diff --git a/.github/workflows/angular.yml b/.github/workflows/angular.yml index ee66fbcf2c5..4265996863e 100644 --- a/.github/workflows/angular.yml +++ b/.github/workflows/angular.yml @@ -1,3 +1,5 @@ +# Run build, lint and test specifically for angular. +# This workflow is only run when angular files are changed in a pull-request. name: 'Angular' on: pull_request: @@ -22,17 +24,21 @@ jobs: build-test-lint: if: ${{ !github.event.pull_request.draft }} runs-on: ubuntu-latest + timeout-minutes: 5 steps: - - uses: actions/checkout@v2 + - name: Checkout repository + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: fetch-depth: 0 - - uses: actions/cache@v2 + - name: Setup cache for ng-pack node modules + uses: actions/cache@8492260343ad570701412c2f464a5877dc76bace # v2 with: path: 'npm/ng-packs/node_modules' key: ${{ runner.os }}-${{ hashFiles('npm/ng-packs/yarn.lock') }} - - uses: actions/cache@v2 + - name: Setup cache for anguler node_modules + uses: actions/cache@8492260343ad570701412c2f464a5877dc76bace # v2 with: path: 'templates/app/angular/node_modules' key: ${{ runner.os }}-${{ hashFiles('templates/app/angular/yarn.lock') }} diff --git a/.github/workflows/auto-pr.yml b/.github/workflows/auto-pr.yml index d1eba17bf4b..18be8b1cc04 100644 --- a/.github/workflows/auto-pr.yml +++ b/.github/workflows/auto-pr.yml @@ -12,25 +12,29 @@ jobs: contents: write # for peter-evans/create-pull-request to create branch pull-requests: write # for peter-evans/create-pull-request to create a PR runs-on: ubuntu-latest + timeout-minutes: 2 steps: - - uses: actions/checkout@v2 + - name: Checkout repository + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: ref: dev + - name: Fetch promotion branch + run: git fetch origin prerel-8.2:prerel-8.2 - name: Reset promotion branch - run: | - git fetch origin prerel-8.2:prerel-8.2 - git reset --hard prerel-8.2 + run: git reset --hard prerel-8.2 - name: Create Pull Request - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@18f7dc018cc2cd597073088f7c7591b9d1c02672 # v3 with: branch: auto-merge/prerel-8-2/${{github.run_number}} title: Merge branch dev with prerel-8.2 body: This PR generated automatically to merge dev with prerel-8.2. Please review the changed files before merging to prevent any errors that may occur. reviewers: maliming token: ${{ github.token }} + - name: Approve pull request + env: + GH_TOKEN: ${{ secrets.BOT_SECRET }} + run: gh pr review auto-merge/prerel-8-2/${{github.run_number}} --approve - name: Merge Pull Request env: GH_TOKEN: ${{ secrets.BOT_SECRET }} - run: | - gh pr review auto-merge/prerel-8-2/${{github.run_number}} --approve - gh pr merge auto-merge/prerel-8-2/${{github.run_number}} --merge --auto --delete-branch \ No newline at end of file + run: gh pr merge auto-merge/prerel-8-2/${{github.run_number}} --merge --auto --delete-branch diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 696d401fed1..e8458ed3448 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -1,3 +1,4 @@ +# Build and test whenever there is a change to a dotnet related file. name: "build and test" on: push: @@ -47,25 +48,28 @@ jobs: build-test: runs-on: ubuntu-latest if: ${{ !github.event.pull_request.draft }} + timeout-minutes: 30 steps: - - uses: actions/checkout@v2 - - uses: actions/setup-dotnet@master - with: - dotnet-version: 8.0.100 + - name: Checkout repository + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b - - name: chown - run: | - sudo chown -R $USER:$USER /home/runneradmin + - name: Setup dotnet 8.0.100 + uses: actions/setup-dotnet@5d1464d + with: + dotnet-version: 8.0.100 - - name: Build All - run: ./build-all.ps1 - working-directory: ./build - shell: pwsh + - name: chown + run: sudo chown -R $USER:$USER /home/runneradmin - - name: Test All - run: ./test-all.ps1 - working-directory: ./build - shell: pwsh + - name: Build All + run: ./build-all.ps1 + working-directory: ./build + shell: pwsh - - name: Codecov - uses: codecov/codecov-action@v2 + - name: Test All + run: ./test-all.ps1 + working-directory: ./build + shell: pwsh + + - name: Codecov + uses: codecov/codecov-action@f32b3a3 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d1f6c0c503e..a8be992b785 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -41,7 +41,8 @@ jobs: security-events: write # for github/codeql-action/autobuild to send a status report name: Analyze runs-on: ubuntu-latest - + # To be updated when runs have been performed + timeout-minutes: 30 strategy: fail-fast: false matrix: @@ -53,7 +54,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. @@ -61,12 +62,13 @@ jobs: # If this run was triggered by a pull request event, then checkout # the head of the pull request instead of the merge commit. - - run: git checkout HEAD^2 + - name: Checkout head of merge request if triggered by a merge request + run: git checkout HEAD^2 if: ${{ github.event_name == 'pull_request' }} # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@231aa2c8a89117b126725a0e11897209b7118144 # v1 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -77,7 +79,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@231aa2c8a89117b126725a0e11897209b7118144 # v1 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -86,9 +88,9 @@ jobs: # and modify them (or add more) to build your code if your project # uses a compiled language - #- run: | + # - run: | # make bootstrap # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@231aa2c8a89117b126725a0e11897209b7118144 # v1 diff --git a/.github/workflows/update-versions.yml b/.github/workflows/update-versions.yml index d0a295884fd..9892e7a6cbf 100644 --- a/.github/workflows/update-versions.yml +++ b/.github/workflows/update-versions.yml @@ -1,10 +1,11 @@ +# Create a PR after updating the version in latest-version.json name: Update Latest Versions on: release: types: - published - + permissions: contents: write pull-requests: write @@ -12,22 +13,22 @@ permissions: jobs: update-versions: runs-on: ubuntu-latest + timeout-minutes: 1 steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 - name: Set up Python - uses: actions/setup-python@v2 + uses: actions/setup-python@e9aba2c with: python-version: 3.x + - name: Get latest version of pip + run: python -m pip install --upgrade pip - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install PyGithub + run: pip install PyGithub==2.3.0 - name: Update latest-versions.json and create PR env: GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} - run: | - python .github/scripts/update_versions.py + run: python .github/scripts/update_versions.py