From 87123fe9e0e29427548a39492339901bcafdbd85 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 12 Feb 2025 03:32:23 +0000 Subject: [PATCH] add Renovate and custom workflow files --- .github/CODEOWNERS | 61 --------- .github/ISSUE_TEMPLATE/bug_report.yaml | 57 -------- .github/ISSUE_TEMPLATE/feature_request.yaml | 60 --------- .github/pull_request_template.md | 9 -- .github/workflows/bazel_build_and_test.yaml | 22 ---- .github/workflows/build_and_test.yaml | 123 ------------------ .github/workflows/dco-check.yaml | 20 --- .github/workflows/sync-fork.yml | 89 +++++++++++++ .../trivy-dependencies-submission.yml | 27 ++++ .github/workflows/unit_test.yml | 28 ---- .gitignore | 9 -- renovate.json5 | 12 ++ 12 files changed, 128 insertions(+), 389 deletions(-) delete mode 100644 .github/CODEOWNERS delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.yaml delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.yaml delete mode 100644 .github/pull_request_template.md delete mode 100644 .github/workflows/bazel_build_and_test.yaml delete mode 100644 .github/workflows/build_and_test.yaml delete mode 100644 .github/workflows/dco-check.yaml create mode 100644 .github/workflows/sync-fork.yml create mode 100644 .github/workflows/trivy-dependencies-submission.yml delete mode 100644 .github/workflows/unit_test.yml delete mode 100644 .gitignore create mode 100644 renovate.json5 diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index 10a436306..000000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,61 +0,0 @@ -# default option unless later match takes precedence -* @pietfried @hikinggrass @corneliusclaussen @SebaLukas @andistorm - -# .ci -/.ci/ @pietfried @hikinggrass @corneliusclaussen @andistorm - -# .github -/.github/ @pietfried @corneliusclaussen -/.github/workflows/ @pietfried @corneliusclaussen @andistorm - -# cmake -/cmake/ @hikinggrass @a-w50 @corneliusclaussen @andistorm - -# config -/config/ @hikinggrass @pietfried @corneliusclaussen @SebaLukas @maaikez @MarzellT - -# lib -/lib/3rd_party/nanopb/ @a-w50 @corneliusclaussen @hikinggrass -/lib/staging/can_dpm1000/ @a-w50 @corneliusclaussen @hikinggrass -/lib/staging/gpio/ @corneliusclaussen @hikinggrass @hikinggrass -/lib/staging/ocpp/ @hikinggrass @pietfried @corneliusclaussen -/lib/staging/slac/ @a-w50 @corneliusclaussen @SebaLukas -/lib/staging/tls/ @james-ctc @AssemblyJohn @corneliusclaussen @SebaLukas - -# modules -/modules/API/ @hikinggrass @pietfried @corneliusclaussen -/modules/Auth/ @pietfried @corneliusclaussen @hikinggrass -/modules/Energymanager/ @corneliusclaussen @hikinggrass @pietfried -/modules/EnergyNode/ @corneliusclaussen @hikinggrass @pietfried -/modules/ErrorHistory/ @corneliusclaussen @hikinggrass @pietfried @andistorm -/modules/EvseManager/ @corneliusclaussen @SebaLukas @hikinggrass @pietfried -/modules/EvManager/ @SebaLukas @pietfried @MarzellT -/modules/Evse15118D20/ @SebaLukas @a-w50 @corneliusclaussen -/modules/EvseSecurity/ @AssemblyJohn @pietfried @hikinggrass -/modules/EvseV2G/ @corneliusclaussen @SebaLukas @james-ctc -/modules/EvseSlac/ @a-w50 @corneliusclaussen @SebaLukas -/modules/OCPP/ @hikinggrass @pietfried @maaikez -/modules/OCPP201/ @hikinggrass @pietfried @maaikez -/modules/PacketSniffer/ @corneliusclaussen @SebaLukas @hikinggrass -/modules/PhyVersoBSP/ @pietfried @hikinggrass @corneliusclaussen @dorezyuk @rckstrh -/modules/PyEvJosev/ @SebaLukas @corneliusclaussen @pietfried -/modules/Setup/ @hikinggrass @corneliusclaussen @pietfried -/modules/YetiDriver/ @corneliusclaussen @hikinggrass -/modules/examples/error-framework/ @corneliusclaussen @hikinggrass @pietfried @andistorm -/modules/simulation/ @SebaLukas @pietfried @hikinggrass -/modules/SlacSimulator/ @SebaLukas @pietfried @corneliusclaussen @MarzellT -/modules/rust_examples/ @SirVer @dorezyuk -**/Cargo.toml @SirVer @dorezyuk @pietfried @hikinggrass -**/Cargo.lock @SirVer @dorezyuk @pietfried @hikinggrass - - -# Rust & Bazel -*.rs @SirVer @dorezyuk @pietfried @hikinggrass -*.bazel @SirVer @dorezyuk @pietfried @hikinggrass -*.bzl @SirVer @dorezyuk @pietfried @hikinggrass - -# third-party/bazel -/third-party/bazel/deps_versions.bzl @pietfried @hikinggrass @corneliusclaussen @SebaLukas @a-w50 @SirVer @dorezyuk - -/dependencies.yaml @hikinggrass @pietfried @corneliusclaussen @SebaLukas @maaikez @AssemblyJohn -/module-dependencies.cmake @hikinggrass @pietfried @corneliusclaussen @SebaLukas @maaikez @AssemblyJohn diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml deleted file mode 100644 index 8544735c1..000000000 --- a/.github/ISSUE_TEMPLATE/bug_report.yaml +++ /dev/null @@ -1,57 +0,0 @@ -name: Bug Report -description: Thanks for taking the time to fill out this bug report! - -body: - - type: textarea - id: description - attributes: - label: Describe the bug - description: A clear and concise description of what the bug is. If applicable, add screenshots or logfiles to help explain your problem. - validations: - required: true - - type: dropdown - id: affected-domain - attributes: - label: EVerest Domain - description: Can you specify a specific domain is affected by the issue? Mark multiple if applicable. - options: - - Authorization - - Charge Control - - CHAdeMO - - Energy Management - - Hardware Drivers - - ISO15118 - - Power Supplies - - OCPP - - OCPP1.6 - - OCPP2.0.1 - - Simulation - - SLAC - - Compilation - - Utility - - Testing - - Other - multiple: true - validations: - required: true - - - type: textarea - id: affected-module - attributes: - label: Affected EVerest Module - description: | - Please specify the module where the bug is located. If you are not sure, please leave this field empty. - - - type: textarea - id: reproduction - attributes: - label: To Reproduce - description: | - If applicable describe the steps to and additional information to reproduce the behavior - like EVerest configuration files, EVerest version, compile options and your system information. - - - type: textarea - id: other - attributes: - label: Anything else? - placeholder: Add any other context about the bug report here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml deleted file mode 100644 index 8a9dee09a..000000000 --- a/.github/ISSUE_TEMPLATE/feature_request.yaml +++ /dev/null @@ -1,60 +0,0 @@ -name: Feature Request -description: Thanks for taking the time to fill out this feature request! - -body: - - type: textarea - id: description - attributes: - label: Describe the problem - description: What problem is your feature request targeting and why is it a problem? Please describe. - placeholder: | - A clear and concise description of what the problem is. - validations: - required: true - - - type: dropdown - id: affected-domain - attributes: - label: EVerest Domain - description: Can you specify a specific domain for which the feature is requested? Mark multiple if applicable. - options: - - Authorization - - Charge Control - - CHAdeMO - - Energy Management - - Hardware Drivers - - ISO15118 - - Power Supplies - - OCPP - - OCPP1.6 - - OCPP2.0.1 - - Simulation - - SLAC - - Compilation - - Utility - - Testing - - Other - multiple: true - validations: - required: true - - - type: textarea - id: affected-module - attributes: - label: Affected EVerest Module - description: | - Can you specify a module in which this feature shall be implemented? If you are not sure, please leave this field empty. - - - type: textarea - id: solution - attributes: - label: Describe your solution - description: Describe the solution you'd like - placeholder: | - A clear and concise description of what you want to happen. - - - type: textarea - id: other - attributes: - label: Additional context - placeholder: Add any other context about the feature request here. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md deleted file mode 100644 index e4b7d8be6..000000000 --- a/.github/pull_request_template.md +++ /dev/null @@ -1,9 +0,0 @@ -## Describe your changes - -## Issue ticket number and link - -## Checklist before requesting a review -- [ ] I have performed a self-review of my code -- [ ] I have made corresponding changes to the documentation -- [ ] I read the [contribution documentation](https://github.com/EVerest/EVerest/blob/main/CONTRIBUTING.md) and made sure that my changes meet its requirements - diff --git a/.github/workflows/bazel_build_and_test.yaml b/.github/workflows/bazel_build_and_test.yaml deleted file mode 100644 index 002218c03..000000000 --- a/.github/workflows/bazel_build_and_test.yaml +++ /dev/null @@ -1,22 +0,0 @@ -name: Bazel Build -run-name: ${{ github.actor }} is building with bazel -on: [pull_request] -jobs: - bazel-build-and-test: - runs-on: ubuntu-22.04 - steps: - - run: echo branch name is ${{ github.ref }} - - name: Checkout - uses: actions/checkout@v4.1.0 - - name: Mount bazel cache - uses: actions/cache@v3 - with: - path: "~/.cache/bazel" - key: ${{ runner.os }}-bazel-${{ hashFiles('dependencies.yaml', '.bazelversion', '.bazelrc', 'WORKSPACE.bazel', 'third-party/bazel/*') }} - restore-keys: | - ${{ runner.os }}-bazel- - - name: Build all - run: > - bazelisk build //... - - name: Test all - run: bazelisk test //... --test_output=errors diff --git a/.github/workflows/build_and_test.yaml b/.github/workflows/build_and_test.yaml deleted file mode 100644 index 1196c4479..000000000 --- a/.github/workflows/build_and_test.yaml +++ /dev/null @@ -1,123 +0,0 @@ -name: Build, Lint and Test -on: - pull_request: {} - workflow_dispatch: - inputs: - runner: - description: Which runner to use - type: choice - default: 'ubuntu-22.04' - required: true - options: - - 'ubuntu-22.04' - - 'large-ubuntu-22.04-xxl' - schedule: - - cron: '37 13,1 * * *' - -jobs: - ci: - name: Build, Lint and Test - uses: everest/everest-ci/.github/workflows/continuous_integration.yml@v1.4.4 - permissions: - contents: read - secrets: - coverage_deploy_token: ${{ secrets.SA_GITHUB_PAT }} - with: - runner: ${{ inputs.runner || 'ubuntu-22.04' }} - artifact_deploy_target_repo: EVerest/everest.github.io - run_coverage: false - do_not_run_coverage_badge_creation: true - run_install_wheels: true - run_integration_tests: true - ocpp-tests: - name: OCPP Tests - needs: - - ci - runs-on: ${{ inputs.runner || 'ubuntu-22.04' }} - steps: - - name: Download dist dir - uses: actions/download-artifact@v4.1.8 - with: - name: dist - - name: Extract dist.tar.gz - run: | - tar -xzf ${{ github.workspace }}/dist.tar.gz -C ${{ github.workspace }} - - name: Download wheels - # if: ${{ inputs.run_install_wheels == 'true' }} - uses: actions/download-artifact@v4.1.8 - with: - name: wheels - path: wheels - - name: Checkout repository - uses: actions/checkout@v4.2.2 - with: - path: source - - name: Setup run scripts - run: | - mkdir scripts - rsync -a source/.ci/build-kit/scripts/ scripts - - name: Docker Meta - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.BUILD_KIT_IMAGE_NAME }} - sep-tags: "," - - name: Set output tag - id: buildkit_tag - shell: python3 {0} - run: | - import os - tags = "${{ steps.meta.outputs.tags }}".split(",") - if len(tags) == 0: - print("No tags found!❌") - exit(1) - tag = f"local/build-kit-everest-core:{tags[0]}" - with open(os.environ["GITHUB_OUTPUT"], "a") as f: - f.write(f"tag={tag}\n") - print(f"Set tag={tag}") - - name: Download build-kit image - uses: actions/download-artifact@v4 - with: - name: build-kit - - name: Load build-kit image - run: | - docker load -i build-kit.tar - docker image tag ${{ steps.buildkit_tag.outputs.tag }} build-kit - - name: Create integration-image - run: | - docker run \ - --volume "${{ github.workspace }}:/ext" \ - --name integration-container \ - build-kit run-script create_ocpp_tests_image - docker commit integration-container integration-image - - name: Run OCPP tests - id: run_ocpp_tests - continue-on-error: true - run: | - docker compose \ - -f source/.ci/e2e/docker-compose.yaml \ - run \ - e2e-test-server \ - run-script run_ocpp_tests - - name: Upload result and report as artifact - continue-on-error: true - if: ${{ steps.run_ocpp_tests.outcome == 'success' || steps.run_ocpp_tests.outcome == 'failure' }} - uses: actions/upload-artifact@v4.4.3 - with: - if-no-files-found: error - name: ocpp-tests-report - path: | - ocpp-tests-result.xml - ocpp-tests-report.html - - name: Render OCPP tests result - if: ${{ steps.run_ocpp_tests.outcome == 'success' || steps.run_ocpp_tests.outcome == 'failure' }} - uses: pmeier/pytest-results-action@v0.7.1 - with: - path: ocpp-tests-result.xml - summary: True - display-options: fEX - fail-on-empty: True - title: Test results - - name: Check if OCPP tests failed - if: ${{ steps.run_ocpp_tests.outcome == 'failure' }} - run: exit 1 diff --git a/.github/workflows/dco-check.yaml b/.github/workflows/dco-check.yaml deleted file mode 100644 index 70a5f6979..000000000 --- a/.github/workflows/dco-check.yaml +++ /dev/null @@ -1,20 +0,0 @@ -name: DCO Check -on: - pull_request: {} -jobs: - dco_check: - name: DCO Check - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v3 - - name: Set up Python 3.x - uses: actions/setup-python@v4 - with: - python-version: '3.x' - - name: Install dco-check - run: pip3 install -U dco-check==0.4.0 - - name: Check DCO - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - dco-check diff --git a/.github/workflows/sync-fork.yml b/.github/workflows/sync-fork.yml new file mode 100644 index 000000000..42ba38054 --- /dev/null +++ b/.github/workflows/sync-fork.yml @@ -0,0 +1,89 @@ +name: Sync fork + +on: + workflow_dispatch: {} + schedule: + - cron: "15 3 * * *" # Run every day at 3:15 UTC + +jobs: + sync: + runs-on: ubuntu-latest + steps: + - name: Checkout fork's default branch + uses: actions/checkout@v4 + with: + fetch-depth: 0 + path: "fork" + token: ${{ secrets.GH_PAT }} + - name: Checkout fork's configuration branch + uses: actions/checkout@v4 + with: + path: "configuration" + ref: "renovate-and-workflow-files" + token: ${{ secrets.GH_PAT }} + - name: Determine Upstream clone URL + id: upstream-repo-clone-url + uses: actions/github-script@v7 + with: + script: | + const { data } = await github.rest.repos.get({ + owner: context.repo.owner, + repo: context.repo.repo, + }); + if (data.fork) { + return data.parent.clone_url; + } else { + throw new Error('This repository is not a fork.'); + } + result-encoding: string + - name: Determine Upstream default branch + id: upstream-repo-default-branch + uses: actions/github-script@v7 + with: + script: | + const { data } = await github.rest.repos.get({ + owner: context.repo.owner, + repo: context.repo.repo, + }); + if (data.fork) { + return data.parent.default_branch; + } else { + throw new Error('This repository is not a fork.'); + } + result-encoding: string + - name: Sync fork with upstream + run: | + set -ex + cd fork + git config --global user.name "github-actions[bot]" + git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" + git remote add upstream ${{ steps.upstream-repo-clone-url.outputs.result }} + git fetch upstream ${{ steps.upstream-repo-default-branch.outputs.result }} + UPSTREAM_MOST_RECENT_COMMIT_HASH=$(git log upstream/${{ steps.upstream-repo-default-branch.outputs.result }} -n 1 --format="%H") + PREVIOUS_SYNC_COMMIT_HASH=$(cat ../configuration/upstream_commit_hash) + if [ "$PREVIOUS_SYNC_COMMIT_HASH" = "$UPSTREAM_MOST_RECENT_COMMIT_HASH" ]; then + echo "No need to sync, already up-to-date" + exit 0 + fi + + git reset --hard upstream/${{ steps.upstream-repo-default-branch.outputs.result }} + # Enforce the usage of our own config (renovate.json5) + git rm renovate.json* || true + # Avoid problems where an existing .gitignore file would prevent committing our configuration files + git rm .gitignore || true + # Delete existing workflows, we don't need to run them in our fork + rm -rf .github || true + # Instead of using "cp -r", rsync allows us to exclude the .git directory + rsync -av --exclude '.git' ../configuration/ . + rm upstream_commit_hash + git add . + git commit -m "add Renovate and custom workflow files" + git push --force-with-lease + + cd ../configuration + # git config user.name "github-actions[bot]" + # git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + echo $UPSTREAM_MOST_RECENT_COMMIT_HASH > upstream_commit_hash + git add upstream_commit_hash + git commit -m "update commit hash to $UPSTREAM_MOST_RECENT_COMMIT_HASH" + git push diff --git a/.github/workflows/trivy-dependencies-submission.yml b/.github/workflows/trivy-dependencies-submission.yml new file mode 100644 index 000000000..71f59af7e --- /dev/null +++ b/.github/workflows/trivy-dependencies-submission.yml @@ -0,0 +1,27 @@ +name: SBOM upload from Trivy + +on: + workflow_dispatch: {} + schedule: + - cron: "0 9 */5 * *" # Run every fifth day at 9 AM UTC + +jobs: + SBOM-upload: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Run Trivy vulnerability scanner in repo mode + uses: aquasecurity/trivy-action@0.23.0 + with: + scan-type: 'fs' + ignore-unfixed: true + format: 'github' + output: 'trivy-results.gsbom' + github-pat: ${{ secrets.GITHUB_TOKEN }} # this causes a curl call to upload the snapshot + + - name: Upload report file + uses: actions/upload-artifact@v4 + with: + name: trivy-results + path: trivy-results.gsbom diff --git a/.github/workflows/unit_test.yml b/.github/workflows/unit_test.yml deleted file mode 100644 index db5efb683..000000000 --- a/.github/workflows/unit_test.yml +++ /dev/null @@ -1,28 +0,0 @@ - -name: Unit tests -on: - pull_request: {} - workflow_dispatch: - inputs: - runner: - description: Which runner to use - type: choice - default: 'ubuntu-22.04' - required: true - options: - - 'ubuntu-22.04' - - 'large-ubuntu-22.04-xxl' - -jobs: - manifests_tes: - name: Manifests test - runs-on: ${{ inputs.runner || 'ubuntu-22.04' }} - steps: - - uses: actions/checkout@v3 - - name: Install deps - run: pip3 install pytest - - name: Test mainfests - run: | - cd ${{ github.workspace }} - python3 -m pytest tests/manifest_tests/*.py - diff --git a/.gitignore b/.gitignore deleted file mode 100644 index ffa0d9303..000000000 --- a/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -*build -*build-cross -.cache/ -workspace.yaml -.vscode/ -/bazel-* -/modules/target -CMakeLists.txt.user -.idea/ diff --git a/renovate.json5 b/renovate.json5 new file mode 100644 index 000000000..53fe2ac32 --- /dev/null +++ b/renovate.json5 @@ -0,0 +1,12 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended", + ":disableRateLimiting" + ], + "labels": ["dependencies", "depManager:{{{manager}}}"], + "vulnerabilityAlerts": { + "labels": ["security", "dependencies", "depManager:{{{manager}}}"], + }, + "forkProcessing": "enabled" +}