Skip to content

Commit

Permalink
Merge branch 'main' into release/v2.1.0-RC2
Browse files Browse the repository at this point in the history
  • Loading branch information
@evegufy
evegufy committed Jul 17, 2024
2 parents f15072f + 8c6da7a commit 67a9368
Show file tree
Hide file tree
Showing 100 changed files with 762 additions and 939 deletions.
43 changes: 19 additions & 24 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,49 +21,44 @@
version: 2
updates:
# NPM
-
package-ecosystem: "npm"
target-branch: dev
- package-ecosystem: 'npm'
directory: /
labels:
- "dependabot"
- "dependencies"
- 'dependabot'
- 'dependencies'
schedule:
interval: "weekly"
interval: 'weekly'
# restrict to patch updates (due to the big amount of dependencies)
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-major", "version-update:semver-minor"]
- dependency-name: '*'
update-types:
['version-update:semver-major', 'version-update:semver-minor']
groups:
production-dependencies:
dependency-type: "production"
dependency-type: 'production'
development-dependencies:
dependency-type: "development"
dependency-type: 'development'

# Github Actions
-
package-ecosystem: "github-actions"
target-branch: dev
- package-ecosystem: 'github-actions'
directory: /
labels:
- "dependabot"
- "github-actions"
- 'dependabot'
- 'github-actions'
schedule:
interval: "weekly"
interval: 'weekly'
groups:
dependencies:
dependency-type: "production"
dependency-type: 'production'

# Docker
-
package-ecosystem: "docker"
target-branch: dev
- package-ecosystem: 'docker'
directory: ./.conf/
labels:
- "dependabot"
- "docker"
- 'dependabot'
- 'docker'
schedule:
interval: "weekly"
interval: 'weekly'
groups:
dependencies:
dependency-type: "production"
dependency-type: 'production'
27 changes: 15 additions & 12 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,16 +24,16 @@ name: build
on:
push:
branches:
- 'dev'
- 'main'
workflow_dispatch:

env:
IMAGE_NAMESPACE: "tractusx"
IMAGE_NAME: "portal-frontend"
IMAGE_NAMESPACE: 'tractusx'
IMAGE_NAME: 'portal-frontend'
# variables needed for scripts/legal-notice.sh
SERVER_URL: "${{ github.server_url }}"
REPOSITORY: "${{ github.repository }}"
REF_NAME: "${{ github.ref_name }}"
SERVER_URL: '${{ github.server_url }}'
REPOSITORY: '${{ github.repository }}'
REF_NAME: '${{ github.ref_name }}'

jobs:
build-and-push-image:
Expand All @@ -43,7 +43,7 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Setup Node
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
Expand All @@ -54,6 +54,9 @@ jobs:
- name: Install Dependencies
run: yarn

- name: Prettier Checks
run: yarn pretty:check

- name: Linter Checks
run: yarn lint

Expand All @@ -67,7 +70,7 @@ jobs:
run: yarn test:ci

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0

- name: Login to DockerHub
if: github.event_name != 'pull_request'
Expand All @@ -82,11 +85,11 @@ jobs:
with:
images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=dev
type=raw,value=main
type=raw,value=${{ github.sha }}
- name: Build and push Docker image
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0
with:
context: .
file: .conf/Dockerfile.prebuilt
Expand All @@ -103,7 +106,7 @@ jobs:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
readme-filepath: ".conf/docker-notice-portal.md"
readme-filepath: '.conf/docker-notice-portal.md'

auth-and-dispatch:
needs: build-and-push-image
Expand All @@ -127,5 +130,5 @@ jobs:
--url https://api.github.com/repos/eclipse-tractusx/portal/actions/workflows/portal-image-update.yml/dispatches \
--header "authorization: Bearer $TOKEN" \
--header "Accept: application/vnd.github.v3+json" \
--data '{"ref":"dev", "inputs": { "new-image":"${{ github.sha }}" }}' \
--data '{"ref":"main", "inputs": { "new-image":"${{ github.sha }}" }}' \
--fail
9 changes: 6 additions & 3 deletions .github/workflows/checks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,18 +31,21 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Setup Node
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
node-version: 20
registry-url: https://registry.npmjs.org/

- name: Install Dependencies
run: yarn

- name: linter checks
- name: Prettier Checks
run: yarn pretty:check

- name: Linter checks
run: yarn lint

- name: Unit Tests
Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/codeql.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
# supported CodeQL languages.
#

name: "CodeQL"
name: 'CodeQL'

on:
push:
Expand All @@ -42,7 +42,7 @@ on:
- 'src/**'
- 'public/**'
schedule:
- cron: "0 0 * * *"
- cron: '0 0 * * *'
workflow_dispatch:

jobs:
Expand All @@ -63,19 +63,19 @@ jobs:
strategy:
fail-fast: false
matrix:
language: ["javascript"]
language: ['javascript']
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ]
# Use only 'java' to analyze code written in Java, Kotlin or both
# Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

steps:
- name: Checkout repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@9fdb3e49720b44c48891d036bb502feb25684276 # v2.227
uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v2.227
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -89,7 +89,7 @@ jobs:
# Automates dependency installation for Python, Ruby, and JavaScript, optimizing the CodeQL analysis setup.
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@9fdb3e49720b44c48891d036bb502feb25684276 # v2.227
uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v2.227

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -102,6 +102,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@9fdb3e49720b44c48891d036bb502feb25684276 # v2.227
uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v2.227
with:
category: "/language:${{matrix.language}}"
category: '/language:${{matrix.language}}'
8 changes: 3 additions & 5 deletions .github/workflows/dependencies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,26 +21,24 @@ name: Check Dependencies

on:
push:
branches: [main, dev]
branches: [main]
pull_request:
types: [opened, synchronize, reopened]
workflow_dispatch:

jobs:
check-dependencies:

runs-on: ubuntu-latest

steps:

- name: Set up JDK 17
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
with:
distribution: 'temurin'
java-version: '17'

- name: Checkout repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Generate Dependencies file
run: java -jar ./scripts/download/org.eclipse.dash.licenses-1.1.1.jar yarn.lock -project automotive.tractusx -summary DEPENDENCIES || true
Expand All @@ -67,7 +65,7 @@ jobs:
if: steps.dependencies-changed.outputs.changed == 'true'

- name: Upload DEPENDENCIES file
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
path: DEPENDENCIES
if: steps.dependencies-changed.outputs.changed == 'true'
Expand Down
17 changes: 8 additions & 9 deletions .github/workflows/kics.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,19 @@
# SPDX-License-Identifier: Apache-2.0
###############################################################

name: "KICS"
name: 'KICS'

on:
push:
branches: [main, dev]
branches: [main]
# pull_request:
# The branches below must be a subset of the branches above
# branches: [main, master]
# paths-ignore:
# - "**/*.md"
# - "**/*.txt"
schedule:
- cron: "0 0 * * *"
- cron: '0 0 * * *'
workflow_dispatch:

jobs:
Expand All @@ -42,13 +42,13 @@ jobs:
security-events: write

steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: KICS scan
uses: checkmarx/kics-github-action@d1b692d84c536f4e8696954ce7aab6818f95f5bc # v2.0.0
uses: checkmarx/kics-github-action@252e73959bd4809a14863cbfbb42d7a90d5a4860 # v2.1.1
with:
# Scanning directory .
path: "."
path: '.'
# Fail on HIGH severity results
fail_on: high
# when provided with a directory on output_path
Expand All @@ -57,7 +57,7 @@ jobs:
# - results-dir/results.json
# - results-dir/results.sarif
output_path: kicsResults/
output_formats: "json,sarif"
output_formats: 'json,sarif'
# If you want KICS to ignore the results and return exit status code 0 unless a KICS engine error happens
# ignore_on_exit: results
# GITHUB_TOKEN enables this github action to access github API and post comments in a pull request
Expand All @@ -67,7 +67,6 @@ jobs:
# Upload findings to GitHub Advanced Security Dashboard
- name: Upload SARIF file for GitHub Advanced Security Dashboard
if: always()
uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
with:
sarif_file: kicsResults/results.sarif

8 changes: 4 additions & 4 deletions .github/workflows/pullRequest-lint.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
# SPDX-License-Identifier: Apache-2.0
# #############################################################################

name: "Lint PullRequest"
name: 'Lint PullRequest'

on:
pull_request_target:
Expand All @@ -31,7 +31,7 @@ jobs:
name: Validate PR title
runs-on: ubuntu-latest
steps:
- uses: amannn/action-semantic-pull-request@cfb60706e18bc85e8aec535e3c577abe8f70378e # v5.5.2
- uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3
id: lint_pr_title
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -44,11 +44,11 @@ jobs:
header: pr-title-lint-error
message: |
Hey there and thank you for opening this pull request! 👋🏼
We require pull request titles to follow the [Conventional Commits specification](https://www.conventionalcommits.org/en/v1.0.0/) and it looks like your proposed title needs to be adjusted.
Details:
```
${{ steps.lint_pr_title.outputs.error_message }}
```
Expand Down
Loading

0 comments on commit 67a9368

Please sign in to comment.