Skip to content

Commit

Permalink
Update ci and dependabot config (#859)
Browse files Browse the repository at this point in the history
* update dependabot config

Signed-off-by: cpanato <[email protected]>

* apply best practices and update actions

Signed-off-by: cpanato <[email protected]>

---------

Signed-off-by: cpanato <[email protected]>
  • Loading branch information
cpanato authored Jul 10, 2024
1 parent 15c53d7 commit 31c5723
Show file tree
Hide file tree
Showing 12 changed files with 64 additions and 38 deletions.
17 changes: 16 additions & 1 deletion .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,19 @@ updates:
interval: "weekly"
labels:
- "kind/cleanup"
- "area/dependency"
- "area/dependency"
groups:
gomod:
update-types:
- "patch"

- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
groups:
actions:
update-types:
- "minor"
- "patch"
8 changes: 4 additions & 4 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,18 +25,18 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
with:
languages: ${{ matrix.language }}

# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11

# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
Expand All @@ -47,4 +47,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
8 changes: 5 additions & 3 deletions .github/workflows/dependabot_bundler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,15 @@ jobs:
contents: write
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: "${{ github.workspace }}/go.mod"
check-latest: true
cache: false
- name: Cache go-build and mod
uses: actions/cache@v2
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.cache/go-build/
Expand Down
17 changes: 10 additions & 7 deletions .github/workflows/deploy-docs.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,27 +11,30 @@ jobs:
if: github.event_name != 'push'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/setup-node@v1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: "16.x"
- uses: actions/setup-go@v3
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: "${{ github.workspace }}/go.mod"
check-latest: true
cache: false
- name: Build docs
run: make docs-build

release:
if: ${{ github.event_name != 'pull_request' && github.repository_owner == 'liquidmetal-dev' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/setup-node@v1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: "16.x"
- uses: actions/setup-go@v3
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: "${{ github.workspace }}/go.mod"
- uses: webfactory/ssh-agent@v0.5.0
- uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
with:
ssh-private-key: ${{ secrets.BOT_DEPLOY_KEY }}
- name: Release to GitHub Pages
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/fork.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
issues: write
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ssh-key: ${{ secrets.LIQUIDMETALBOT_TOKEN }}
fetch-depth: 0
Expand All @@ -28,7 +28,7 @@ jobs:
echo 'EOF' >> $GITHUB_ENV
- name: Create Issue
if: ${{ env.NEW_VERSION != '' }}
uses: imjohnbo/issue-bot@v3
uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd # v3
id: issue
with:
title: "Bump firecracker version to ${{ env.NEW_VERSION }}"
Expand Down Expand Up @@ -64,7 +64,7 @@ jobs:
labels: "area/firecracker, area/dependency, kind/feature, priority/critical-urgent"
- name: Notify slack on creation success
if: ${{ success() && env.NEW_VERSION != '' }}
uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a
uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1.1.0
with:
slack_token: ${{ secrets.SLACK_TOKEN }}
message: "There is a new version of Firecracker, complete the todo list here: <https://github.com/liquidmetal-dev/flintlock/issues/${{ steps.issue.outputs.issue-number }}|#${{ steps.issue.outputs.issue-number }}>."
Expand All @@ -77,7 +77,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Notify slack on failure
uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a
uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1.1.0
with:
slack_token: ${{ secrets.SLACK_TOKEN }}
message: "There is a new firecracker version, but the 'Bump Firecracker' issue failed :sad-parrot: <https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}|Click here>."
Expand Down
6 changes: 4 additions & 2 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,11 @@ jobs:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v3
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: '${{ github.workspace }}/go.mod'
check-latest: true
cache: false
- name: Lint
run: make lint
10 changes: 5 additions & 5 deletions .github/workflows/nightly_e2e.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,11 @@ jobs:
PROJECT_NAME: "flintlock_nightly_e2e"
name: e2e tests
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Get branch name
id: branch-name
uses: tj-actions/branch-names@v5
uses: tj-actions/branch-names@6871f53176ad61624f978536bbf089c574dc19a2 # v8.0.1

- name: Run tests
env:
Expand All @@ -34,7 +34,7 @@ jobs:
test/tools/run.py run-e2e -c e2e-config.yaml
- name: Notify slack on failure
uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a
uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1.1.0
if: ${{ failure() }}
with:
slack_token: ${{ secrets.SLACK_TOKEN }}
Expand All @@ -44,7 +44,7 @@ jobs:
verbose: false

- name: Notify slack on success
uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a
uses: actions-ecosystem/action-slack-notifier@fc778468d09c43a6f4d1b8cccaca59766656996a # v1.1.0
if: ${{ success() }}
with:
slack_token: ${{ secrets.SLACK_TOKEN }}
Expand All @@ -54,7 +54,7 @@ jobs:
verbose: false

- name: Cleanup project
uses: weaveworks/metal-janitor-action@27a0594c5c92d85585b553fc0c5ef2a3de7bec95
uses: weaveworks/metal-janitor-action@27a0594c5c92d85585b553fc0c5ef2a3de7bec95 # main
with:
metal_auth_token: ${{ secrets.METAL_AUTH_TOKEN }}
project_names: ${{ env.PROJECT_NAME }}
2 changes: 1 addition & 1 deletion .github/workflows/pr_size.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ jobs:
runs-on: ubuntu-latest
name: Label the PR size
steps:
- uses: codelytv/pr-size-labeler@v1
- uses: codelytv/pr-size-labeler@56f6f0fc35c7cc0f72963b8467729e1120cb4bed # v1.10.0
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
xs_max_size: '50'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr_type.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
name: Check for PR kind
runs-on: ubuntu-latest
steps:
- uses: docker://agilepathway/pull-request-label-checker:latest
- uses: docker://index.docker.io/agilepathway/pull-request-label-checker:latest@sha256:50540ac95f572ef27f2181130edd273f9ed75304f602fb43a8dd7e8ebf65fcca # latest
with:
one_of: kind/bug,kind/documentation,kind/feature,kind/regression,kind/refactor,kind/cleanup,kind/chore
repo_token: ${{ secrets.GITHUB_TOKEN }}
14 changes: 8 additions & 6 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,17 +27,19 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: '${{ github.workspace }}/go.mod'
check-latest: true
cache: false
- name: Build binaries
run: make build-release
- name: Store flintlock binaries
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: flintlock-binaries
path: bin/*
Expand All @@ -49,16 +51,16 @@ jobs:
contents: write
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Download flintlock binaries
uses: actions/download-artifact@v2
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: flintlock-binaries
path: bin
- name: Release
uses: softprops/action-gh-release@v1
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
with:
prerelease: false
draft: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/stale.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
pull-requests: write

steps:
- uses: actions/stale@v9
- uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
days-before-issue-stale: 180
Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,13 @@ jobs:
name: test
runs-on: ubuntu-latest
steps:
- uses: yitsushi/[email protected]
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
- uses: yitsushi/devmapper-containerd-action@628cd44c88379567d478f3638a2251d4c373a0e8 # v1.0.1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: '${{ github.workspace }}/go.mod'
check-latest: true
cache: false
- name: Build
run: make build
- name: Build e2e
Expand Down

0 comments on commit 31c5723

Please sign in to comment.