From aeb186e27ed94fc41fe7c110f325a30b11c83226 Mon Sep 17 00:00:00 2001 From: Kevin Duret Date: Mon, 20 Jan 2025 16:04:41 +0100 Subject: [PATCH 1/3] enh(ci): avoid to rerun veracode analyse on pr if it has already succeeded (#2024) --- .github/workflows/centreon-collect.yml | 2 +- .github/workflows/gorgone-analysis.yml | 75 +++++++++++++++++++++++ .github/workflows/gorgone.yml | 22 ------- .github/workflows/veracode-analysis.yml | 80 +++---------------------- 4 files changed, 85 insertions(+), 94 deletions(-) create mode 100644 .github/workflows/gorgone-analysis.yml diff --git a/.github/workflows/centreon-collect.yml b/.github/workflows/centreon-collect.yml index e046718ae67..38d5e849859 100644 --- a/.github/workflows/centreon-collect.yml +++ b/.github/workflows/centreon-collect.yml @@ -65,7 +65,7 @@ jobs: uses: ./.github/workflows/get-environment.yml with: version_file: CMakeLists.txt - nightly_manual_trigger: ${{ inputs.nightly_manual_trigger }} + nightly_manual_trigger: ${{ inputs.nightly_manual_trigger || false }} unit-test: needs: [get-environment] diff --git a/.github/workflows/gorgone-analysis.yml b/.github/workflows/gorgone-analysis.yml new file mode 100644 index 00000000000..70533807e7e --- /dev/null +++ b/.github/workflows/gorgone-analysis.yml @@ -0,0 +1,75 @@ +name: gorgone-analysis + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +on: + workflow_dispatch: + inputs: + unit_tests: + description: 'Execute the unit tests' + required: true + default: true + type: boolean + pull_request: + types: + - opened + - synchronize + - reopened + - ready_for_review + paths: + - ".version" + - ".version.centreon-gorgone" + - ".github/workflows/gorgone.yml" + - "gorgone/**" + - "perl-libs/**" + - "!gorgone/tests/**" + - "!gorgone/veracode.json" + - "!gorgone/.veracode-exclusions" + push: + branches: + - develop + - dev-[2-9][0-9].[0-9][0-9].x + - master + - "[2-9][0-9].[0-9][0-9].x" + paths: + - ".version" + - ".version.centreon-gorgone" + - ".github/workflows/gorgone.yml" + - "gorgone/**" + - "perl-libs/**" + - "!gorgone/tests/**" + - "!gorgone/veracode.json" + - "!gorgone/.veracode-exclusions" + +env: + base_directory: gorgone + +jobs: + get-environment: + uses: ./.github/workflows/get-environment.yml + with: + version_file: .version.centreon-gorgone + + veracode-analysis: + needs: [get-environment] + if: | + needs.get-environment.outputs.skip_workflow == 'false' && + needs.get-environment.outputs.is_targeting_feature_branch != 'true' && + github.event.pull_request.draft != 'true' + uses: ./.github/workflows/veracode-analysis.yml + with: + module_directory: gorgone + module_name: centreon-gorgone + major_version: ${{ needs.get-environment.outputs.major_version }} + minor_version: ${{ needs.get-environment.outputs.minor_version }} + secrets: + veracode_api_id: ${{ secrets.VERACODE_API_ID_GORG }} + veracode_api_key: ${{ secrets.VERACODE_API_KEY_GORG }} + veracode_srcclr_token: ${{ secrets.VERACODE_SRCCLR_TOKEN }} + + set-skip-label: + needs: [get-environment, veracode-analysis] + if: needs.get-environment.outputs.skip_workflow == 'false' + uses: ./.github/workflows/set-pull-request-skip-label.yml diff --git a/.github/workflows/gorgone.yml b/.github/workflows/gorgone.yml index 4640c4b3e96..7582cda5c33 100644 --- a/.github/workflows/gorgone.yml +++ b/.github/workflows/gorgone.yml @@ -7,11 +7,6 @@ concurrency: on: workflow_dispatch: pull_request: - types: - - opened - - synchronize - - reopened - - ready_for_review paths: - "gorgone/**" - "!gorgone/tests/**" @@ -38,23 +33,6 @@ jobs: with: version_file: gorgone/.version - veracode-analysis: - needs: [get-environment] - if: ${{ needs.get-environment.outputs.is_targeting_feature_branch != 'true' && github.event.pull_request.draft != 'true' }} - uses: ./.github/workflows/veracode-analysis.yml - with: - module_directory: gorgone - module_name: centreon-gorgone - major_version: ${{ needs.get-environment.outputs.major_version }} - minor_version: ${{ needs.get-environment.outputs.minor_version }} - img_version: ${{ needs.get-environment.outputs.img_version }} - secrets: - veracode_api_id: ${{ secrets.VERACODE_API_ID_GORG }} - veracode_api_key: ${{ secrets.VERACODE_API_KEY_GORG }} - veracode_srcclr_token: ${{ secrets.VERACODE_SRCCLR_TOKEN }} - docker_registry_id: ${{ secrets.HARBOR_CENTREON_PULL_USERNAME }} - docker_registry_passwd: ${{ secrets.HARBOR_CENTREON_PULL_TOKEN }} - package: needs: [get-environment] if: | diff --git a/.github/workflows/veracode-analysis.yml b/.github/workflows/veracode-analysis.yml index d90359e4b14..d196b5d929a 100644 --- a/.github/workflows/veracode-analysis.yml +++ b/.github/workflows/veracode-analysis.yml @@ -14,9 +14,6 @@ on: minor_version: required: true type: string - img_version: - required: true - type: string secrets: veracode_api_id: required: true @@ -24,10 +21,6 @@ on: required: true veracode_srcclr_token: required: true - docker_registry_id: - required: true - docker_registry_passwd: - required: true jobs: routing: @@ -62,60 +55,13 @@ jobs: build: name: Binary preparation - runs-on: [self-hosted, collect] + runs-on: [self-hosted, common] needs: [routing] if: needs.routing.outputs.skip_analysis == 'false' - container: - image: ${{ vars.DOCKER_INTERNAL_REGISTRY_URL }}/centreon-collect-alma9:${{ inputs.img_version }} - credentials: - username: ${{ secrets.docker_registry_id }} - password: ${{ secrets.docker_registry_passwd }} steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - if: ${{ inputs.module_name == 'centreon-collect' }} - name: Compiling Cpp sources - run: | - rm -rf build - mkdir build - cd build - - sudo pip3 install conan==1.57.0 --prefix=/usr --upgrade - sudo conan install .. -s compiler.cppstd=17 -s compiler.libcxx=libstdc++11 --build=missing - - sudo cmake \ - -G "Ninja" \ - -DCMAKE_CXX_FLAGS="-gdwarf-2 -g3 -O0 -fno-builtin" \ - -DWITH_TESTING=OFF \ - -DWITH_BENCH=OFF \ - -DWITH_MODULE_SIMU=OFF \ - -DCMAKE_INSTALL_PREFIX=/usr \ - -DWITH_STARTUP_SCRIPT=systemd \ - -DWITH_ENGINE_LOGROTATE_SCRIPT=ON \ - -DWITH_USER_BROKER=centreon-broker \ - -DWITH_GROUP_BROKER=centreon-broker \ - -DWITH_USER_ENGINE=centreon-engine \ - -DWITH_GROUP_ENGINE=centreon-engine \ - -DWITH_VAR_DIR=/var/log/centreon-engine \ - -DWITH_DAEMONS=ON \ - -DWITH_CREATE_FILES=OFF \ - -DWITH_CONFIG_FILES=ON \ - .. - - sudo ninja - - echo "[DEBUG] - Find compiled files" - find ./ -name "*.so" - echo "[DEBUG] - Build size" - du -sh ./lib/*.so | sort -rh - - - if: ${{ inputs.module_name == 'centreon-collect' }} - name: Preserve centreon-collect binaries from cleaning - run: | - echo "[INFO] - Keeping only compiled files" - find build -type f -not \( -name "*.so" -or -name "cbd" -or -name "centengine" -or -name "cbwd" -or -name "centreon_connector_*" \) -delete - - name: Binary preparation of ${{ inputs.module_name }} run: | if [ -n "${{ inputs.module_directory }}" ]; then @@ -141,25 +87,17 @@ jobs: echo "::warning::No '.veracode-exclusions' file found for this module. Skipping exclusion step" fi - if [ "${{ inputs.module_name }}" = "centreon-collect" ]; then - echo "[INFO] - Keeping only build's non empty folders" - find build -empty -type d -delete - ls -la build - echo "[INFO] - Generating the tarball" - tar cvzf "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.tar.gz" build - else - echo "[INFO] - Generating the zip" - zip -rq "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" * - if [ -n "${{ inputs.module_directory }}" ]; then - cd - - mv ${{ inputs.module_directory }}/${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip . - fi + echo "[INFO] - Generating the zip" + zip -rq "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" * + if [ -n "${{ inputs.module_directory }}" ]; then + cd - + mv ${{ inputs.module_directory }}/${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip . fi - name: Cache uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: - path: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.${{ inputs.module_name == 'centreon-collect' && 'tar.gz' || 'zip' }}" + path: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" key: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary" policy-scan: @@ -189,7 +127,7 @@ jobs: - name: Get build binary uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: - path: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.${{ inputs.module_name == 'centreon-collect' && 'tar.gz' || 'zip' }}" + path: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" key: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary" - name: Sandbox scan @@ -198,7 +136,7 @@ jobs: with: appname: "${{ inputs.module_name }}" version: "${{ inputs.major_version }}.${{ inputs.minor_version }}_runId-${{ github.run_id }}_attempt-${{ github.run_attempt }}" - filepath: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.${{ inputs.module_name == 'centreon-collect' && 'tar.gz' || 'zip' }}" + filepath: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" vid: "vera01ei-${{ secrets.veracode_api_id }}" vkey: "vera01es-${{ secrets.veracode_api_key }}" createprofile: true From b0544532e9c2a0bf09093dd745cde6b83e55322b Mon Sep 17 00:00:00 2001 From: Kevin Duret Date: Tue, 21 Jan 2025 10:36:02 +0100 Subject: [PATCH 2/3] fix --- .github/workflows/gorgone-analysis.yml | 4 +--- .github/workflows/robot-nightly.yml | 3 --- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/gorgone-analysis.yml b/.github/workflows/gorgone-analysis.yml index 70533807e7e..c9a51281213 100644 --- a/.github/workflows/gorgone-analysis.yml +++ b/.github/workflows/gorgone-analysis.yml @@ -20,7 +20,6 @@ on: - ready_for_review paths: - ".version" - - ".version.centreon-gorgone" - ".github/workflows/gorgone.yml" - "gorgone/**" - "perl-libs/**" @@ -35,7 +34,6 @@ on: - "[2-9][0-9].[0-9][0-9].x" paths: - ".version" - - ".version.centreon-gorgone" - ".github/workflows/gorgone.yml" - "gorgone/**" - "perl-libs/**" @@ -50,7 +48,7 @@ jobs: get-environment: uses: ./.github/workflows/get-environment.yml with: - version_file: .version.centreon-gorgone + version_file: gorgone/.version veracode-analysis: needs: [get-environment] diff --git a/.github/workflows/robot-nightly.yml b/.github/workflows/robot-nightly.yml index 950a9d7e246..335d86c2251 100644 --- a/.github/workflows/robot-nightly.yml +++ b/.github/workflows/robot-nightly.yml @@ -37,13 +37,10 @@ jobs: module_name: centreon-collect major_version: ${{ needs.get-environment.outputs.major_version }} minor_version: ${{ needs.get-environment.outputs.minor_version }} - img_version: ${{ needs.get-environment.outputs.img_version }} secrets: veracode_api_id: ${{ secrets.VERACODE_API_ID_COLL }} veracode_api_key: ${{ secrets.VERACODE_API_KEY_COLL }} veracode_srcclr_token: ${{ secrets.VERACODE_SRCCLR_TOKEN }} - docker_registry_id: ${{ secrets.HARBOR_CENTREON_PULL_USERNAME }} - docker_registry_passwd: ${{ secrets.HARBOR_CENTREON_PULL_TOKEN }} package: needs: [get-environment] From 25e06000d7d37ff111313d4530d65e8db71183fc Mon Sep 17 00:00:00 2001 From: Kevin Duret Date: Tue, 21 Jan 2025 10:37:05 +0100 Subject: [PATCH 3/3] fix --- .github/workflows/gorgone-analysis.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/gorgone-analysis.yml b/.github/workflows/gorgone-analysis.yml index c9a51281213..0e3ee3817ab 100644 --- a/.github/workflows/gorgone-analysis.yml +++ b/.github/workflows/gorgone-analysis.yml @@ -20,7 +20,6 @@ on: - ready_for_review paths: - ".version" - - ".github/workflows/gorgone.yml" - "gorgone/**" - "perl-libs/**" - "!gorgone/tests/**" @@ -34,7 +33,6 @@ on: - "[2-9][0-9].[0-9][0-9].x" paths: - ".version" - - ".github/workflows/gorgone.yml" - "gorgone/**" - "perl-libs/**" - "!gorgone/tests/**"