From eabd86d1b7dcb0d59ca43d2b591ffd7ac2751837 Mon Sep 17 00:00:00 2001 From: JohT <7671054+JohT@users.noreply.github.com> Date: Sun, 19 Jan 2025 20:38:15 +0100 Subject: [PATCH 1/2] Use public reuseable graph analysis workflow --- .github/workflows/java-code-analysis.yml | 6 ++++-- .github/workflows/typescript-code-analysis.yml | 4 +++- renovate.json | 17 ++++++++++++++--- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/.github/workflows/java-code-analysis.yml b/.github/workflows/java-code-analysis.yml index bf1126b7..64097c9f 100644 --- a/.github/workflows/java-code-analysis.yml +++ b/.github/workflows/java-code-analysis.yml @@ -98,6 +98,7 @@ jobs: with: name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }} path: ./source + include-hidden-files: true if-no-files-found: error retention-days: 1 @@ -113,11 +114,12 @@ jobs: analyze-code-graph: needs: [prepare-code-to-analyze] - uses: ./.github/workflows/analyze-code-graph.yml + uses: JohT/code-graph-analysis-pipeline/.github/workflows/public-analyze-code-graph.yml@7f43cf96d676f715cf278b020ce1dbb3338f900b # v2 with: analysis-name: ${{ needs.prepare-code-to-analyze.outputs.analysis-name }} artifacts-upload-name: ${{ needs.prepare-code-to-analyze.outputs.artifacts-upload-name }} sources-upload-name: ${{ needs.prepare-code-to-analyze.outputs.sources-upload-name }} + ref: 7f43cf96d676f715cf278b020ce1dbb3338f900b analysis-results: @@ -134,7 +136,7 @@ jobs: with: token: ${{ secrets.WORKFLOW_GIT_ACCESS_TOKEN }} - - name: (Code Analysis Setup) Download source code and artifacts for analysis + - name: Download source code and artifacts for analysis uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 with: name: ${{ needs.analyze-code-graph.outputs.uploaded-analysis-results }} diff --git a/.github/workflows/typescript-code-analysis.yml b/.github/workflows/typescript-code-analysis.yml index a0db1128..95b7aa99 100644 --- a/.github/workflows/typescript-code-analysis.yml +++ b/.github/workflows/typescript-code-analysis.yml @@ -79,16 +79,18 @@ jobs: with: name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }} path: . + include-hidden-files: true if-no-files-found: error retention-days: 1 analyze-code-graph: needs: [prepare-code-to-analyze] - uses: ./.github/workflows/analyze-code-graph.yml + uses: JohT/code-graph-analysis-pipeline/.github/workflows/public-analyze-code-graph.yml@7f43cf96d676f715cf278b020ce1dbb3338f900b # v2 with: analysis-name: ${{ needs.prepare-code-to-analyze.outputs.analysis-name }} sources-upload-name: ${{ needs.prepare-code-to-analyze.outputs.sources-upload-name }} + ref: 7f43cf96d676f715cf278b020ce1dbb3338f900b analysis-results: diff --git a/renovate.json b/renovate.json index 2e24838a..2361577a 100644 --- a/renovate.json +++ b/renovate.json @@ -11,6 +11,18 @@ ], "ignoreUnstable": false, "packageRules": [ + { + "description": "Code Graph Analysis Pipeline Workflow", + "groupName": [ + "Code Graph Analysis Pipeline Workflow" + ], + "matchSourceUrls": [ + "https://github.com/JohT/code-graph-analysis-pipeline" + ], + "matchUpdateTypes": [ + "digest" + ] + } ], "customManagers": [ { @@ -95,7 +107,7 @@ "extractVersionTemplate": "^(?\\d+).*$" }, { - "description": "Update code-graph-analysis-pipeline repository commit hash", + "description": "Update code-graph-analysis-pipeline ref parameter", "customType": "regex", "fileMatch": [ "(^|/)(workflow-templates|\\.(?:github|gitea|forgejo)/(?:workflows|actions))/.+\\.ya?ml$", @@ -103,8 +115,7 @@ ], "matchStringsStrategy": "combination", "matchStrings": [ - "uses: actions/checkout@v*\\s", - "repository:\\s*JohT/code-graph-analysis-pipeline\\s", + "uses: JohT/code-graph-analysis-pipeline/.github/workflows/public-analyze-code-graph.yml*\\s*", "ref:\\s*(?.*?)\\s" ], "packageNameTemplate": "https://github.com/JohT/code-graph-analysis-pipeline", From 510fe453620ccff9f8d6f16d270f152569fe77e5 Mon Sep 17 00:00:00 2001 From: JohT <7671054+JohT@users.noreply.github.com> Date: Mon, 20 Jan 2025 20:39:18 +0100 Subject: [PATCH 2/2] Share and integrate workflow to commit analysis results --- .github/workflows/internal-commit-results.yml | 72 +++++++++++++++++++ .github/workflows/java-code-analysis.yml | 68 +++++------------- .../workflows/typescript-code-analysis.yml | 59 ++++----------- 3 files changed, 104 insertions(+), 95 deletions(-) create mode 100644 .github/workflows/internal-commit-results.yml diff --git a/.github/workflows/internal-commit-results.yml b/.github/workflows/internal-commit-results.yml new file mode 100644 index 00000000..8774ad3a --- /dev/null +++ b/.github/workflows/internal-commit-results.yml @@ -0,0 +1,72 @@ +name: Commit Results + +on: + workflow_call: + inputs: + commit-author-name: + description: "The display name of the commit author" + required: false + type: string + default: '${{ github.event.repository.name }} Continuous Integration' + commit-author-email: + description: "The email address of the commit author" + required: true + type: string + commit-message: + description: "The commit message" + required: false + type: string + default: "ci: Add automated results" + commit-directory: + description: "The directory to commit" + required: true + type: string + uploaded-artifact-name: + description: "The name of the uploaded artifact" + required: true + type: string + secrets: + repository-commit-token: + description: "The token to use for committing to the repository" + required: true + +jobs: + commit-results: + runs-on: ubuntu-latest + + steps: + - name: Checkout GIT Repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + token: ${{ secrets.repository-commit-token }} + + - name: Download artifacts to commit + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 + with: + name: ${{ inputs.uploaded-artifact-name }} + path: ${{ inputs.commit-directory }} + + - name: Display environment variable "github.event_name" + run: echo "github.event_name=${{ github.event_name }}" + + - name: Prepare commit of changes in `${{ inputs.commit-directory }}` + run: | + git config --global user.name '${{ inputs.commit-author-name }}' + git config --global user.email '${{ inputs.commit-author-email }}' + git config --local http.postBuffer 524288000 + git fetch origin + git status + git add ${{ inputs.commit-directory }} + git status + + - name: Commit and push changes in `${{ inputs.commit-directory }}` + # Only run when a pull request gets merged or a commit is pushed to the main branch + if: github.event_name == 'push' + run: | + git commit --message "${{ inputs.commit-message }}" + git status + git rebase --strategy-option=theirs origin/main --verbose + git status + git add ${{ inputs.commit-directory }} + git status + git push --verbose diff --git a/.github/workflows/java-code-analysis.yml b/.github/workflows/java-code-analysis.yml index 64097c9f..590551a9 100644 --- a/.github/workflows/java-code-analysis.yml +++ b/.github/workflows/java-code-analysis.yml @@ -38,18 +38,19 @@ on: jobs: prepare-code-to-analyze: + name: Prepare Code to Analyze runs-on: ubuntu-latest - outputs: - analysis-name: ${{ steps.set-analysis-name.outputs.analysis-name }} - sources-upload-name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }} - artifacts-upload-name: ${{ steps.set-artifacts-upload-name.outputs.artifacts-upload-name }} - env: PROJECT_NAME: AxonFramework # Version variable names matches renovate.json configuration entry AXON_FRAMEWORK_VERSION: 4.10.3 # Java is in this example only used to download JARs for analysis using Maven JAVA_VERSION: 21 + outputs: + project-name: ${{ env.PROJECT_NAME }} + analysis-name: ${{ steps.set-analysis-name.outputs.analysis-name }} + sources-upload-name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }} + artifacts-upload-name: ${{ steps.set-artifacts-upload-name.outputs.artifacts-upload-name }} steps: - name: (Prepare Code to Analyze) Checkout AxonFramework repository @@ -113,6 +114,7 @@ jobs: analyze-code-graph: + name: Analyze Code Graph needs: [prepare-code-to-analyze] uses: JohT/code-graph-analysis-pipeline/.github/workflows/public-analyze-code-graph.yml@7f43cf96d676f715cf278b020ce1dbb3338f900b # v2 with: @@ -122,49 +124,15 @@ jobs: ref: 7f43cf96d676f715cf278b020ce1dbb3338f900b - analysis-results: + commit-analysis-results: + name: Commit Analysis Results needs: [prepare-code-to-analyze, analyze-code-graph] - runs-on: ubuntu-latest - - env: - CI_COMMIT_MESSAGE: Automated code structure analysis analysis-results (CI) - CI_COMMIT_AUTHOR: ${{ github.event.repository.name }} Continuous Integration - - steps: - - name: Checkout GIT Repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - with: - token: ${{ secrets.WORKFLOW_GIT_ACCESS_TOKEN }} - - - name: Download source code and artifacts for analysis - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 - with: - name: ${{ needs.analyze-code-graph.outputs.uploaded-analysis-results }} - path: analysis-results/${{ needs.prepare-code-to-analyze.outputs.analysis-name }} - - # Commit and push the native image agent analysis-results - - name: Display environment variable "github.event_name" - run: echo "github.event_name=${{ github.event_name }}" - - name: Display changes in the "analysis-results" directory and prepare commit - # Only run when a pull request gets merged or a commit is pushed to the main branch - # git add parameters need to match paths-ignore parameters above - # Git pull before add/commit/push to reduce race conditions on parallel builds - run: | - git config --global user.name '${{ env.CI_COMMIT_AUTHOR }}' - git config --global user.email "7671054+JohT@users.noreply.github.com" - git config --local http.postBuffer 524288000 - git fetch origin - git status - git add analysis-results - git status - - name: Commit and push changes in the "analysis-results" directory - # Only run when a pull request gets merged or a commit is pushed to the main branch - # git add parameters need to match paths-ignore parameters above - # Git pull before add/commit/push to reduce race conditions on parallel builds - if: github.event_name == 'push' - run: | - git commit -m "${{ env.CI_COMMIT_MESSAGE }}" - git status - git rebase --strategy-option=theirs origin/main --verbose - git status - git push --verbose + uses: ./.github/workflows/internal-commit-results.yml + with: + commit-author-name: "${{ github.event.repository.name }} Continuous Integration" + commit-author-email: "7671054+JohT@users.noreply.github.com" + commit-message: "Automated code structure analysis results (CI)" + commit-directory: "analysis-results/${{ needs.prepare-code-to-analyze.outputs.project-name }}/${{ needs.prepare-code-to-analyze.outputs.analysis-name }}" + uploaded-artifact-name: ${{ needs.analyze-code-graph.outputs.uploaded-analysis-results }} + secrets: + repository-commit-token: ${{ secrets.WORKFLOW_GIT_ACCESS_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/typescript-code-analysis.yml b/.github/workflows/typescript-code-analysis.yml index 95b7aa99..d55f10b6 100644 --- a/.github/workflows/typescript-code-analysis.yml +++ b/.github/workflows/typescript-code-analysis.yml @@ -38,8 +38,10 @@ on: jobs: prepare-code-to-analyze: + name: Prepare Code to Analyze runs-on: ubuntu-latest outputs: + project-name: ${{ env.PROJECT_NAME }} analysis-name: ${{ steps.set-analysis-name.outputs.analysis-name }} sources-upload-name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }} @@ -85,6 +87,7 @@ jobs: analyze-code-graph: + name: Analyze Code Graph needs: [prepare-code-to-analyze] uses: JohT/code-graph-analysis-pipeline/.github/workflows/public-analyze-code-graph.yml@7f43cf96d676f715cf278b020ce1dbb3338f900b # v2 with: @@ -93,49 +96,15 @@ jobs: ref: 7f43cf96d676f715cf278b020ce1dbb3338f900b - analysis-results: + commit-analysis-results: + name: Commit Analysis Results needs: [prepare-code-to-analyze, analyze-code-graph] - runs-on: ubuntu-latest - - env: - CI_COMMIT_MESSAGE: Automated code structure analysis analysis-results (CI) - CI_COMMIT_AUTHOR: ${{ github.event.repository.name }} Continuous Integration - - steps: - - name: Checkout GIT Repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - with: - token: ${{ secrets.WORKFLOW_GIT_ACCESS_TOKEN }} - - - name: (Code Analysis Setup) Download source code and artifacts for analysis - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 - with: - name: ${{ needs.analyze-code-graph.outputs.uploaded-analysis-results }} - path: analysis-results/${{ needs.prepare-code-to-analyze.outputs.analysis-name }} - - # Commit and push the native image agent analysis-results - - name: Display environment variable "github.event_name" - run: echo "github.event_name=${{ github.event_name }}" - - name: Display changes in the "analysis-results" directory and prepare commit - # Only run when a pull request gets merged or a commit is pushed to the main branch - # git add parameters need to match paths-ignore parameters above - # Git pull before add/commit/push to reduce race conditions on parallel builds - run: | - git config --global user.name '${{ env.CI_COMMIT_AUTHOR }}' - git config --global user.email "7671054+JohT@users.noreply.github.com" - git config --local http.postBuffer 524288000 - git fetch origin - git status - git add analysis-results - git status - - name: Commit and push changes in the "analysis-results" directory - # Only run when a pull request gets merged or a commit is pushed to the main branch - # git add parameters need to match paths-ignore parameters above - # Git pull before add/commit/push to reduce race conditions on parallel builds - if: github.event_name == 'push' - run: | - git commit -m "${{ env.CI_COMMIT_MESSAGE }}" - git status - git rebase --strategy-option=theirs origin/main --verbose - git status - git push --verbose + uses: ./.github/workflows/internal-commit-results.yml + with: + commit-author-name: "${{ github.event.repository.name }} Continuous Integration" + commit-author-email: "7671054+JohT@users.noreply.github.com" + commit-message: "Automated code structure analysis results (CI)" + commit-directory: "analysis-results/${{ needs.prepare-code-to-analyze.outputs.project-name }}/${{ needs.prepare-code-to-analyze.outputs.analysis-name }}" + uploaded-artifact-name: ${{ needs.analyze-code-graph.outputs.uploaded-analysis-results }} + secrets: + repository-commit-token: ${{ secrets.WORKFLOW_GIT_ACCESS_TOKEN }} \ No newline at end of file