From 44e6daa12978abddee7b403e1c12809dc4520cd5 Mon Sep 17 00:00:00 2001 From: Gamebuster19901 Date: Wed, 4 Dec 2024 21:30:13 -0500 Subject: [PATCH] Add Github Workflows --- .github/dependabot.yml | 14 ++++ .github/workflows/RebuildApprovedPR.yml | 98 +++++++++++++++++++++++ .github/workflows/ValidateApproval.yaml | 100 ++++++++++++++++++++++++ .github/workflows/build.yml | 92 ++++++++++++++++++++++ .github/workflows/gradle.yml | 31 -------- 5 files changed, 304 insertions(+), 31 deletions(-) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/RebuildApprovedPR.yml create mode 100644 .github/workflows/ValidateApproval.yaml create mode 100644 .github/workflows/build.yml delete mode 100644 .github/workflows/gradle.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..59ae2c8 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,14 @@ +version: 2 +updates: + - package-ecosystem: "gradle" + directory: "/" + schedule: + interval: "daily" + reviewers: + - "Gamebuster19901" + assignees: + - "Gamebuster19901" + labels: + - "Category - Enhancement" + - "Priority - Normal ↓" + open-pull-requests-limit: 99 diff --git a/.github/workflows/RebuildApprovedPR.yml b/.github/workflows/RebuildApprovedPR.yml new file mode 100644 index 0000000..fb6c882 --- /dev/null +++ b/.github/workflows/RebuildApprovedPR.yml @@ -0,0 +1,98 @@ +name: Rebuild Approved PR + +on: + issue_comment: + types: [created] + +jobs: + rebuild_approved_pr: + runs-on: ubuntu-latest + if: > + github.event.comment.user.login == 'Gamebuster19901' && + github.event.comment.body == '@WilderForge rebuild' && + github.event.issue.pull_request != null + steps: + - name: Fetch Approval Workflow Run + id: fetch_approval_run + run: | + # Fetch the pull request details + PR_URL=$(jq -r '.pull_request.url' <<< '${{ toJson(github.event.issue) }}') + echo "PR URL: $PR_URL" + + PR_DETAILS=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" "$PR_URL") + # echo "PR Details: $PR_DETAILS" # Debugging: output PR details to see its contents + + PR_NUMBER=$(echo "$PR_DETAILS" | jq -r '.number') + echo "PR Number: $PR_NUMBER" # Debugging: output the PR number + + # Get the commit SHA directly from the pull request head object + PR_SHA=$(echo "$PR_DETAILS" | jq -r '.head.sha') + echo "PR SHA: $PR_SHA" # Debugging: output the PR SHA + + if [ -z "$PR_SHA" ]; then + echo "Pull request head commit SHA is null. Exiting." + exit 1 + fi + + # Get the list of workflow runs for the repository + WORKFLOWS=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/${{ github.repository }}/actions/runs") + # echo "Workflow Runs: $WORKFLOWS" # Debugging: output workflow runs data + + # Find the latest completed run of the 'Validate Approval' workflow that matches the head SHA + APPROVAL_RUN=$(echo "$WORKFLOWS" | jq -r \ + '.workflow_runs[] | select(.name == "Validate Approval" and .head_sha == "'$PR_SHA'" and .status == "completed") | .id' | head -n 1) + echo "Approval Run: $APPROVAL_RUN" # Debugging: output the approval run ID + + if [ -z "$APPROVAL_RUN" ]; then + echo "The head of this PR has not been validated. Exiting." + exit 1 + fi + + # Save the approval run ID to environment variable for use in later steps + echo "APPROVAL_RUN=$APPROVAL_RUN" >> $GITHUB_ENV + + - name: Check Approval + id: check_approval_status + run: | + # Fetch the details of the approval workflow run using the saved APPROVAL_RUN ID + APPROVAL_STATUS=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/${{ github.repository }}/actions/runs/${{ env.APPROVAL_RUN }}") + + CONCLUSION=$(echo "$APPROVAL_STATUS" | jq -r '.conclusion') + STATUS=$(echo "$APPROVAL_STATUS" | jq -r '.status') + + echo "Approval Workflow Status: $STATUS" # Debugging: output the workflow status + echo "Approval Workflow Conclusion: $CONCLUSION" # Debugging: output the workflow conclusion + + if [[ "$CONCLUSION" != "success" || "$STATUS" != "completed" ]]; then + echo "The head of this PR has not been validated. Exiting." + exit 1 + fi + + echo "The head of this PR has been validated." + + - name: Trigger Build Commit Workflow + if: success() + run: | + # Get the source branch of the PR (from the pull_request object) + PR_BRANCH="${{ github.event.pull_request.head.ref }}" + + # Define the API endpoint for dispatching the workflow + WORKFLOW_URL="https://api.github.com/repos/${{ github.repository }}/actions/workflows/build.yml/dispatches" + + # Trigger the workflow for the branch of the pull request + echo "Triggering workflow for branch: $PR_BRANCH" + RESPONSE=$(curl -s -w "%{http_code}" -o response.json -X POST \ + -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + -d '{"ref": "refs/heads/'${PR_BRANCH}'", "inputs": {"sha": "${{ github.event.review.commit_id }}"}}' \ + "$WORKFLOW_URL") + + # Check if the HTTP status code is 2xx (successful) + if [[ "$RESPONSE" -lt 200 || "$RESPONSE" -ge 300 ]]; then + echo "Error triggering the workflow: HTTP $RESPONSE" + cat response.json + exit 1 + else + echo "Successfully triggered the workflow." + fi diff --git a/.github/workflows/ValidateApproval.yaml b/.github/workflows/ValidateApproval.yaml new file mode 100644 index 0000000..6bed0e5 --- /dev/null +++ b/.github/workflows/ValidateApproval.yaml @@ -0,0 +1,100 @@ +name: Validate Approval + +on: + pull_request_review: + types: [submitted] + +jobs: + approve_and_run: + runs-on: ubuntu-latest + if: | + ( + github.event.review.state == 'approved' && + github.event.review.user.login == 'Gamebuster19901' + ) || + ( + ( + github.event.pull_request != null && + github.event.sender.login == 'Gamebuster19901' && + github.event.pull_request.user.login == 'Gamebuster19901' + ) && + ( + startsWith(github.event.review.body, 'approved') || + startsWith(github.event.review.body, 'reject') + ) + ) + steps: + - name: Checking Approval + id: "checking_approval" + run: | + DESC="null" + if [[ "${{ github.event.review.state }}" == "approved" || "${{ github.event.review.body }}" == approved* ]]; then + DESC="${{ github.event.review.user.login }} APPROVED build for ${{ github.event.review.commit_id }}" + echo $DESC + echo "conclusion=success" >> "$GITHUB_ENV" + echo "description=$DESC" >> "$GITHUB_ENV" + exit 0 + elif [[ "${{ github.event.review.body }}" == reject* ]]; then + DESC="${{ github.event.review.user.login }} REJECTED build for ${{ github.event.review.commit_id }}" + echo $DESC + echo "conclusion=failure" >> "$GITHUB_ENV" + echo "description=$DESC" >> "$GITHUB_ENV" + exit 1 + else + DESC="Assertion Error: Review body expected start with 'approved' or 'reject'. This step should have been skipped but it ran anyway!" + echo $DESC + echo "conclusion=failure" >> "$GITHUB_ENV" + echo "description=$DESC" >> "$GITHUB_ENV" + exit 1 + fi + + - name: Post Status Check + if: + always() + run: | + echo "${{ env.approved_sha }}" + + STATUS="${{ env.conclusion }}" + DESCRIPTION="${{ env.description }}" + + CONTEXT="Approval Validation" + APPROVED_SHA="${{ github.event.review.commit_id }}" + + TARGET_URL="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" + + # Post the status using GitHub API + curl -s -X POST \ + -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + -H "Content-Type: application/json" \ + -d "{ + \"state\": \"$STATUS\", + \"description\": \"$DESCRIPTION\", + \"context\": \"Approval Validation\", + \"target_url\": \"$TARGET_URL\" + }" \ + "https://api.github.com/repos/${{ github.repository }}/statuses/$APPROVED_SHA" + + - name: Trigger Build Commit Workflow + if: success() + run: | + # Get the source branch of the PR (from the pull_request object) + PR_BRANCH="${{ github.event.pull_request.head.ref }}" + + # Define the API endpoint for dispatching the workflow + WORKFLOW_URL="https://api.github.com/repos/${{ github.repository }}/actions/workflows/build.yml/dispatches" + + # Trigger the workflow for the branch of the pull request + echo "Triggering workflow for branch: $PR_BRANCH" + RESPONSE=$(curl -s -w "%{http_code}" -o response.json -X POST \ + -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + -d '{"ref": "refs/heads/'${PR_BRANCH}'", "inputs": {"sha": "${{ github.event.review.commit_id }}"}}' \ + "$WORKFLOW_URL") + + # Check if the HTTP status code is 2xx (successful) + if [[ "$RESPONSE" -lt 200 || "$RESPONSE" -ge 300 ]]; then + echo "Error triggering the workflow: HTTP $RESPONSE" + cat response.json + exit 1 + else + echo "Successfully triggered the workflow." + fi diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..5cbd2d2 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,92 @@ +name: Build Specific Commit + +on: + workflow_dispatch: + inputs: + sha: + description: 'The commit SHA to checkout and build' + required: true + publish: + description: 'Whether to publish after building' + required: false + push: + branches: + - master + +jobs: + build_commit: + runs-on: [self-hosted, linux] + + steps: + - name: Determine Commit SHA + id: determine_sha + run: | + if [ -z "${{ github.event.inputs.sha }}" ]; then + echo "COMMIT_SHA=${{ github.sha }}" >> $GITHUB_ENV + else + echo "COMMIT_SHA=${{ github.event.inputs.sha }}" >> $GITHUB_ENV + fi + + - name: Set Commit Status to Pending + run: | + STATUS="pending" + DESCRIPTION="Build in progress for commit ${{ env.COMMIT_SHA }}" + TARGET_URL="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" + + curl -s -X POST \ + -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + -H "Content-Type: application/json" \ + -d "{ + \"state\": \"$STATUS\", + \"description\": \"$DESCRIPTION\", + \"context\": \"Build Status\", + \"target_url\": \"$TARGET_URL\" + }" \ + "https://api.github.com/repos/${{ github.repository }}/statuses/${{ env.COMMIT_SHA }}" + + - name: Checkout the repository at SHA + uses: actions/checkout@v3 + with: + ref: ${{ env.COMMIT_SHA }} + + - name: Set up JDK 17 + uses: actions/setup-java@v4.5.0 + with: + java-version: '17' + distribution: 'adopt' + + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v4 + + - name: Build With Gradle + run: ./gradlew build + + - name: Publish Build + if: ${{ github.event.inputs.publish == 'true' }} + run: | + echo "Publishing build..." + ./gradlew publish -PmavenRepoUrl=${{ secrets.MAVEN_REPO }} + + - name: Post Build Status + if: always() + run: | + STATUS="success" + DESCRIPTION="Build successful" + + if [ ${{ job.status }} != "success" ]; then + STATUS="failure" + DESCRIPTION="Build failed" + fi + + TARGET_URL="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" + + curl -s -X POST \ + -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + -H "Content-Type: application/json" \ + -d "{ + \"state\": \"$STATUS\", + \"description\": \"$DESCRIPTION\", + \"context\": \"Build Status\", + \"target_url\": \"$TARGET_URL\" + }" \ + "https://api.github.com/repos/${{ github.repository }}/statuses/${{ env.COMMIT_SHA }}" \ No newline at end of file diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml deleted file mode 100644 index a06b6d9..0000000 --- a/.github/workflows/gradle.yml +++ /dev/null @@ -1,31 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. -# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time -# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle - -name: Java CI with Gradle - -on: - push: - branches: [ master ] - pull_request: - branches: [ master ] - -jobs: - build: - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Set up JDK 17 - uses: actions/setup-java@v2 - with: - java-version: '17' - distribution: 'adopt' - - name: Build with Gradle - uses: gradle/gradle-build-action@4137be6a8bf7d7133955359dbd952c0ca73b1021 - with: - arguments: shadowJar