From 9f895bdaa984800eb6c1b35f4ec58ea7ff10b099 Mon Sep 17 00:00:00 2001 From: Jin Seop Kim <1007sky@gmail.com> Date: Wed, 9 Jul 2025 12:52:09 -0700 Subject: [PATCH] ci: configure the protected branch --- .github/workflows/ci.yaml | 171 +++++++++---------- .github/workflows/downstream.yaml | 267 +++++++++++++++--------------- .github/workflows/sonar.yaml | 77 ++++----- 3 files changed, 256 insertions(+), 259 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 16eb9cb37..9362fff3a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,23 +1,8 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# GitHub action job to test core java library features on -# downstream client libraries before they are released. -on: +'on': push: branches: - - main - pull_request: + - 1.37.x + pull_request: null name: ci jobs: units: @@ -25,36 +10,43 @@ jobs: strategy: fail-fast: false matrix: - java: [11, 17, 21, 24] + java: + - 11 + - 17 + - 21 + - 24 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: ${{matrix.java}} - - run: java -version - - run: .kokoro/build.sh - env: - JOB_TYPE: test + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: ${{matrix.java}} + - run: java -version + - run: .kokoro/build.sh + env: + JOB_TYPE: test units-logging: runs-on: ubuntu-latest strategy: fail-fast: false matrix: - java: [11, 17, 21, 24] + java: + - 11 + - 17 + - 21 + - 24 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: ${{matrix.java}} - - run: java -version - - run: .kokoro/build.sh - env: - JOB_TYPE: test-logging + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: ${{matrix.java}} + - run: java -version + - run: .kokoro/build.sh + env: + JOB_TYPE: test-logging units-java8: - # Building using Java 17 and run the tests with Java 8 runtime - name: "units (8)" + name: units (8) runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -62,9 +54,9 @@ jobs: with: java-version: 8 distribution: temurin - - name: "Set jvm system property environment variable for surefire plugin (unit tests)" - # Maven surefire plugin (unit tests) allows us to specify JVM to run the tests. - # https://maven.apache.org/surefire/maven-surefire-plugin/test-mojo.html#jvm + - name: >- + Set jvm system property environment variable for surefire plugin (unit + tests) run: echo "SUREFIRE_JVM_OPT=-Djvm=${JAVA_HOME}/bin/java" >> $GITHUB_ENV shell: bash - uses: actions/setup-java@v4 @@ -77,63 +69,64 @@ jobs: windows: runs-on: windows-latest steps: - - name: Support longpaths - run: git config --system core.longpaths true - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 8 - - run: java -version - - run: .kokoro/build.bat - env: - JOB_TYPE: test + - name: Support longpaths + run: git config --system core.longpaths true + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: 8 + - run: java -version + - run: .kokoro/build.bat + env: + JOB_TYPE: test dependencies: runs-on: ubuntu-latest strategy: matrix: - java: [17] + java: + - 17 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: ${{matrix.java}} - - run: java -version - - run: .kokoro/dependencies.sh + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: ${{matrix.java}} + - run: java -version + - run: .kokoro/dependencies.sh javadoc: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 17 - - run: java -version - - run: .kokoro/build.sh - env: - JOB_TYPE: javadoc + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: 17 + - run: java -version + - run: .kokoro/build.sh + env: + JOB_TYPE: javadoc lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 17 - - run: java -version - - run: .kokoro/build.sh - env: - JOB_TYPE: lint + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: 17 + - run: java -version + - run: .kokoro/build.sh + env: + JOB_TYPE: lint clirr: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 8 - - run: java -version - - run: .kokoro/build.sh - env: - JOB_TYPE: clirr + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: 8 + - run: java -version + - run: .kokoro/build.sh + env: + JOB_TYPE: clirr diff --git a/.github/workflows/downstream.yaml b/.github/workflows/downstream.yaml index d534c664d..9d3ee5696 100644 --- a/.github/workflows/downstream.yaml +++ b/.github/workflows/downstream.yaml @@ -1,8 +1,9 @@ -on: +'on': pull_request: - types: [ labeled ] + types: + - labeled branches: - - main + - 1.37.x name: downstream jobs: dependencies: @@ -11,134 +12,136 @@ jobs: strategy: fail-fast: false matrix: - java: [17] + java: + - 17 repo: - # This list needs to be updated manually until an automated solution is in place. - - accessapproval - - accesscontextmanager - - aiplatform - - analytics-admin - - analytics-data - - api-gateway - - apigee-connect - - appengine-admin - - area120-tables - - artifact-registry - - asset - - assured-workloads - - automl - - bigquery - - bigqueryconnection - - bigquerydatatransfer - - bigquerymigration - - bigqueryreservation - - bigtable - - billing - - billingbudgets - - binary-authorization - - channel - - cloudbuild - - compute - - contact-center-insights - - container - - containeranalysis - - data-fusion - - datacatalog - - dataflow - - datalabeling - - dataproc - - dataproc-metastore - - datastore - - datastream - - debugger-client - - deploy - - dialogflow - - dialogflow-cx - - dlp - - dms - - dns - - document-ai - - domains - - errorreporting - - essential-contacts - - eventarc - - filestore - - firestore - - functions - - game-servers - - gke-connect-gateway - - gkehub - - gsuite-addons - - iam-admin - - iamcredentials - - iot - - kms - - language - - life-sciences - - logging - - logging-logback - - managed-identities - - mediatranslation - - memcache - - monitoring - - monitoring-dashboards - - network-management - - network-security - - networkconnectivity - - notebooks - - orchestration-airflow - - orgpolicy - - os-config - - os-login - - phishingprotection - - policy-troubleshooter - - private-catalog - - profiler - - pubsublite - - recaptchaenterprise - - recommendations-ai - - recommender - - redis - - resource-settings - - resourcemanager - - retail - - scheduler - - secretmanager - - security-private-ca - - securitycenter - - securitycenter-settings - - service-control - - service-management - - service-usage - - servicedirectory - - shell - - spanner - - spanner-jdbc - - speech - - storage - - storage-nio - - storage-transfer - - talent - - tasks - - texttospeech - - tpu - - trace - - translate - - video-intelligence - - video-transcoder - - vision - - vpcaccess - - webrisk - - websecurityscanner - - workflow-executions - - workflows + - accessapproval + - accesscontextmanager + - aiplatform + - analytics-admin + - analytics-data + - api-gateway + - apigee-connect + - appengine-admin + - area120-tables + - artifact-registry + - asset + - assured-workloads + - automl + - bigquery + - bigqueryconnection + - bigquerydatatransfer + - bigquerymigration + - bigqueryreservation + - bigtable + - billing + - billingbudgets + - binary-authorization + - channel + - cloudbuild + - compute + - contact-center-insights + - container + - containeranalysis + - data-fusion + - datacatalog + - dataflow + - datalabeling + - dataproc + - dataproc-metastore + - datastore + - datastream + - debugger-client + - deploy + - dialogflow + - dialogflow-cx + - dlp + - dms + - dns + - document-ai + - domains + - errorreporting + - essential-contacts + - eventarc + - filestore + - firestore + - functions + - game-servers + - gke-connect-gateway + - gkehub + - gsuite-addons + - iam-admin + - iamcredentials + - iot + - kms + - language + - life-sciences + - logging + - logging-logback + - managed-identities + - mediatranslation + - memcache + - monitoring + - monitoring-dashboards + - network-management + - network-security + - networkconnectivity + - notebooks + - orchestration-airflow + - orgpolicy + - os-config + - os-login + - phishingprotection + - policy-troubleshooter + - private-catalog + - profiler + - pubsublite + - recaptchaenterprise + - recommendations-ai + - recommender + - redis + - resource-settings + - resourcemanager + - retail + - scheduler + - secretmanager + - security-private-ca + - securitycenter + - securitycenter-settings + - service-control + - service-management + - service-usage + - servicedirectory + - shell + - spanner + - spanner-jdbc + - speech + - storage + - storage-nio + - storage-transfer + - talent + - tasks + - texttospeech + - tpu + - trace + - translate + - video-intelligence + - video-transcoder + - vision + - vpcaccess + - webrisk + - websecurityscanner + - workflow-executions + - workflows steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: zulu - java-version: ${{matrix.java}} - - run: java -version - - run: sudo apt-get update -y - - run: sudo apt-get install libxml2-utils - - run: .kokoro/downstream-client-library-check.sh google-auth-library-bom ${{matrix.repo}} + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: zulu + java-version: ${{matrix.java}} + - run: java -version + - run: sudo apt-get update -y + - run: sudo apt-get install libxml2-utils + - run: >- + .kokoro/downstream-client-library-check.sh google-auth-library-bom + ${{matrix.repo}} diff --git a/.github/workflows/sonar.yaml b/.github/workflows/sonar.yaml index 4d8f793c1..06159996b 100644 --- a/.github/workflows/sonar.yaml +++ b/.github/workflows/sonar.yaml @@ -1,48 +1,49 @@ name: SonarCloud -on: +'on': push: branches: - - main + - 1.37.x pull_request: - types: [opened, synchronize, reopened] + types: + - opened + - synchronize + - reopened jobs: build: name: Build runs-on: ubuntu-22.04 - # Sonar Token can't be passed to PRs from forks. Disable Sonar workflow unless PR is from a branch. if: github.event.pull_request.head.repo.full_name == github.repository steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: 17 - distribution: temurin - - name: Cache SonarCloud packages - uses: actions/cache@v4 - with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - name: Cache Maven packages - uses: actions/cache@v4 - with: - path: ~/.m2 - key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-m2 - - name: Build and analyze for full test coverage - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: | - mvn -B verify -Dcheckstyle.skip \ - -Djacoco.skip=true \ - -DenableFullTestCoverage \ - -Dsonar.coverage.jacoco.xmlReportPaths=oauth2_http/target/site/jacoco/jacoco.xml \ - org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ - -Dsonar.projectKey=googleapis_google-auth-library-java \ - -Dsonar.organization=googleapis \ - -Dsonar.host.url=https://sonarcloud.io - + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: 17 + distribution: temurin + - name: Cache SonarCloud packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Maven packages + uses: actions/cache@v4 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build and analyze for full test coverage + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: | + mvn -B verify -Dcheckstyle.skip \ + -Djacoco.skip=true \ + -DenableFullTestCoverage \ + -Dsonar.coverage.jacoco.xmlReportPaths=oauth2_http/target/site/jacoco/jacoco.xml \ + org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ + -Dsonar.projectKey=googleapis_google-auth-library-java \ + -Dsonar.organization=googleapis \ + -Dsonar.host.url=https://sonarcloud.io