diff --git a/.github/dependabot.yml b/.github/dependabot.yml index ef5b19dea1..a0bd4a8bd0 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,14 +5,14 @@ updates: schedule: interval: "daily" time: "02:00" - - package-ecosystem: "maven" + - package-ecosystem: "github-actions" directory: "/" - target-branch: "master-java8" schedule: interval: "daily" - time: "02:00" + time: "03:00" - package-ecosystem: "github-actions" directory: "/" + target-branch: "master-java8" schedule: interval: "daily" time: "03:00" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5661aeae1b..ea01c3bc17 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -3,17 +3,9 @@ name: "CodeQL" on: push: branches: [ master ] - paths: - - '**/*.java' - - '**/pom.xml' - - '.github/workflows/codeql-analysis.yml' pull_request: # The branches below must be a subset of the branches above branches: [ master ] - paths: - - '**/*.java' - - '**/pom.xml' - - '.github/workflows/codeql-analysis.yml' schedule: - cron: '37 19 * * 0' @@ -36,22 +28,21 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Java - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: 17.0.x # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4 + uses: github/codeql-action/init@b8d3b6e8af63cde30bdc382c0bc28114f4346c88 # v2 with: languages: ${{ matrix.language }} + tools: 'https://github.com/github/codeql-action/releases/download/codeql-bundle-20230524/codeql-bundle-linux64.tar.gz' - # See https://github.com/github/codeql/issues/13541 for the origins of this command - # We can't use autobuild because it doesn't detect the right Java version - - name: Build project - run: ./mvnw clean package -f "pom.xml" -B -V -e -Dfindbugs.skip -Dcheckstyle.skip -Dpmd.skip=true -Dspotbugs.skip -Denforcer.skip -Dmaven.javadoc.skip -DskipTests -Dmaven.test.skip.exec -Dlicense.skip=true -Drat.skip=true -Dspotless.check.skip=true + - name: Autobuild + uses: github/codeql-action/autobuild@b8d3b6e8af63cde30bdc382c0bc28114f4346c88 # v2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4 + uses: github/codeql-action/analyze@b8d3b6e8af63cde30bdc382c0bc28114f4346c88 # v2 diff --git a/.github/workflows/generate-crd.yml b/.github/workflows/generate-crd.yml index 895423e9cd..37aa62669b 100644 --- a/.github/workflows/generate-crd.yml +++ b/.github/workflows/generate-crd.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Run CRD Model Generation run: | read CRD_SRC_ARGS < <(echo '${{ github.event.inputs.crds }}' | perl -ne 'print join " ", map {"-u $_"} split /,/') @@ -48,7 +48,7 @@ jobs: -p ${{ github.event.inputs.generatingJavaPackage }} \ -o "$(pwd)/${GEN_DIR}" ls -lh ${GEN_DIR} - - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 + - uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3 with: name: generated-java-crd-model path: | diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 56fe64c6c9..b538e1703e 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -17,11 +17,6 @@ on: required: true default: false description: If true, skip patching code after generation - skip_proto: - type: boolean - required: false - default: false - description: If true, skip proto generation permissions: contents: read @@ -35,16 +30,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Java - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: token: ${{ secrets.PAT_TOKEN }} - name: Setup Java - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: 17.0.x - name: Checkout Gen - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: path: gen repository: kubernetes-client/gen @@ -76,30 +71,19 @@ jobs: export PACKAGE_NAME="io.kubernetes.client.openapi" EOF - USE_SINGLE_PARAMETER=true bash java.sh ../../kubernetes/ settings + USE_SINGLE_PARAMETER=false OPENAPI_GENERATOR_COMMIT=v4.3.1 bash java.sh ../../kubernetes/ settings popd + rm -rf gen git config user.email "k8s-publishing-bot@users.noreply.github.com" git config user.name "Kubernetes Publisher" git checkout -b "$BRANCH" git add . git commit -s -m 'Automated openapi generation from ${{ github.event.inputs.kubernetesBranch }}' - - name: Generate Proto - if: ${{ github.event.inputs.skip_proto != 'true' }} - run: | - pushd gen/proto - # Download proto dependencies for the specified Kubernetes branch - bash dependencies.sh "${{ github.event.inputs.kubernetesBranch }}" - # Generate Java proto classes - bash generate.sh java ../../proto/src/main/java/ - popd - rm -rf gen - git add proto/ - git commit -s -m 'Automated proto generation from ${{ github.event.inputs.kubernetesBranch }}' - name: Apply Manual Diffs if: ${{ github.event.inputs.skip_patches != 'true' }} run: | - ls scripts/patches/*.diff | xargs -I {} bash -xc 'patch -p1 < "{}"' - git add *.java + ls scripts/patches/*.diff | xargs git apply + git add . git commit -s -m 'Applied patches under scripts/patches/*.diff' - name: Generate Fluent run: | @@ -130,7 +114,3 @@ jobs: destination_branch: ${{ github.ref_name }} github_token: ${{ secrets.PAT_TOKEN }} pr_title: "Automated Generate from openapi ${{ github.event.inputs.kubernetesBranch }}" - - - - diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index e5f1bd4275..6d0d8b10a9 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -6,52 +6,39 @@ name: build on: push: branches: [ "master", "master-java8", "release-**" ] - paths: - - '**/*.java' - - '**/pom.xml' - - '.mvn/**' - - 'mvnw' - - 'mvnw.cmd' - - '.github/workflows/maven.yml' pull_request: branches: [ "master", "master-java8", "release-**" ] - paths: - - '**/*.java' - - '**/pom.xml' - - '.mvn/**' - - 'mvnw' - - 'mvnw.cmd' - - '.github/workflows/maven.yml' jobs: verify-format: runs-on: ubuntu-latest name: Verify Source Format steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Java - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: 17 - name: Verify Format and License - run: ./mvnw spotless:check + run: mvn spotless:check build: name: Java ${{ matrix.java }} Maven Test on ${{ matrix.os }} strategy: matrix: - java: [ 11.0.x, 17.0.x, 21.0.x ] - os: [ macos-latest, windows-latest, ubuntu-latest ] + # Test against the LTS Java versions. TODO: add JDK18 when it becomes available. + java: [ 8.0.x ] + os: [ windows-latest, ubuntu-latest ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Java - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: ${{ matrix.java }} - name: Cache local Maven repository - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ matrix.java }}-${{ hashFiles('pom.xml', '**/pom.xml') }} @@ -64,56 +51,54 @@ jobs: EXCLUDED_EXAMPLE_MODULES=`ls examples | grep examples | xargs -I {} echo '!examples/{}' | tr '\n' ',' | sed 's/.$//'` MODS_OVERRIDES=$MODS_OVERRIDES,$EXCLUDED_EXAMPLE_MODULES fi - ./mvnw -q -B --define=org.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn $MODS_OVERRIDES clean test + mvn -q -B --define=org.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn $MODS_OVERRIDES clean test build-graalvm: runs-on: ubuntu-latest name: GraalVM Maven Test steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - uses: graalvm/setup-graalvm@60c26726de13f8b90771df4bc1641a52a3159994 # v1 with: version: '22.3.0' java-version: '17' components: 'native-image' - name: Build with Maven - run: ./mvnw -q test -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn + run: mvn -q test -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn e2e: runs-on: ubuntu-latest name: End-to-End Test Against Real Cluster steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Create k8s Kind Cluster - uses: helm/kind-action@ef37e7f390d99f746eb8b610417061a60e82a6cc # v1.14.0 + uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 - name: Setup Java - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: 17.0.x - name: Run E2E with Maven run: | - ./mvnw clean install \ + mvn clean install \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ -q \ -Dmaven.test.skip=true cd e2e - ../mvnw test \ + mvn test \ -B \ -De2e.skip=false \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn - env: - mvnw: ${{ github.workspace }}/mvnw examples: runs-on: ubuntu-latest name: Examples smoke test steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Java - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: 17.0.x - name: Cache local Maven repository - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} @@ -121,21 +106,21 @@ jobs: ${{ runner.os }}-maven- - name: Build with Maven run: | - ./mvnw clean install \ + mvn clean install \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ -q \ -Dmaven.test.skip=true - name: Build Cert Manager Contrib run: | cd client-java-contrib/cert-manager - ../../mvnw clean install \ + mvn clean install \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ -q \ -Dmaven.test.skip=true - name: Build Prometheus Contrib run: | cd client-java-contrib/prometheus-operator - ../../mvnw clean install \ + mvn clean install \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ -q \ -Dmaven.test.skip=true @@ -143,10 +128,8 @@ jobs: run: | for d in $(find examples* -maxdepth 1 -type d) do - ${MVNW} clean install -Dmaven.test.skip=true -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn + mvn clean install -Dmaven.test.skip=true -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn done - env: - MVNW: ${{ github.workspace }}/mvnw codegen: runs-on: ubuntu-latest services: @@ -156,7 +139,7 @@ jobs: - 5000:5000 name: CRD Java Models Code Generation steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Publish to Registry uses: elgohr/Publish-Docker-Github-Action@1c2f28ccd9476e8a936ac9a1f287405504c93304 # v5 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7763fbcd07..8e64f160a3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,11 +6,11 @@ on: releaseVersion: type: string required: true - description: The POM release version of this release. Must be a semantic version of the form X.Y.Z. (For cutting legacy release, use format X.Y.Z-legacy) + description: The POM release version of this release. Must be a semantic version of the form X.Y.Z. nextDevelopmentVersion: type: string required: true - description: The next POM development version after the release is done. Must be of the form X.Y.${Z+1}-SNAPSHOT. (For cutting legacy release, use format X.Y.${Z+1}-legacy-SNAPSHOT) + description: The next POM development version after the release is done. Must be of the form X.Y.${Z+1}-SNAPSHOT dry-run: type: boolean required: true @@ -23,11 +23,11 @@ jobs: - name: Validate Input run: | echo "${{ github.ref_type }}" | perl -ne 'die unless m/^branch$/' - echo "${{ github.ref_name }}" | perl -ne 'die unless m/^release-\d+$/' - echo "${{ github.event.inputs.releaseVersion }}" | perl -ne 'die unless m/^\d+\.\d+\.\d+$/' - echo "${{ github.event.inputs.nextDevelopmentVersion }}" | perl -ne 'die unless m/^\d+\.\d+\.\d+-SNAPSHOT$/' + echo "${{ github.ref_name }}" | perl -ne 'die unless m/^release-legacy-.+$/' + echo "${{ github.event.inputs.releaseVersion }}" | perl -ne 'die unless m/^\d+\.\d+\.\d+-legacy$/' + echo "${{ github.event.inputs.nextDevelopmentVersion }}" | perl -ne 'die unless m/^\d+\.\d+\.\d+-legacy-SNAPSHOT$/' - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: token: ${{ secrets.PAT_TOKEN }} - name: Check Actor @@ -35,7 +35,7 @@ jobs: # Release actor should be in the OWNER list cat OWNERS | grep ${{ github.actor }} - name: Setup Java - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: 17.0.x @@ -53,7 +53,7 @@ jobs: git config user.name "Kubernetes Publisher" - name: Check Current Version run: | - ./mvnw -q \ + mvn -q \ -Dexec.executable=echo \ -Dexec.args='${project.version}' \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ @@ -87,19 +87,15 @@ jobs: git push https://${{ github.token }}@github.com/${{ github.repository }}.git v${{ github.event.inputs.releaseVersion }} - name: Pull Request if: ${{ github.event.inputs.dry-run != 'true' }} - env: - GH_TOKEN: ${{ secrets.PAT_TOKEN }} - run: | - gh pr create \ - --base ${{ github.ref_name }} \ - --head automated-release-${{ github.event.inputs.releaseVersion }} \ - --title "Automated Release: ${{ github.event.inputs.releaseVersion }}" \ - --body "" + uses: repo-sync/pull-request@7e79a9f5dc3ad0ce53138f01df2fad14a04831c5 # v2 + with: + source_branch: automated-release-${{ github.event.inputs.releaseVersion }} + destination_branch: ${{ github.ref_name }} + github_token: ${{ secrets.PAT_TOKEN }} + pr_title: "Automated Release: ${{ github.event.inputs.releaseVersion }}" - name: Publish Release if: ${{ github.event.inputs.dry-run != 'true' }} - env: - GH_TOKEN: ${{ secrets.PAT_TOKEN }} - run: | - gh release create v${{ github.event.inputs.releaseVersion }} \ - --title "v${{ github.event.inputs.releaseVersion }}" \ - --generate-notes + uses: ncipollo/release-action@339a81892b84b4eeb0f6e744e4574d79d0d9b8dd # v1 + with: + token: ${{ secrets.PAT_TOKEN }} + tag: v${{ github.event.inputs.releaseVersion }} diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml index 52fe249ac5..95fb6a7b70 100644 --- a/.github/workflows/snapshot.yml +++ b/.github/workflows/snapshot.yml @@ -4,10 +4,6 @@ on: push: branches: - master - paths: - - '**/*.java' - - '**/pom.xml' - - '.github/workflows/snapshot.yml' workflow_dispatch: {} permissions: @@ -19,9 +15,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Java - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: 17.0.x