr-labels: 'lifecycle/frozen'

days-before-stale: 90
days-before-close: 30
Loading