Merge pull request #22 from zowe/users/tom/gha

Adding github actions workflow files
2026-03-10 08:41:23 +00:00 · 2021-09-08 16:16:56 -04:00
parent c0dbf87b59 4cce3916a3
commit 0402e3066d
2 changed files with 159 additions and 0 deletions
--- a/.github/workflows/build_test.yml
+++ b/.github/workflows/build_test.yml
@@ -0,0 +1,99 @@
+name: Build and Test Workflow
+on:
+  push:
+    branches:
+      - master 
+  pull_request:
+    types: [opened, synchronize]
+  workflow_dispatch:
+    inputs:
+      PERFORM_RELEASE:
+        description: '[Release] perform release'
+        required: false
+  
+
+jobs:
+  check-permission:
+    runs-on: ubuntu-latest
+    steps:
+      # this action will fail the whole workflow if permission check fails
+      - name: check permission
+        uses: zowe-actions/shared-actions/permission-check@main
+        with:
+          user: ${{ github.actor }}
+          github-repo: ${{ github.repository }}
+          github-user: ${{ secrets.ZOWE_ROBOT_USER }}
+          github-passwd: ${{ secrets.ZOWE_ROBOT_TOKEN }}
+
+  build-test:
+    runs-on: ubuntu-latest
+    needs: check-permission
+    steps: 
+      - name: '[Prep 1] Checkout'
+        uses: actions/checkout@v2
+
+      - name: '[Prep 2] Cache node modules'
+        uses: actions/cache@v2
+        with:
+          # npm cache files are stored in `~/.npm` on Linux/macOS
+          path: |
+            ~/.npm
+            ~/.nvm/.cache
+            ~/.nvm/versions
+          key: ${{ runner.os }}-build-cache-node-modules-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-build-cache-node-modules-
+
+      - name: '[Prep 3] Setup jFrog CLI'
+        uses: jfrog/setup-jfrog-cli@v1
+        env:
+          JF_ARTIFACTORY_1: ${{ secrets.JF_ARTIFACTORY_TOKEN }}
+          
+      - name: '[Prep 4] Prepare workflow'
+        uses: zowe-actions/shared-actions/prepare-workflow@main
+        with:
+          github-user: ${{ secrets.ZOWE_ROBOT_USER }}
+          github-password: ${{ secrets.ZOWE_ROBOT_TOKEN }}
+          github-email: ${{ secrets.ZOWE_ROBOT_EMAIL }}
+          
+      - name: '[Prep 5] Setup Node'
+        uses: actions/setup-node@v2
+        with:
+          node-version: 10.18.1
+
+      - name: '[Setup] NodeJS project setup'
+        uses: zowe-actions/nodejs-actions/setup@main
+        with:
+          package-name: 'org.zowe.sample-node-api'
+          install-registry-url: ${{ env.DEFAULT_NPM_PRIVATE_INSTALL_REGISTRY }}
+          install-registry-email: ${{ secrets.NPM_PRIVATE_REGISTRY_EMAIL }}
+          install-registry-username: ${{ secrets.NPM_PRIVATE_REGISTRY_USERNAME }}
+          install-registry-password: ${{ secrets.NPM_PRIVATE_REGISTRY_PASSWORD }}
+          publish-registry-email: ${{ secrets.NPM_PRIVATE_REGISTRY_EMAIL }}
+          publish-registry-username: ${{ secrets.NPM_PRIVATE_REGISTRY_USERNAME }}
+          publish-registry-password: ${{ secrets.NPM_PRIVATE_REGISTRY_PASSWORD }}
+
+      - name: '[Build] Nodejs project build'
+        run: npm run build
+
+      - name: '[Packaging] Make pax'
+        uses: zowe-actions/shared-actions/make-pax@main
+        with:
+          pax-name: 'sample-node-api'
+          pax-ssh-username: ${{ secrets.SSH_MARIST_USERNAME }}
+          pax-ssh-password: ${{ secrets.SSH_MARIST_PASSWORD }}
+
+      - name: '[Publish] Publish'
+        uses: zowe-actions/shared-actions/publish@main
+        if: success()
+        with:
+          artifacts: .pax/sample-node-api.pax
+          perform-release: ${{ github.event.inputs.PERFORM_RELEASE }}
+
+      - name: '[Release 1] Release (if necessary)'
+        if: ${{ success() && github.event.inputs.PERFORM_RELEASE == 'true' && env.IS_RELEASE_BRANCH == 'true' }}
+        uses: zowe-actions/shared-actions/release@main
+
+      - name: '[Release 2] NPM bump version (if necessary)' 
+        if: ${{ success() && github.event.inputs.PERFORM_RELEASE == 'true' && env.IS_RELEASE_BRANCH == 'true' && env.IS_FORMAL_RELEASE_BRANCH == 'true' && env.PRE_RELEASE_STRING == ''}}
+        uses: zowe-actions/nodejs-actions/bump-version@main
--- a/.github/workflows/code_scan.yml
+++ b/.github/workflows/code_scan.yml
@@ -0,0 +1,60 @@
+name: Codescan Workflow
+on: 
+  push:
+    branches:
+      - master 
+  pull_request:
+    types: [opened, synchronize]
+
+jobs:
+  run-audit:
+    runs-on: macos-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      
+      - name: Setup Node
+        uses: actions/setup-node@v2
+        with:
+          node-version: 10.18.1
+
+      - name: Install
+        run: npm install --no-audit
+
+      - name: Audit
+        run: npm audit --prod
+
+  run-code-ql:
+    runs-on: macos-latest
+    timeout-minutes: 20
+
+    steps:
+        - name: Checkout repository
+          uses: actions/checkout@v2
+
+        # Initializes the CodeQL tools for scanning.
+        - name: Initialize CodeQL
+          uses: github/codeql-action/init@v1
+          with:
+            languages: javascript
+
+        # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+        # If this step fails, then you should remove it and run the build manually (see below)
+        - name: Autobuild
+          uses: github/codeql-action/autobuild@v1
+
+        # ℹ️ Command-line programs to run using the OS shell.
+        # 📚 https://git.io/JvXDl
+
+        # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+        #    and modify them (or add more) to build your code if your project
+        #    uses a compiled language
+
+        #- run: |
+        #   make bootstrap
+        #   make release
+
+        - name: Perform CodeQL Analysis
+          uses: github/codeql-action/analyze@v1
+
+