diff --git a/.github/actions/copy-workflow-go/action.yml b/.github/actions/copy-workflow-go/action.yml index cb27a595..9573f98e 100644 --- a/.github/actions/copy-workflow-go/action.yml +++ b/.github/actions/copy-workflow-go/action.yml @@ -8,18 +8,18 @@ runs: with: # This should be the same Go version we use in the go-check workflow. # go mod tidy, go vet, staticcheck and gofmt might behave differently depending on the version. - go-version: "1.17.x" + go-version: "1.18.x" - name: bump go.mod go version if needed uses: protocol/multiple-go-modules@v1.2 with: working-directory: ${{ env.TARGET_REPO_DIR }} run: | # We want our modules to support two Go versions at a time. - # As of August 2021, Go 1.17 is the latest stable. + # As of March 2022, Go 1.18 is the latest stable. # go.mod's Go version declares the language version being used. # As such, it has to be the minimum of all Go versions supported. # Bump this every six months, as new Go versions come out. - TARGET_VERSION=1.16 + TARGET_VERSION=1.17 # Note that the "<" comparison doesn't understand semver, # but it should be good enough for the foreseeable future. diff --git a/.github/actions/copy-workflow-versioning/action.yml b/.github/actions/copy-workflow-versioning/action.yml index 6acf1714..efb64ee5 100644 --- a/.github/actions/copy-workflow-versioning/action.yml +++ b/.github/actions/copy-workflow-versioning/action.yml @@ -11,8 +11,6 @@ runs: run: | git fetch origin --unshallow # we need the entire commit history version=$(git describe --tags --abbrev=0 || true) # highest released version on current branch - if [[ -n "$version" ]]; then # only deply version.json if there's at least one release - printf '{"version": "%s"}' "$version" | jq . > version.json - git add version.json - git commit -m "add version.json file" - fi + printf '{"version": "%s"}' "$version" | jq . > version.json + git add version.json + git commit -m "add version.json file" diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 00000000..1a5cd12d --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,55 @@ +# Automatically merge pull requests opened by web3-bot, as soon as (and only if) all tests pass. +# This reduces the friction associated with updating with our workflows. + +on: + workflow_call: + inputs: + job: + required: true + type: string +name: Automerge + +jobs: + automerge-check: + if: github.event.pull_request.user.login == 'web3-bot' + runs-on: ubuntu-latest + outputs: + status: ${{ steps.should-automerge.outputs.status }} + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Check if we should automerge + id: should-automerge + run: | + for commit in $(git rev-list --first-parent origin/${{ github.event.pull_request.base.ref }}..${{ github.event.pull_request.head.sha }}); do + committer=$(git show --format=$'%ce' -s $commit) + echo "Committer: $committer" + if [[ "$committer" != "web3-bot@users.noreply.github.com" ]]; then + echo "Commit $commit wasn't committed by web3-bot, but by $committer." + echo "::set-output name=status::false" + exit + fi + done + echo "::set-output name=status::true" + automerge: + needs: automerge-check + runs-on: ubuntu-latest + # The check for the user is redundant here, as this job depends on the automerge-check job, + # but it prevents this job from spinning up, just to be skipped shortly after. + if: github.event.pull_request.user.login == 'web3-bot' && needs.automerge-check.outputs.status == 'true' + steps: + - name: Wait on tests + uses: lewagon/wait-on-check-action@752bfae19aef55dab12a00bc36d48acc46b77e9d # v1.1.1 + with: + ref: ${{ github.event.pull_request.head.sha }} + repo-token: ${{ secrets.GITHUB_TOKEN }} + wait-interval: 10 + running-workflow-name: '${{ inputs.job }} / ${{ github.job }}' # the name of the check for this job + - name: Merge PR + uses: pascalgn/automerge-action@741c311a47881be9625932b0a0de1b0937aab1ae # v0.13.1 + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + MERGE_LABELS: "" + MERGE_METHOD: "squash" + MERGE_DELETE_BRANCH: true diff --git a/.github/workflows/check-config.yml b/.github/workflows/check-config.yml index 5b3af314..1ee8aab6 100644 --- a/.github/workflows/check-config.yml +++ b/.github/workflows/check-config.yml @@ -1,4 +1,4 @@ -on: +on: pull_request: paths: - 'configs/*.json' @@ -8,8 +8,6 @@ name: Check Config jobs: check-config: runs-on: ubuntu-latest - outputs: - targets: ${{ steps.set-matrix.outputs.targets }} steps: - uses: actions/checkout@v2 - name: check if config files are sorted alphabetically diff --git a/.github/workflows/check-yaml.yml b/.github/workflows/check-yaml.yml new file mode 100644 index 00000000..5442b6ed --- /dev/null +++ b/.github/workflows/check-yaml.yml @@ -0,0 +1,22 @@ +on: + pull_request: + paths: + - '**/action.yml' + - '**/action.yaml' + - '**/.github/workflows/*.yml' + - '**/.github/workflows/*.yaml' + +name: Check YAML + +jobs: + check-yaml: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: nwisbeta/validate-yaml-schema@c3734e647d2a3beb98b9132330067e900fdbd1a2 # v2.0.0 + with: + yamlSchemasJson: | + { + "https://json.schemastore.org/github-action.json": ["**/action.yml", "**/action.yaml"], + "https://json.schemastore.org/github-workflow.json": ["**/.github/workflows/*.yml", "**/.github/workflows/*.yaml"] + } diff --git a/.github/workflows/copy-workflow.yml b/.github/workflows/copy-workflow.yml index 21940fc2..235beed0 100644 --- a/.github/workflows/copy-workflow.yml +++ b/.github/workflows/copy-workflow.yml @@ -39,6 +39,11 @@ jobs: uses: actions/checkout@v2 with: path: ${{ env.TEMPLATE_REPO_DIR }} + - name: determine GitHub default branch + working-directory: ${{ env.TARGET_REPO_DIR }} + run: | + default_branch=$(git remote show origin | awk '/HEAD branch/ {print $NF}') + echo "DEFAULT_BRANCH=$default_branch" >> $GITHUB_ENV - name: git config working-directory: ${{ env.TARGET_REPO_DIR }} run: | @@ -100,6 +105,8 @@ jobs: # add DO NOT EDIT header tmp=$(mktemp) cat $TEMPLATE_REPO_DIR/$TEMPLATE_DIR/header.yml $TEMPLATE_REPO_DIR/$TEMPLATE_DIR/$f > $tmp + # replace $default-branch with this repo's GitHub default branch + sed -i "s:\$default-branch:${{ env.DEFAULT_BRANCH }}:g" $tmp # create commit, if necessary commit_msg="" if [[ ! -f "$TARGET_REPO_DIR/$f" ]]; then diff --git a/.github/workflows/dispatch.yml b/.github/workflows/dispatch.yml index 4e7a541d..9e479306 100644 --- a/.github/workflows/dispatch.yml +++ b/.github/workflows/dispatch.yml @@ -136,7 +136,8 @@ jobs: echo "Failed to create a PR for '$target'" failed+=("$target(create)") fi - sleep 3 + # 3 seconds seemed not to be enough, trying 10 + sleep 10 done if ((${#failed[@]})); then echo "::error ::Failed to sync PRs in: ${failed[@]}" diff --git a/.github/workflows/release-check.yml b/.github/workflows/release-check.yml index 55484c99..41249482 100644 --- a/.github/workflows/release-check.yml +++ b/.github/workflows/release-check.yml @@ -9,7 +9,7 @@ jobs: releaser: runs-on: ubuntu-latest env: - INITIAL_RUN: "false" + TAG_EXISTS: "true" VERSION: "" # the version number read from version.json COMPARETO: "" # the version number to compare this version to GORELEASE: "" @@ -20,31 +20,29 @@ jobs: - uses: actions/checkout@v2 - uses: actions/setup-go@v2 with: - go-version: "1.17.x" + go-version: "1.18.x" - name: Determine version + if: hashFiles('version.json') run: echo "VERSION=$(jq -r .version version.json)" >> $GITHUB_ENV - - name: Check if this is the initial deployment - # This is the initial run (deploying the version.json to this repo) if - # 1. version.json didn't exist before, AND - # 2. there doesn't exist a git tag for the version (as read from version.json) - # In that case, we don't need to run the rest of the workflow. + - name: Check if the tag already exists + # Check if a git tag for the version (as read from version.json) exists + # If that is the case, we don't need to run the rest of the workflow. + if: env.VERSION != '' run: | - git fetch origin ${{ github.event.pull_request.base.sha }} git fetch origin --tags - read -ra arr <<< $(git diff-index ${{ github.event.pull_request.base.sha }} -- version.json) status=0 git rev-list $VERSION &> /dev/null || status=$? - if [[ "${arr[4]}" == "A" && $status == 0 ]]; then - echo "INITIAL_RUN=true" >> $GITHUB_ENV + if [[ $status != 0 ]]; then + echo "TAG_EXISTS=false" >> $GITHUB_ENV fi - name: Install semver (node command line tool) - if: env.INITIAL_RUN == 'false' + if: env.TAG_EXISTS == 'false' run: npm install -g "https://github.com/npm/node-semver#e79ac3a450e8bb504e78b8159e3efc7089569" # v7.3.5 - name: Check version - if: env.INITIAL_RUN == 'false' + if: env.TAG_EXISTS == 'false' run: semver ${{ env.VERSION }} # fails if the version is not a valid semver version (e.g. v0.1 would fail) - name: Determine version number to compare to - if: env.INITIAL_RUN == 'false' + if: env.TAG_EXISTS == 'false' # We need to determine the version number we want to compare to, # taking into account that this might be a (patch) release on a release branch. # Example: @@ -62,7 +60,7 @@ jobs: fi echo "COMPARETO=$v" >> $GITHUB_ENV - name: Post output - if: env.INITIAL_RUN == 'false' && env.COMPARETO == '' + if: env.TAG_EXISTS == 'false' && env.COMPARETO == '' uses: marocchino/sticky-pull-request-comment@82e7a0d3c51217201b3fedc4ddde6632e969a477 # v2.1.1 with: header: release-check @@ -72,7 +70,7 @@ jobs: This is the first release of this module. - name: run git diff on go.mod file(s) - if: env.INITIAL_RUN == 'false' && env.COMPARETO != '' + if: env.TAG_EXISTS == 'false' && env.COMPARETO != '' run: | # First get the diff for the go.mod file in the root directory... output=$(git diff ${{ env.COMPARETO }}..HEAD -- './go.mod') @@ -84,14 +82,14 @@ jobs: fi printf "GOMODDIFF<> $GITHUB_ENV - name: Run gorelease - if: env.INITIAL_RUN == 'false' && env.COMPARETO != '' + if: env.TAG_EXISTS == 'false' && env.COMPARETO != '' # see https://github.com/golang/exp/commits/master/cmd/gorelease run: | go install golang.org/x/exp/cmd/gorelease@b4e88ed8e8aab63a9aa9a52276782ebbc547adef output=$((gorelease -base ${{ env.COMPARETO }}) 2>&1 || true) printf "GORELEASE<> $GITHUB_ENV - name: Check Compatibility - if: env.INITIAL_RUN == 'false' && env.COMPARETO != '' + if: env.TAG_EXISTS == 'false' && env.COMPARETO != '' run: | go install github.com/smola/gocompat/cmd/gocompat@8498b97a44792a3a6063c47014726baa63e2e669 # v0.3.0 output=$(gocompat compare --go1compat --git-refs="${{ env.COMPARETO }}..HEAD" ./... || true) @@ -129,10 +127,10 @@ jobs: ``` ${{ env.RELEASE_BRANCH_NOTE }} EOF' >> $GITHUB_ENV - if: env.INITIAL_RUN == 'false' && env.COMPARETO != '' + if: env.TAG_EXISTS == 'false' && env.COMPARETO != '' - name: Post message on PR uses: marocchino/sticky-pull-request-comment@82e7a0d3c51217201b3fedc4ddde6632e969a477 # v2.1.1 - if: env.INITIAL_RUN == 'false' && env.COMPARETO != '' && github.event.pull_request.head.repo.full_name == github.repository + if: env.TAG_EXISTS == 'false' && env.COMPARETO != '' && github.event.pull_request.head.repo.full_name == github.repository with: header: release-check recreate: true @@ -143,4 +141,4 @@ jobs: message="${message//$'\n'/'%0A'}" message="${message//$'\r'/'%0D'}" echo "::notice ::$message" - if: env.INITIAL_RUN == 'false' && env.COMPARETO != '' && github.event.pull_request.head.repo.full_name != github.repository + if: env.TAG_EXISTS == 'false' && env.COMPARETO != '' && github.event.pull_request.head.repo.full_name != github.repository diff --git a/README.md b/README.md index 93481c1d..37b82d46 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ Some repositories may require some pre-setup steps to be run before tests (or co runs: using: "composite" steps: - - name: Step 1 + - name: Step 1 shell: bash run: echo "do some initial setup" - name: Step 2 @@ -60,5 +60,11 @@ If you want your project to participle, please send a PR which adds your reposit ## Development +### Branches + The `master` branch contains currently deployed workflows. When we make minor changes to these workflows, we don't always want these changes to get deployed to all hundreds of repositories, as this creates a lot of unnecessary noise. Minor changes to the workflows are therefore merged into the [`next`](https://github.com/protocol/.github/tree/next) branch. When the time has come, we create a PR from the `next` branch to `master` to trigger a deployment to all repositores. + +### IDE + +If you're using [Visual Studio Code](https://code.visualstudio.com/) for development, you might want to install the [YAML](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml) extension. It is configured to perform GitHub workflow/action linting out-of-the-box. If you're using a different IDE, you can check if a [client](https://github.com/redhat-developer/yaml-language-server#clients) for it exists. diff --git a/templates/.github/workflows/automerge.yml b/templates/.github/workflows/automerge.yml index 13da9c15..d57c2a02 100644 --- a/templates/.github/workflows/automerge.yml +++ b/templates/.github/workflows/automerge.yml @@ -1,50 +1,8 @@ -# Automatically merge pull requests opened by web3-bot, as soon as (and only if) all tests pass. -# This reduces the friction associated with updating with our workflows. - -on: [ pull_request ] name: Automerge +on: [ pull_request ] jobs: - automerge-check: - if: github.event.pull_request.user.login == 'web3-bot' - runs-on: ubuntu-latest - outputs: - status: ${{ steps.should-automerge.outputs.status }} - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Check if we should automerge - id: should-automerge - run: | - for commit in $(git rev-list --first-parent origin/${{ github.event.pull_request.base.ref }}..${{ github.event.pull_request.head.sha }}); do - committer=$(git show --format=$'%ce' -s $commit) - echo "Committer: $committer" - if [[ "$committer" != "web3-bot@users.noreply.github.com" ]]; then - echo "Commit $commit wasn't committed by web3-bot, but by $committer." - echo "::set-output name=status::false" - exit - fi - done - echo "::set-output name=status::true" automerge: - needs: automerge-check - runs-on: ubuntu-latest - # The check for the user is redundant here, as this job depends on the automerge-check job, - # but it prevents this job from spinning up, just to be skipped shortly after. - if: github.event.pull_request.user.login == 'web3-bot' && needs.automerge-check.outputs.status == 'true' - steps: - - name: Wait on tests - uses: lewagon/wait-on-check-action@bafe56a6863672c681c3cf671f5e10b20abf2eaa # v0.2 - with: - ref: ${{ github.event.pull_request.head.sha }} - repo-token: ${{ secrets.GITHUB_TOKEN }} - wait-interval: 10 - running-workflow-name: 'automerge' # the name of this job - - name: Merge PR - uses: pascalgn/automerge-action@741c311a47881be9625932b0a0de1b0937aab1ae # v0.13.1 - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - MERGE_LABELS: "" - MERGE_METHOD: "squash" - MERGE_DELETE_BRANCH: true + uses: protocol/.github/.github/workflows/automerge.yml@master + with: + job: 'automerge' diff --git a/templates/.github/workflows/go-check.yml b/templates/.github/workflows/go-check.yml index 494d4814..3b7cc2c8 100644 --- a/templates/.github/workflows/go-check.yml +++ b/templates/.github/workflows/go-check.yml @@ -13,7 +13,7 @@ jobs: submodules: recursive - uses: actions/setup-go@v2 with: - go-version: "1.17.x" + go-version: "1.18.x" - name: Run repo-specific setup uses: ./.github/actions/go-check-setup if: hashFiles('./.github/actions/go-check-setup') != '' @@ -24,7 +24,7 @@ jobs: echo "RUNGOGENERATE=true" >> $GITHUB_ENV fi - name: Install staticcheck - run: go install honnef.co/go/tools/cmd/staticcheck@c8caa92bad8c27ae734c6725b8a04932d54a147b # 2021.1.2 (v0.2.2) + run: go install honnef.co/go/tools/cmd/staticcheck@d7e217c1ff411395475b2971c0824e1e7cc1af98 # 2022.1 (v0.3.0) - name: Check that go.mod is tidy uses: protocol/multiple-go-modules@v1.2 with: @@ -68,4 +68,3 @@ jobs: git status --short exit 1 fi - diff --git a/templates/.github/workflows/go-test.yml b/templates/.github/workflows/go-test.yml index 01294752..b321ae83 100644 --- a/templates/.github/workflows/go-test.yml +++ b/templates/.github/workflows/go-test.yml @@ -7,11 +7,11 @@ jobs: fail-fast: false matrix: os: [ "ubuntu", "windows", "macos" ] - go: [ "1.16.x", "1.17.x" ] + go: [ "1.17.x", "1.18.x" ] env: COVERAGES: "" - runs-on: ${{ matrix.os }}-latest - name: ${{ matrix.os}} (go ${{ matrix.go }}) + runs-on: ${{ format('{0}-latest', matrix.os) }} + name: ${{ matrix.os }} (go ${{ matrix.go }}) steps: - uses: actions/checkout@v2 with: @@ -47,7 +47,9 @@ jobs: env: GOARCH: 386 with: - run: go test -v ./... + run: | + export "PATH=${{ env.PATH_386 }}:$PATH" + go test -v ./... - name: Run tests with race detector if: ${{ matrix.os == 'ubuntu' }} # speed things up. Windows and OSX VMs are slow uses: protocol/multiple-go-modules@v1.2