Skip to content

Commit

Permalink
Adds lint workflow for yaml and link checking (#228)
Browse files Browse the repository at this point in the history 
originally added here openzipkin/zipkin-gcp#212

Signed-off-by: Adrian Cole <adrian@tetrate.io>
  • Loading branch information
@codefromthecrypt
codefromthecrypt authored May 26, 2024
1 parent 4ac65b2 commit 079e79f
Show file tree
Hide file tree
Showing 10 changed files with 181 additions and 96 deletions.
25 changes: 12 additions & 13 deletions .github/workflows/create_release.yml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
# yamllint --format github .github/workflows/create_release.yml
---
name: create_release

# We create a release version on a trigger tag, regardless of if the commit is documentation-only.
#
# See https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
on:
# We create a release version on a trigger tag, regardless of if the commit is
# documentation-only.
on: # yamllint disable-line rule:truthy
push:
tags: 'release-[0-9]+.[0-9]+.[0-9]+**' # Ex. release-1.2.3
tags: # e.g. release-1.2.3
- 'release-[0-9]+.[0-9]+.[0-9]+**'

jobs:
create_release:
Expand All @@ -16,8 +15,8 @@ jobs:
- name: Checkout Repository
uses: actions/checkout@v4
with:
# Prevent use of implicit GitHub Actions read-only token GITHUB_TOKEN. We don't deploy on
# the tag MAJOR.MINOR.PATCH event, but we still need to deploy the maven-release-plugin master commit.
# Prevent use of implicit GitHub Actions read-only GITHUB_TOKEN
# because maven-release-plugin pushes commits to master.
token: ${{ secrets.GH_TOKEN }}
- name: Setup java
uses: actions/setup-java@v4
Expand All @@ -28,16 +27,16 @@ jobs:
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
key: ${{ runner.os }}-jdk-17-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-17-maven-
- name: Create Release
env:
# GH_USER=<user that created GH_TOKEN>
GH_USER: ${{ secrets.GH_USER }}
# GH_TOKEN=<hex token value>
# - makes release commits and tags
# - needs repo:status, public_repo
# - referenced in .settings.xml
# * makes release commits and tags
# * needs repo:status, public_repo
# * referenced in .settings.xml
GH_TOKEN: ${{ secrets.GH_TOKEN }}
run: | # GITHUB_REF will be refs/tags/release-MAJOR.MINOR.PATCH
build-bin/git/login_git &&
Expand Down
48 changes: 22 additions & 26 deletions .github/workflows/deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,24 +4,21 @@ name: deploy

# We deploy on master and release versions, regardless of if the commit is
# documentation-only or not.
#
# See https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
on:
on: # yamllint disable-line rule:truthy
push:
# Don't deploy tags as they conflict with [maven-release-plugin] prepare release MAJOR.MINOR.PATCH
tags: ''
branches: master
branches:
- master
# Don't deploy tags because the same commit for MAJOR.MINOR.PATCH is also
# on master: Redundant deployment of a release version will fail uploading.
tags-ignore:
- '*'

jobs:
deploy:
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
# Prevent use of implicit GitHub Actions read-only token GITHUB_TOKEN.
# We push Javadocs to the gh-pages branch on commit.
token: ${{ secrets.GH_TOKEN }}
- name: Setup java
uses: actions/setup-java@v4
with:
Expand All @@ -31,8 +28,8 @@ jobs:
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
key: ${{ runner.os }}-jdk-17-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-17-maven-
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
Expand All @@ -41,31 +38,30 @@ jobs:
# GH_USER=<user that created GH_TOKEN>
GH_USER: ${{ secrets.GH_USER }}
# GH_TOKEN=<hex token value>
# - pushes gh-pages during build-bin/javadoc_to_gh_pages
# - pushes Docker images to ghcr.io
# - create via https://github.com/settings/tokens
# - needs repo:status, public_repo, write:packages, delete:packages
# * pushes gh-pages during build-bin/javadoc_to_gh_pages
# * pushes Docker images to ghcr.io
# * create via https://github.com/settings/tokens
# * needs repo:status, public_repo, write:packages, delete:packages
GH_TOKEN: ${{ secrets.GH_TOKEN }}
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
# GPG_PASSPHRASE=<passphrase for GPG_SIGNING_KEY>
# - referenced in .settings.xml
# * referenced in .settings.xml
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
# SONATYPE_USER=<sonatype account token>
# - deploys snapshots and releases to Sonatype
# - needs access to io.zipkin via https://issues.sonatype.org/browse/OSSRH-16669
# - generate via https://oss.sonatype.org/#profile;User%20Token
# - referenced in .settings.xml
# * deploys snapshots and releases to Sonatype
# * needs access to io.zipkin via OSSRH-16669
# * generate via https://oss.sonatype.org/#profile;User%20Token
# * referenced in .settings.xml
SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
# SONATYPE_PASSWORD=<password to sonatype account token>
# - referenced in .settings.xml
# * referenced in .settings.xml
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
# DOCKERHUB_USER=<typically dockerzipkindeployer>
# - only push top-level projects: zipkin zipkin-aws zipkin-dependencies zipkin-gcp to Docker Hub, only on release
# - login like this: echo "$DOCKERHUB_TOKEN"| docker login -u "$DOCKERHUB_USER" --password-stdin
# * only push repos in openzipkin org to Docker Hub on release
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
# DOCKERHUB_TOKEN=<access token for DOCKERHUB_USER>
# - Access Token from here https://hub.docker.com/settings/security
# * Access Token from here https://hub.docker.com/settings/security
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
run: | # GITHUB_REF will be refs/heads/master or refs/tags/MAJOR.MINOR.PATCH
run: | # GITHUB_REF = refs/heads/master or refs/tags/MAJOR.MINOR.PATCH
build-bin/configure_deploy &&
build-bin/deploy $(echo ${GITHUB_REF} | cut -d/ -f 3)
24 changes: 11 additions & 13 deletions .github/workflows/docker_push.yml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
# yamllint --format github .github/workflows/docker_push.yml
---
name: docker_push

# We re-push docker images on a trigger tag, regardless of if the commit is documentation-only.
#
# See https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
on:
# We re-push docker on a trigger tag, regardless of if the commit is
# documentation-only.
on: # yamllint disable-line rule:truthy
push:
tags: 'docker-[0-9]+.[0-9]+.[0-9]+**' # Ex. docker-1.2.3
tags: # e.g. docker-1.2.3
- 'docker-[0-9]+.[0-9]+.[0-9]+**'

jobs:
docker_push:
Expand All @@ -19,22 +18,21 @@ jobs:
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: Docker Push
run: | # GITHUB_REF will be refs/tags/docker-MAJOR.MINOR.PATCH
run: | # GITHUB_REF = refs/tags/docker-MAJOR.MINOR.PATCH
build-bin/git/login_git &&
build-bin/docker/configure_docker_push &&
build-bin/docker_push $(echo ${GITHUB_REF} | cut -d/ -f 3)
env:
# GH_USER=<user that created GH_TOKEN>
GH_USER: ${{ secrets.GH_USER }}
# GH_TOKEN=<hex token value>
# - pushes Docker images to ghcr.io
# - create via https://github.com/settings/tokens
# - needs repo:status, public_repo, write:packages, delete:packages
# * pushes Docker images to ghcr.io
# * create via https://github.com/settings/tokens
# * needs repo:status, public_repo, write:packages, delete:packages
GH_TOKEN: ${{ secrets.GH_TOKEN }}
# DOCKERHUB_USER=<typically dockerzipkindeployer>
# - only push top-level projects: zipkin zipkin-aws zipkin-dependencies zipkin-gcp to Docker Hub, only on release
# - login like this: echo "$DOCKERHUB_TOKEN"| docker login -u "$DOCKERHUB_USER" --password-stdin
# * only push repos in openzipkin org to Docker Hub on release
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
# DOCKERHUB_TOKEN=<access token for DOCKERHUB_USER>
# - Access Token from here https://hub.docker.com/settings/security
# * Access Token from here https://hub.docker.com/settings/security
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
36 changes: 36 additions & 0 deletions .github/workflows/lint.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
---
name: lint

on: # yamllint disable-line rule:truthy
push: # non-tagged pushes to master
branches:
- master
tags-ignore:
- '*'
paths:
- '**/*.md'
- '.github/workflows/*.yml'
- './build-bin/*lint'
- ./build-bin/mlc_config.json
pull_request: # pull requests targeted at the master branch.
branches:
- master
paths:
- '**/*.md'
- '.github/workflows/*.yml'
- './build-bin/*lint'
- ./build-bin/mlc_config.json

jobs:
lint:
name: lint
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
# skip commits made by the release plugin
if: "!contains(github.event.head_commit.message, 'maven-release-plugin')"
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Lint
run: |
build-bin/configure_lint
build-bin/lint
76 changes: 48 additions & 28 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
@@ -1,42 +1,61 @@
# yamllint --format github .github/workflows/test.yml
---
name: test

# We don't test documentation-only commits.
on:
# We run tests on non-tagged pushes to master that aren't a commit made by the release plugin
push:
tags: ''
branches: master
paths-ignore: '**/*.md'
# We also run tests on pull requests targeted at the master branch.
pull_request:
branches: master
paths-ignore: '**/*.md'
on: # yamllint disable-line rule:truthy
push: # non-tagged pushes to master
branches:
- master
tags-ignore:
- '*'
paths-ignore:
- '**/*.md'
- './build-bin/*lint'
- ./build-bin/mlc_config.json
pull_request: # pull requests targeted at the master branch.
branches:
- master
paths-ignore:
- '**/*.md'
- './build-bin/*lint'
- ./build-bin/mlc_config.json

jobs:
test:
name: test (JDK 17)
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
# skip commits made by the release plugin
if: "!contains(github.event.head_commit.message, 'maven-release-plugin')"
strategy:
fail-fast: false # don't fail fast as some failures are LTS specific
matrix: # match with maven-enforcer-plugin rules in pom.xml
include:
- java_version: 17 # earliest LTS supported by Spring Boot 3
maven_args: -Prelease -Dgpg.skip
- java_version: 21 # Most recent LTS
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Cache local Maven repository
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '17' # until Spark 4 per SPARK-43831
- name: Cache local Maven repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
# yamllint disable-line rule:line-length
key: ${{ runner.os }}-jdk-17-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-17-maven-
- name: Test without Docker
run: build-bin/maven/maven_go_offline && build-bin/test -DexcludedGroups=docker
run: |
build-bin/maven/maven_go_offline &&
build-bin/test -DexcludedGroups=docker
test_docker:
name: test_docker (${{ matrix.name }})
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
# skip commits made by the release plugin
if: "!contains(github.event.head_commit.message, 'maven-release-plugin')"
strategy:
matrix:
Expand All @@ -59,20 +78,21 @@ jobs:
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '17' # until Spark 4 per SPARK-43831
- name: Cache local Maven repository
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
# yamllint disable-line rule:line-length
key: ${{ runner.os }}-jdk-17-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-17-maven-
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '17' # until Spark 4 per SPARK-43831
- name: Test with Docker
run: |
build-bin/docker/configure_docker &&
Expand Down
37 changes: 24 additions & 13 deletions .github/workflows/test_readme.yml
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,31 @@
# yamllint --format github .github/workflows/test_readme.yml
---
name: test_readme

# These test build commands mentioned in various README.md files.
#
# This doesn't literally scrape the README.md, so we don't test documentation-only commits.
on:
# We run tests on only on pull requests targeted at the master branch.
# * This skips master pushes as it is rare things not done in PRs break, and conserves resources
pull_request:
branches: master
paths-ignore: '**/*.md'
# We don't test documentation-only commits.
on: # yamllint disable-line rule:truthy
push: # non-tagged pushes to master
branches:
- master
tags-ignore:
- '*'
paths-ignore:
- '**/*.md'
- './build-bin/*lint'
- ./build-bin/mlc_config.json
pull_request: # pull requests targeted at the master branch.
branches:
- master
paths-ignore:
- '**/*.md'
- './build-bin/*lint'
- ./build-bin/mlc_config.json

jobs:
zipkin-dependencies:
zipkin-server:
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
# skip commits made by the release plugin
steps:
- name: Checkout Repository
uses: actions/checkout@v4
Expand All @@ -24,16 +35,16 @@ jobs:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '17' # until Spark 4 per SPARK-43831
- name: Cache local Maven repository
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
key: ${{ runner.os }}-jdk-17-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-17-maven-
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: README.md # Tests the build which is re-used for docker
run: ./mvnw -T1C -q --batch-mode -DskipTests -Denforcer.fail=false package
run: ./mvnw -T1C -q --batch-mode -DskipTests package
- name: docker/README.md
run: build-bin/docker/docker_build openzipkin/zipkin-dependencies:test
env:
Expand Down
Loading

0 comments on commit 079e79f

Please sign in to comment.