1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-12-22 19:07:54 +01:00
Commit Graph

19 Commits

Author SHA1 Message Date
Gastón Fournier
07354f7218
chore: workflows call workflows (#7089)
Relying on tags to trigger workflows makes it hard to trace what's
happening after a release, currently:
1. We manually trigger a release workflow
2. The release workflow executes and tags the new release in code
3. Several other workflows trigger after matching the tag doing
different things: build docker images, tarballs and other things.

This creates a loose dependency between the workflows which are actually
part of the same "release workflow" which makes it difficult to spot
when one or other dependent workflow fails because the dependency is
indirect through the tagging mechanism.

This PR switches to a more direct approach using [workflow
calls](https://docs.github.com/en/actions/using-workflows/reusing-workflows).
This will create a graph as shown in the following graph:
![](https://docs.github.com/assets/cb-34427/mw-1440/images/help/actions/reusable-workflows-ci-cd.webp)
making it easier to track and identify any problem.

The "drawback" of this approach is that previously we could trigger all
dependent workflows at once by creating a tag matching the expected
pattern without manually triggering a new release. This limitation can
be overcome by adding a manual workflow_dispatch to the workflows using
the tag trigger.
2024-05-24 07:28:39 +00:00
Christopher Kolstad
7e38d6bae1
Node20 (#7095)
Upgrades workflows, nvmrc and package.json to use Node 20.
2024-05-23 14:14:09 +02:00
renovate[bot]
dcb8b5b5a1
chore(deps): update actions/github-script action to v7 (#5539)
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/github-script](https://togithub.com/actions/github-script) |
action | major | `v6` -> `v7` |

---

### Release Notes

<details>
<summary>actions/github-script (actions/github-script)</summary>

### [`v7`](https://togithub.com/actions/github-script/compare/v6...v7)

[Compare
Source](https://togithub.com/actions/github-script/compare/v6...v7)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 7pm every weekday,before 5am
every weekday" in timezone Europe/Madrid, Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/Unleash/unleash).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-09 18:53:50 +01:00
renovate[bot]
99e7aec18a
chore(deps): update actions/checkout action to v4 (#4741)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-05 10:19:57 +02:00
Gastón Fournier
05c6f42f7b
fix: avoid expression injection (#4157)
## About the changes
Using toJSON should escape any potentially harmful content from the
username and email input
2023-07-06 07:52:50 +00:00
Gastón Fournier
1f7a948f6d
chore: avoids code injection through git commit (#4147)
## About the changes
Avoids code injection via the committer name or email

Also removes pushing to s3 on `main` folder as it's not used and we're
already pushing to `commits` folder
2023-07-05 13:35:12 +02:00
Gastón Fournier
661cbf2b91
fix: some security vulnerabilities (#4143)
## About the changes
This should address:
https://github.com/Unleash/unleash/security/code-scanning/1,
https://github.com/Unleash/unleash/security/code-scanning/49 and
https://github.com/Unleash/unleash/security/code-scanning/52

Refs:
-
https://securitylab.github.com/research/github-actions-untrusted-input/
-
https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
- https://datatracker.ietf.org/doc/html/rfc5321#section-4.5.3.1.1

---------

Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai>
2023-07-05 11:51:27 +02:00
Gastón Fournier
28cafd6e06
fix: change to the proper author (#4141)
## About the changes
Based on the information displayed here
https://github.com/Unleash/unleash/actions/runs/5456442710/jobs/9929252672#step:3:11
this is how we should get the email and name of the committer
2023-07-04 19:44:10 +02:00
Gastón Fournier
148842e867
chore: Add debug information (#4140)
## About the changes
Debug information to get the best way of fetching the commit author and
use that to trigger a workflow
2023-07-04 17:34:35 +02:00
renovate[bot]
6ab62d5bfa
chore(deps): update aws-actions/configure-aws-credentials action to v2 (#3893)
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[aws-actions/configure-aws-credentials](https://togithub.com/aws-actions/configure-aws-credentials)
| action | major | `v1` -> `v2` |

---

### Release Notes

<details>
<summary>aws-actions/configure-aws-credentials</summary>

###
[`v2`](https://togithub.com/aws-actions/configure-aws-credentials/releases/tag/v2)

[Compare
Source](https://togithub.com/aws-actions/configure-aws-credentials/compare/v1...v2)

This tag tracks the latest v2.x.x release.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/Unleash/unleash).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMDIuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNS4xMDIuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-06 15:03:11 +02:00
Gastón Fournier
a7bd91d621
fix: Remove repository which is no longer needed (#3900)
## About the changes
Sync fails
https://github.com/Unleash/unleash/actions/runs/5174602051/jobs/9321118800#step:3:23
due to https://github.com/ivarconr/unleash-enterprise/pull/562 because
we now assume the repository is Unleash/unleash

This removes the repository from the payload
2023-06-05 08:03:16 +00:00
Gastón Fournier
64f212fdda
fix: author and email should be for PRs (#3899)
## About the changes
Previous PR https://github.com/Unleash/unleash/pull/3871 we were
supposed to change this for PRs but the change was made on
`release.yaml` file. This fixes the issue
2023-06-05 09:47:20 +02:00
Gastón Fournier
08cf5e3041
chore: delay static asset generation (#3848)
## About the changes
Delay static asset generation to speed up the CI/CD pipeline.
Next, we should add a validation step before deployment to validate that
the static assets were properly published
2023-05-23 23:27:44 +02:00
Gastón Fournier
9f6e885830
fix: new workflow name (#3845)
Adopt the new workflow name:
https://github.com/ivarconr/unleash-enterprise/pull/529
2023-05-23 15:55:59 +02:00
Gastón Fournier
2152a04a85
fix: Use the correct actor (#3842)
Use the right author name as tested here
https://github.com/Unleash/unleash/actions/runs/5056589150/jobs/9074236865#step:6:833
2023-05-23 12:57:14 +01:00
Gastón Fournier
868df5d941
test: Add debug logs (#3841)
These logs will help us identify what should we use instead of
e55e7feed3/.github/workflows/notify_enterprise.yaml (L56)
which is being set to web-flow
https://github.com/Unleash/unleash/actions/runs/5055463116/jobs/9071696845#step:7:12
2023-05-23 13:15:11 +02:00
Jaanus Sellin
e075d46f79
fix: change commit hash step name (#3784) 2023-05-16 13:36:17 +03:00
Jaanus Sellin
a7751dfbdd
feat: set commit hash as static asset version (#3783) 2023-05-16 11:44:50 +03:00
Jaanus Sellin
0a3cf646be
feat: new notify enterprise workflow (#3781) 2023-05-16 11:06:07 +03:00