etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor github actions (#12774)

This commit is contained in:
Vishesh 2026-05-26 16:23:19 +05:30 committed by GitHub
parent 2ae1015073
commit 583a1e0dfb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
15 changed files with 275 additions and 252 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
.github/actions/install-nonoss/action.yml vendored Normal file
View File

@ -0,0 +1,31 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
name: 'Install CloudStack Non-OSS'
description: 'Clones and installs the shapeblue/cloudstack-nonoss repository.'
runs:
using: "composite"
steps:
- name: Install cloudstack-nonoss
shell: bash
run: |
git clone --depth 1 https://github.com/shapeblue/cloudstack-nonoss.git nonoss
cd nonoss
bash -x install-non-oss.sh
cd ..
rm -fr nonoss

58
.github/actions/setup-env/action.yml vendored Normal file
View File

@ -0,0 +1,58 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
name: 'Setup CloudStack Environment'
description: 'Sets up JDK (with Maven cache), optionally Python, and optionally APT build dependencies for CloudStack.'
inputs:
java-version:
description: 'The JDK version to use'
required: false
default: '17'
install-python:
description: 'Whether to install Python 3.10'
required: false
default: 'false'
install-apt-deps:
description: 'Whether to install CloudStack APT build dependencies'
required: false
default: 'false'
runs:
using: "composite"
steps:
- name: Set up JDK ${{ inputs.java-version }}
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
with:
java-version: ${{ inputs.java-version }}
distribution: 'adopt'
architecture: x64
cache: 'maven'
- name: Set up Python
if: ${{ inputs.install-python == 'true' }}
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: '3.10'
architecture: x64
- name: Install Build Dependencies
if: ${{ inputs.install-apt-deps == 'true' }}
shell: bash
run: |
sudo apt-get update
sudo apt-get install -y git uuid-runtime genisoimage netcat-openbsd ipmitool build-essential libgcrypt20 libgpg-error-dev libgpg-error0 libopenipmi0 libpython3-dev libssl-dev libffi-dev python3-openssl python3-dev python3-setuptools

40
.github/workflows/build.yml vendored
View File

@ -16,40 +16,27 @@
# under the License.
name: Build
on: [push, pull_request]
on:
- push
- pull_request
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v6
- name: Set up JDK 17
uses: actions/setup-java@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v6
- name: Setup Environment
uses: ./.github/actions/setup-env
with:
python-version: '3.10'
architecture: 'x64'
- name: Install Build Dependencies
run: |
sudo apt-get update
sudo apt-get install -y git uuid-runtime genisoimage netcat ipmitool build-essential libgcrypt20 libgpg-error-dev libgpg-error0 libopenipmi0 ipmitool libpython3-dev libssl-dev libffi-dev python3-openssl python3-dev python3-setuptools
install-python: 'true'
install-apt-deps: 'true'
- name: Env details
run: |
uname -a
@ -60,9 +47,8 @@ jobs:
free -m
nproc
git status
- name: Install Non-OSS
uses: ./.github/actions/install-nonoss
- name: Noredist Build
run: |
git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss && cd nonoss && bash -x install-non-oss.sh && cd ..
rm -fr nonoss
mvn -B -P developer,systemvm -Dsimulator -Dnoredist clean install -T$(nproc)

109
.github/workflows/ci.yml vendored
View File

@ -16,21 +16,56 @@
# under the License.
name: Simulator CI
on: [push, pull_request]
on:
- push
- pull_request
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
permissions:
contents: read
jobs:
build:
if: github.repository == 'apache/cloudstack'
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0
persist-credentials: false
- name: Setup Environment
uses: ./.github/actions/setup-env
with:
install-python: 'true'
install-apt-deps: 'true'
- name: Env details
run: |
uname -a
whoami
javac -version
mvn -v
python3 --version
free -m
nproc
git status
ipmitool -V
- name: Build with Maven
run: |
mvn -B -P developer,systemvm -Dsimulator clean install -DskipTests=true -T$(nproc)
- name: Archive artifacts
run: |
mkdir -p /tmp/artifacts
tar -czf /tmp/artifacts/targets.tar.gz $(find . -name "target" -type d) tools/marvin/dist engine/schema/dist utils/conf
tar -czf /tmp/artifacts/m2-cloudstack.tar.gz -C ~/.m2/repository org/apache/cloudstack
- name: Upload artifacts
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: build-artifacts
path: /tmp/artifacts/
test:
needs: build
if: github.repository == 'apache/cloudstack'
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
@ -215,30 +250,16 @@ jobs:
smoke/test_list_service_offerings
smoke/test_list_storage_pools
smoke/test_list_volumes"]
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0
- name: Set up JDK 17
uses: actions/setup-java@v5
persist-credentials: false
- name: Setup Environment
uses: ./.github/actions/setup-env
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.10'
architecture: 'x64'
- name: Install Build Dependencies
run: |
sudo apt-get update
sudo apt-get install -y git uuid-runtime genisoimage netcat-openbsd ipmitool build-essential libgcrypt20 libgpg-error-dev libgpg-error0 libopenipmi0 ipmitool libpython3-dev libssl-dev libffi-dev python3-openssl python3-dev python3-setuptools
install-python: 'true'
install-apt-deps: 'true'
- name: Setup IPMI Tool for CloudStack
run: |
# Create cloudstack-common directory if it doesn't exist
@ -256,28 +277,13 @@ jobs:
/usr/share/cloudstack-common/ipmitool -C3 $@
EOF
sudo chmod 755 /usr/bin/ipmitool
- name: Install Python dependencies
run: |
python3 -m pip install --user --upgrade urllib3 lxml paramiko nose texttable ipmisim pyopenssl pycryptodome mock flask netaddr pylint pycodestyle six astroid pynose
- name: Install jacoco dependencies
run: |
wget https://github.com/jacoco/jacoco/releases/download/v0.8.10/jacoco-0.8.10.zip
unzip jacoco-0.8.10.zip -d jacoco
- name: Env details
run: |
uname -a
whoami
javac -version
mvn -v
python3 --version
free -m
nproc
git status
ipmitool -V
- name: Setup MySQL Server
run: |
# https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2004-Readme.md#mysql
@ -286,25 +292,28 @@ jobs:
sudo mysql -uroot -proot -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY ''; FLUSH PRIVILEGES;"
sudo systemctl restart mysql
sudo mysql -uroot -e "SELECT VERSION();"
- name: Build with Maven
- name: Download artifacts
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: build-artifacts
path: /tmp/artifacts/
- name: Extract artifacts
run: |
mvn -B -P developer,systemvm -Dsimulator clean install -DskipTests=true -T$(nproc)
tar -xzf /tmp/artifacts/targets.tar.gz
mkdir -p ~/.m2/repository
tar -xzf /tmp/artifacts/m2-cloudstack.tar.gz -C ~/.m2/repository
- name: Setup Simulator Prerequisites
run: |
sudo python3 -m pip install --upgrade netaddr mysql-connector-python
python3 -m pip install --user --upgrade tools/marvin/dist/[mM]arvin-*.tar.gz
mvn -q -Pdeveloper -pl developer -Ddeploydb
mvn -q -Pdeveloper -pl developer -Ddeploydb-simulator
- name: Generate jacoco-coverage.sh
run: |
echo "java -jar jacoco/lib/jacococli.jar report jacoco-it.exec \\" > jacoco-report.sh
find . | grep "target/classes" | sed 's/\/classes\//\/classes /g' | awk '{print "--classfiles", $1, "\\"}' | sort |uniq >> jacoco-report.sh
find . | grep "src/main/java" | sed 's/\/java\//\/java /g' | awk '{print "--sourcefiles", $1, "\\"}' | sort | uniq >> jacoco-report.sh
echo "--xml jacoco-coverage.xml" >> jacoco-report.sh
- name: Start CloudStack Management Server with Simulator
run: |
export MAVEN_OPTS="-Xmx4096m -XX:MaxMetaspaceSize=800m -Djava.security.egd=file:/dev/urandom -javaagent:jacoco/lib/jacocoagent.jar=address=*,port=36320,output=tcpserver --add-opens=java.base/java.lang=ALL-UNNAMED --add-exports=java.base/sun.security.x509=ALL-UNNAMED --add-opens=java.base/jdk.internal.reflect=ALL-UNNAMED"
@ -315,7 +324,6 @@ jobs:
set -e
echo -e "\nStarting Advanced Zone DataCenter deployment"
python3 tools/marvin/marvin/deployDataCenter.py -i setup/dev/advdualzone.cfg 2>&1 || true
- name: Run Integration Tests with Simulator
run: |
mkdir -p integration-test-results/smoke/misc
@ -335,13 +343,12 @@ jobs:
bash jacoco-report.sh
mvn -Dsimulator -pl client jetty:stop 2>&1
find /tmp//MarvinLogs -type f -exec echo -e "Printing marvin logs {} :\n" \; -exec cat {} \;
- name: Integration Tests Result
run: |
echo -e "Simulator CI Test Results: (only failures listed)\n"
python3 ./tools/marvin/xunit-reader.py integration-test-results/
- uses: codecov/codecov-action@v6
- uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
with:
files: jacoco-coverage.xml
fail_ci_if_error: true

59
.github/workflows/codecov.yml vendored
View File

@ -1,59 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
name: Coverage Check
on: [pull_request, push]
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
build:
if: github.repository == 'apache/cloudstack'
name: codecov
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Set up JDK 17
uses: actions/setup-java@v5
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
- name: Build CloudStack with Quality Checks
run: |
git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss
cd nonoss && bash -x install-non-oss.sh && cd ..
mvn -P quality -Dsimulator -Dnoredist clean install -T$(nproc)
- uses: codecov/codecov-action@v6
with:
files: ./client/target/site/jacoco-aggregate/jacoco.xml
fail_ci_if_error: true
flags: unittests
verbose: true
name: codecov
token: ${{ secrets.CODECOV_TOKEN }}

10
.github/workflows/codeql-analysis.yml vendored
View File

@ -35,14 +35,16 @@ jobs:
language: ["actions"]
steps:
- name: Checkout repository
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
uses: github/codeql-action/init@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
with:
languages: ${{ matrix.language }}
- name: Autobuild
uses: github/codeql-action/autobuild@v4
uses: github/codeql-action/autobuild@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
uses: github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
with:
category: "Security"

10
.github/workflows/daily-repo-status.lock.yml generated vendored
View File

@ -102,7 +102,7 @@ jobs:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.
with:
persist-credentials:
persist-credentials: false
- name: Create gh-aw temp
run: bash /opt/gh-aw/actions/create_gh_aw_tmp_dir.
- name: Configure Git
@ -789,7 +789,7 @@ jobs:
destination: /opt/gh-aw/
- name: Download agent output
continue-on-error:
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v6.0.
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: agent-
path: /tmp/gh-aw/safeoutputs/
@ -886,13 +886,13 @@ jobs:
destination: /opt/gh-aw/
- name: Download agent
continue-on-error:
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v6.0.
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: agent-
path: /tmp/gh-aw/threat-detection/
- name: Download agent output
continue-on-error:
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v6.0.
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: agent-
path: /tmp/gh-aw/threat-detection/
@ -998,7 +998,7 @@ jobs:
destination: /opt/gh-aw/
- name: Download agent output
continue-on-error:
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v6.0.
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: agent-
path: /tmp/gh-aw/safeoutputs/

8
.github/workflows/docker-cloudstack-simulator.yml vendored
View File

@ -35,10 +35,10 @@ concurrency:
jobs:
build:
if: github.repository == 'apache/cloudstack'
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Login to Docker Registry
uses: docker/login-action@v4
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
with:
registry: ${{ secrets.DOCKER_REGISTRY }}
username: ${{ secrets.DOCKERHUB_USER }}
@ -47,7 +47,9 @@ jobs:
- name: Set Docker repository name
run: echo "DOCKER_REPOSITORY=apache" >> $GITHUB_ENV
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Set ACS version
run: echo "ACS_VERSION=$(grep '<version>' pom.xml | head -2 | tail -1 | cut -d'>' -f2 |cut -d'<' -f1)" >> $GITHUB_ENV

61
.github/workflows/main-sonar-check.yml vendored
View File

@ -15,54 +15,51 @@
# specific language governing permissions and limitations
# under the License.
name: Main Branch Sonar Quality Check
name: Sonar Quality Check (Main)
permissions:
contents: read
on:
push:
branches:
- main
permissions:
contents: read # to fetch code (actions/checkout)
pull-requests: write # for sonar to comment on pull-request
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
jobs:
build:
if: github.repository == 'apache/cloudstack'
name: Main Sonar JaCoCo Build
runs-on: ubuntu-22.04
name: Sonar JaCoCo Coverage
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0
- name: Set up JDK17
uses: actions/setup-java@v5
persist-credentials: false
- name: Setup Environment
uses: ./.github/actions/setup-env
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
install-python: 'true'
install-apt-deps: 'true'
- name: Cache SonarCloud packages
uses: actions/cache@v5
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache local Maven repository
uses: actions/cache@v5
with:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-${{ hashFiles('pom.xml', '*/pom.xml', '*/*/pom.xml', '*/*/*/pom.xml') }}
restore-keys: |
${{ runner.os }}-m2
- name: Run Tests with Coverage
- name: Install Non-OSS
uses: ./.github/actions/install-nonoss
- name: Run Build and Tests with Coverage
run: mvn -B -T$(nproc) -P developer,systemvm,quality -Dsimulator -Dnoredist clean install
- name: Upload to SonarQube
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss
cd nonoss && bash -x install-non-oss.sh && cd ..
mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack
run: mvn -B -P quality org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.branch.name=${{ github.ref_name }}
- uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
with:
files: ./client/target/site/jacoco-aggregate/jacoco.xml
fail_ci_if_error: true
flags: unittests
verbose: true
name: codecov
token: ${{ secrets.CODECOV_TOKEN }}

20
.github/workflows/merge-conflict-checker.yml vendored
View File

@ -29,14 +29,14 @@ concurrency:
jobs:
triage:
permissions:
pull-requests: write # for eps1lon/actions-label-merge-conflict to label PRs
runs-on: ubuntu-22.04
pull-requests: write # for eps1lon/actions-label-merge-conflict to label PRs
runs-on: ubuntu-24.04
steps:
- name: Conflict Check
uses: eps1lon/actions-label-merge-conflict@v3.0.3
with:
repoToken: "${{ secrets.GITHUB_TOKEN }}"
dirtyLabel: "status:has-conflicts"
removeOnDirtyLabel: "status:ready-for-review"
continueOnMissingPermissions: true
commentOnDirty: "This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch."
- name: Conflict Check
uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
with:
repoToken: "${{ secrets.GITHUB_TOKEN }}"
dirtyLabel: "status:has-conflicts"
removeOnDirtyLabel: "status:ready-for-review"
continueOnMissingPermissions: true
commentOnDirty: "This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch."

18
.github/workflows/pre-commit.yml vendored
View File

@ -29,17 +29,23 @@ concurrency:
jobs:
pre-commit:
name: Run pre-commit
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Check Out
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: '3.11'
cache: 'pip'
- name: Install
run: |
python -m pip install --upgrade pip
pip install pre-commit
run: pip install pre-commit
- name: Set PY
run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV
- uses: actions/cache@v5
- name: Cache pre-commit environments
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ~/.cache/pre-commit
key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }}

27
.github/workflows/rat.yml vendored
View File

@ -16,32 +16,27 @@
# under the License.
name: License Check
on: [push, pull_request]
on:
- push
- pull_request
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v6
- name: Set up JDK 17
uses: actions/setup-java@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
java-version: '17'
distribution: 'adopt'
architecture: x64
cache: maven
persist-credentials: false
- name: Setup Environment
uses: ./.github/actions/setup-env
- name: Install Non-OSS
uses: ./.github/actions/install-nonoss
- name: RAT licence checks
run: |
git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss && cd nonoss && bash -x install-non-oss.sh && cd ..
rm -fr nonoss
mvn -P developer,systemvm -Dsimulator -Dnoredist -pl . org.apache.rat:apache-rat-plugin:0.12:check
- name: Rat Report
if: always()

60
.github/workflows/sonar-check.yml vendored
View File

@ -16,58 +16,52 @@
# under the License.
name: Sonar Quality Check
on: [pull_request]
permissions:
contents: read # to fetch code (actions/checkout)
pull-requests: write # for sonar to comment on pull-request
contents: read
pull-requests: write
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
jobs:
build:
if: github.repository == 'apache/cloudstack' && github.event.pull_request.head.repo.full_name == github.repository
name: Sonar JaCoCo Coverage
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: "refs/pull/${{ github.event.number }}/merge"
fetch-depth: 0
- name: Set up JDK17
uses: actions/setup-java@v5
persist-credentials: false
- name: Setup Environment
uses: ./.github/actions/setup-env
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
install-python: 'true'
install-apt-deps: 'true'
- name: Cache SonarCloud packages
uses: actions/cache@v5
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache local Maven repository
uses: actions/cache@v5
with:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-${{ hashFiles('pom.xml', '*/pom.xml', '*/*/pom.xml', '*/*/*/pom.xml') }}
restore-keys: |
${{ runner.os }}-m2
- name: Install Non-OSS
uses: ./.github/actions/install-nonoss
- name: Run Build and Tests with Coverage
id: coverage
run: mvn -B -T$(nproc) -P developer,systemvm,quality -Dsimulator -Dnoredist clean install
- name: Upload to SonarQube
if: github.repository == 'apache/cloudstack' && github.event.pull_request.head.repo.full_name == github.repository
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
PR_ID: ${{ github.event.pull_request.number }}
HEADREF: ${{ github.event.pull_request.head.ref }}
run: |
git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss
cd nonoss && bash -x install-non-oss.sh && cd ..
mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true
mvn -B -P quality org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true
- uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
with:
files: ./client/target/site/jacoco-aggregate/jacoco.xml
fail_ci_if_error: true
flags: unittests
verbose: true
name: codecov
token: ${{ secrets.CODECOV_TOKEN }}

4
.github/workflows/stale.yml vendored
View File

@ -28,7 +28,7 @@ jobs:
issues: write
pull-requests: write
steps:
- uses: actions/stale@v10
- uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
with:
stale-issue-message: 'This issue is stale because it has been open for 120 days with no activity. It may be removed by administrators of this project at any time. Remove the stale label or comment to request for removal of it to prevent this.'
stale-pr-message: 'This PR is stale because it has been open for 120 days with no activity. It may be removed by administrators of this project at any time. Remove the stale label or comment to request for removal of it to prevent this.'
@ -41,7 +41,7 @@ jobs:
days-before-pr-close: 240
exempt-issue-labels: 'gsoc,good-first-issue,long-term-plan'
exempt-pr-labels: 'status:ready-for-merge,status:needs-testing,status:on-hold'
- uses: actions/stale@v10
- uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
with:
stale-issue-label: 'archive'
days-before-stale: 240

12
.github/workflows/ui.yml vendored
View File

@ -28,15 +28,19 @@ permissions:
jobs:
build:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@v6
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: 16
cache: 'npm'
cache-dependency-path: 'ui/package-lock.json'
- name: Env details
run: |
@ -55,7 +59,7 @@ jobs:
npm run lint
npm run test:unit
- uses: codecov/codecov-action@v6
- uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
if: github.repository == 'apache/cloudstack'
with:
working-directory: ui