diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..dc34bf2c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,31 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + target-branch: "master" + schedule: + interval: "weekly" + day: "sunday" + labels: + - "auto update" + - "infrastructure" + - "no RN" + open-pull-requests-limit: 3 + commit-message: + prefix: "chore" + include: "scope" + + - package-ecosystem: "sbt" + directory: "/" + target-branch: "master" + schedule: + interval: "weekly" + day: "sunday" + labels: + - "auto update" + - "dependencies" + - "no RN" + open-pull-requests-limit: 3 + commit-message: + prefix: "chore" + include: "scope" diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 64673324..5f14ce94 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -45,11 +45,15 @@ jobs: scala: [2.12.17, 2.13.12] steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + with: + persist-credentials: false + - name: Setup Scala - uses: olafurpg/setup-scala@v14 + uses: olafurpg/setup-scala@32ffa16635ff8f19cc21ea253a987f0fdf29844c with: java-version: "adopt@1.8" + - name: Build and run unit tests run: sbt ++${{matrix.scala}} test - name: Generate documentation diff --git a/.github/workflows/dependent_items.yml b/.github/workflows/dependent_items.yml index 1ab7f5c1..f0c60278 100644 --- a/.github/workflows/dependent_items.yml +++ b/.github/workflows/dependent_items.yml @@ -28,7 +28,7 @@ jobs: name: Dependent Items Check runs-on: ubuntu-latest steps: - - uses: z0al/dependent-issues@v1.5.2 + - uses: z0al/dependent-issues@950226e7ca8fc43dc209a7febf67c655af3bdb43 env: # (Required) The token to use to make API calls to GitHub. GITHUB_TOKEN: ${{ secrets.PAT_REPO_PROJECT_DISCUSS }} diff --git a/.github/workflows/jacoco_report.yml b/.github/workflows/jacoco_report.yml index 7830b727..d49734b1 100644 --- a/.github/workflows/jacoco_report.yml +++ b/.github/workflows/jacoco_report.yml @@ -49,21 +49,27 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + with: + persist-credentials: false + - name: Setup Scala - uses: olafurpg/setup-scala@v14 + uses: olafurpg/setup-scala@32ffa16635ff8f19cc21ea253a987f0fdf29844c with: java-version: "adopt@1.8" + - name: Prepare testing database run: sbt flywayMigrate + - name: Build and run tests continue-on-error: true id: jacocorun run: sbt ++${{env.scalaLong}} jacoco + - name: Add coverage to PR (core) if: steps.jacocorun.outcome == 'success' id: jacoco-core - uses: madrapps/jacoco-report@v1.6.1 + uses: madrapps/jacoco-report@50d3aff4548aa991e6753342d9ba291084e63848 with: paths: ${{ github.workspace }}/core/target/scala-${{ env.scalaShort }}/jacoco/report/jacoco.xml token: ${{ secrets.GITHUB_TOKEN }} @@ -71,10 +77,11 @@ jobs: min-coverage-changed-files: ${{ env.coverage-changed-files }} title: JaCoCo `core` module code coverage report - scala ${{ env.scalaLong }} update-comment: true + - name: Add coverage to PR (doobie) if: steps.jacocorun.outcome == 'success' id: jacoco-doobie - uses: madrapps/jacoco-report@v1.6.1 + uses: madrapps/jacoco-report@50d3aff4548aa991e6753342d9ba291084e63848 with: paths: ${{ github.workspace }}/doobie/target/scala-${{ env.scalaShort }}/jacoco/report/jacoco.xml token: ${{ secrets.GITHUB_TOKEN }} @@ -82,10 +89,11 @@ jobs: min-coverage-changed-files: ${{ env.coverage-changed-files }} title: JaCoCo `doobie` module code coverage report - scala ${{ env.scalaLong }} update-comment: true + - name: Add coverage to PR (slick) if: steps.jacocorun.outcome == 'success' id: jacoco-slick - uses: madrapps/jacoco-report@v1.6.1 + uses: madrapps/jacoco-report@50d3aff4548aa991e6753342d9ba291084e63848 with: paths: ${{ github.workspace }}/slick/target/scala-${{ env.scalaShort }}/jacoco/report/jacoco.xml token: ${{ secrets.GITHUB_TOKEN }} @@ -93,6 +101,7 @@ jobs: min-coverage-changed-files: ${{ env.coverage-changed-files }} title: JaCoCo `slick` module code coverage report - scala ${{ env.scalaLong }} update-comment: true + - name: Get the Coverage info if: steps.jacocorun.outcome == 'success' run: | @@ -102,9 +111,10 @@ jobs: echo "Changed Files coverage ${{ steps.jacoco-doobie.outputs.coverage-changed-files }}" echo "Total `slick` module coverage ${{ steps.jacoco-slick.outputs.coverage-overall }}" echo "Changed Files coverage ${{ steps.jacoco-slick.outputs.coverage-changed-files }}" + - name: Fail PR if changed files coverage is less than ${{ env.coverage-changed-files }}% if: steps.jacocorun.outcome == 'success' - uses: actions/github-script@v6 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd with: script: | const coverageCheckFailed = @@ -114,9 +124,10 @@ jobs: if (coverageCheckFailed) { core.setFailed('Changed files coverage is less than ${{ env.coverage-changed-files }}%!'); } + - name: Fail PR if overall files coverage is less than ${{ env.coverage-overall }}% if: ${{ (steps.jacocorun.outcome == 'success') && (env.check-overall-coverages == 'true') }} - uses: actions/github-script@v6 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd with: script: | const coverageCheckFailed = @@ -126,9 +137,10 @@ jobs: if (coverageCheckFailed) { core.setFailed('Overall coverage is less than ${{ env.coverage-overall }}%!'); } + - name: Edit JaCoCo comments on build failure if: steps.jacocorun.outcome != 'success' - uses: actions/github-script@v6 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd with: script: | const issue_number = context.issue.number; diff --git a/.github/workflows/license_check.yml b/.github/workflows/license_check.yml index 2ab787b0..309dd969 100644 --- a/.github/workflows/license_check.yml +++ b/.github/workflows/license_check.yml @@ -29,9 +29,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + with: + persist-credentials: false + - name: Setup Scala - uses: olafurpg/setup-scala@v10 + uses: olafurpg/setup-scala@32ffa16635ff8f19cc21ea253a987f0fdf29844c with: java-version: "adopt@1.8" + - run: sbt headerCheck diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e15fbddb..d69928a3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,10 +22,17 @@ jobs: publish: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.4 + - name: Checkout code + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 with: fetch-depth: 0 - - uses: olafurpg/setup-scala@v13 + persist-credentials: false + + - name: Setup Scala + uses: olafurpg/setup-scala@32ffa16635ff8f19cc21ea253a987f0fdf29844c + with: + java-version: "adopt@1.8" + - run: sbt ci-release env: PGP_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }} diff --git a/.github/workflows/test_filenames_check.yml b/.github/workflows/test_filenames_check.yml index 2c075522..f2ade18e 100644 --- a/.github/workflows/test_filenames_check.yml +++ b/.github/workflows/test_filenames_check.yml @@ -27,11 +27,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + with: + persist-credentials: false - name: Filename Inspector id: scan-test-files - uses: AbsaOSS/filename-inspector@v0.1.0 + uses: AbsaOSS/filename-inspector@355108975e656fac9faaa04209b6df3f9997c8fa with: name-patterns: '*UnitTests.*,*IntegrationTests.*' paths: '**/src/test/scala/**'