diff --git a/.github/workflows/accessTests.yml b/.github/workflows/accessTests.yml index 3d6cc3ae7..554c789c2 100644 --- a/.github/workflows/accessTests.yml +++ b/.github/workflows/accessTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -25,11 +25,11 @@ jobs: matrix: os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Skip macOS - JGC-413 diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 93428c9a6..8d8a13603 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -4,7 +4,7 @@ on: push: branches: - "master" - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" diff --git a/.github/workflows/artifactoryTests.yml b/.github/workflows/artifactoryTests.yml index 55c3c07f6..a22443fd4 100644 --- a/.github/workflows/artifactoryTests.yml +++ b/.github/workflows/artifactoryTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -23,11 +23,11 @@ jobs: suite: [artifactory, artifactoryProject] os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} env: JFROG_CLI_LOG_LEVEL: DEBUG diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index cd55a6506..0a8419728 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -2,9 +2,9 @@ name: "CLA Assistant" on: # issue_comment triggers this action on each comment on issues and pull requests issue_comment: - types: [ created ] - pull_request_target: - types: [ opened, synchronize ] + types: [created] + pull_request: + types: [opened, synchronize] jobs: CLAssistant: runs-on: ubuntu-latest @@ -15,4 +15,4 @@ jobs: event_comment_body: ${{ github.event.comment.body }} event_name: ${{ github.event_name }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CLA_SIGN_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }} \ No newline at end of file + CLA_SIGN_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }} diff --git a/.github/workflows/distributionTests.yml b/.github/workflows/distributionTests.yml index 3f159c646..8c1ee5df9 100644 --- a/.github/workflows/distributionTests.yml +++ b/.github/workflows/distributionTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" diff --git a/.github/workflows/dockerTests.yml b/.github/workflows/dockerTests.yml index af407dab2..bc26cc617 100644 --- a/.github/workflows/dockerTests.yml +++ b/.github/workflows/dockerTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -16,8 +16,13 @@ concurrency: cancel-in-progress: true jobs: Docker-tests: - name: ubuntu-latest - runs-on: ubuntu-latest + name: Docker tests (${{ matrix.os.name }}) + strategy: + matrix: + os: + - name: ubuntu + version: 24.04 + runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Checkout code uses: actions/checkout@v4 diff --git a/.github/workflows/frogbot-scan-pull-request.yml b/.github/workflows/frogbot-scan-pull-request.yml index 4e0b624cc..06f6cea68 100644 --- a/.github/workflows/frogbot-scan-pull-request.yml +++ b/.github/workflows/frogbot-scan-pull-request.yml @@ -1,6 +1,6 @@ name: "Frogbot Scan Pull Request" on: - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -102,7 +102,7 @@ jobs: # [Optional, default: "TRUE"] # Fails the Frogbot task if any security issue is found. - # JF_FAIL: "FALSE" + JF_FAIL: "FALSE" # [Optional] # Frogbot will download the project dependencies if they're not cached locally. To download the diff --git a/.github/workflows/frogbot-scan-repository.yml b/.github/workflows/frogbot-scan-repository.yml deleted file mode 100644 index d43ada249..000000000 --- a/.github/workflows/frogbot-scan-repository.yml +++ /dev/null @@ -1,130 +0,0 @@ -name: "Frogbot Scan Repository" -on: - workflow_dispatch: - schedule: - # The repository will be scanned once a day at 00:00 GMT. - - cron: "0 0 * * *" -permissions: - contents: write - pull-requests: write - security-events: write -jobs: - scan-repository: - name: Scan Repository (${{ matrix.branch }} branch) - runs-on: ubuntu-latest - strategy: - matrix: - # The repository scanning will be triggered periodically on the following branches. - branch: [ "dev" ] - steps: - - name: Setup Go with cache - uses: jfrog/.github/actions/install-go-with-cache@main - - - uses: jfrog/frogbot@v2 - env: - JFROG_CLI_LOG_LEVEL: "DEBUG" - - # [Mandatory] - # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray) - JF_URL: ${{ secrets.FROGBOT_URL }} - - # [Mandatory if JF_USER and JF_PASSWORD are not provided] - # JFrog access token with 'read' permissions on Xray service - JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }} - - # [Mandatory if JF_ACCESS_TOKEN is not provided] - # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD - # JF_USER: ${{ secrets.JF_USER }} - - # [Mandatory if JF_ACCESS_TOKEN is not provided] - # JFrog password. Must be provided with JF_USER - # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} - - # [Mandatory] - # The GitHub token is automatically generated for the job - JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - # [Mandatory] - # The name of the branch on which Frogbot will perform the scan - JF_GIT_BASE_BRANCH: ${{ matrix.branch }} - - # [Optional, default: https://api.github.com] - # API endpoint to GitHub - # JF_GIT_API_ENDPOINT: https://github.example.com - - # [Optional] - # By default, the Frogbot workflows download the Frogbot executable as well as other tools - # needed from https://releases.jfrog.io - # If the machine that runs Frogbot has no access to the internet, follow these steps to allow the - # executable to be downloaded from an Artifactory instance, which the machine has access to: - # - # 1. Login to the Artifactory UI, with a user who has admin credentials. - # 2. Create a Remote Repository with the following properties set. - # Under the 'Basic' tab: - # Package Type: Generic - # URL: https://releases.jfrog.io - # Under the 'Advanced' tab: - # Uncheck the 'Store Artifacts Locally' option - # 3. Set the value of the 'JF_RELEASES_REPO' variable with the Repository Key you created. - # JF_RELEASES_REPO: "" - - ########################################################################## - ## If your project uses a 'frogbot-config.yml' file, you can define ## - ## the following variables inside the file, instead of here. ## - ########################################################################## - - # [Optional, default: "."] - # Relative path to the root of the project in the Git repository - # JF_WORKING_DIR: path/to/project/dir - - # [Optional] - # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches - # JF_WATCHES: ,... - - # [Optional] - # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects - # JF_PROJECT: - - # [Optional, default: "TRUE"] - # Fails the Frogbot task if any security issue is found. - # JF_FAIL: "FALSE" - - # [Optional] - # Frogbot will download the project dependencies, if they're not cached locally. To download the - # dependencies from a virtual repository in Artifactory, set the name of the repository. There's no - # need to set this value, if it is set in the frogbot-config.yml file. - # JF_DEPS_REPO: "" - - # [Optional] - # Template for the branch name generated by Frogbot when creating pull requests with fixes. - # The template must include ${BRANCH_NAME_HASH}, to ensure that the generated branch name is unique. - # The template can optionally include the ${IMPACTED_PACKAGE} and ${FIX_VERSION} variables. - # JF_BRANCH_NAME_TEMPLATE: "frogbot-${IMPACTED_PACKAGE}-${BRANCH_NAME_HASH}" - - # [Optional] - # Template for the commit message generated by Frogbot when creating pull requests with fixes - # The template can optionally include the ${IMPACTED_PACKAGE} and ${FIX_VERSION} variables. - # JF_COMMIT_MESSAGE_TEMPLATE: "Upgrade ${IMPACTED_PACKAGE} to ${FIX_VERSION}" - - # [Optional] - # Template for the pull request title generated by Frogbot when creating pull requests with fixes. - # The template can optionally include the ${IMPACTED_PACKAGE} and ${FIX_VERSION} variables. - # JF_PULL_REQUEST_TITLE_TEMPLATE: "[🐸 Frogbot] Upgrade ${IMPACTED_PACKAGE} to ${FIX_VERSION}" - - # [Optional, Default: "FALSE"] - # If TRUE, Frogbot creates a single pull request with all the fixes. - # If FALSE, Frogbot creates a separate pull request for each fix. - # JF_GIT_AGGREGATE_FIXES: "FALSE" - - # [Optional, Default: "FALSE"] - # Handle vulnerabilities with fix versions only - # JF_FIXABLE_ONLY: "TRUE" - - # [Optional] - # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests - # The following values are accepted: Low, Medium, High or Critical - # JF_MIN_SEVERITY: "" - - # [Optional, Default: eco-system+frogbot@jfrog.com] - # Set the email of the commit author - # JF_GIT_EMAIL_AUTHOR: "" diff --git a/.github/workflows/goTests.yml b/.github/workflows/goTests.yml index e10580c93..f35f11adf 100644 --- a/.github/workflows/goTests.yml +++ b/.github/workflows/goTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" diff --git a/.github/workflows/gradleTests.yml b/.github/workflows/gradleTests.yml index 2e96dd238..f07ee4502 100644 --- a/.github/workflows/gradleTests.yml +++ b/.github/workflows/gradleTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -22,43 +22,33 @@ jobs: matrix: os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 gradle-version: [5.6.4, 8.3] runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} env: GRADLE_OPTS: -Dorg.gradle.daemon=false steps: - - name: Skip macOS - JGC-413 - if: matrix.os.name == 'macos' - run: | - echo "::warning::JGC-413 - Skip until artifactory bootstrap in osx is fixed" - exit 0 - - name: Checkout code - if: matrix.os.name != 'macos' uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Setup Java - if: matrix.os.name != 'macos' uses: actions/setup-java@v4 with: distribution: "temurin" java-version: "11" - name: Setup Gradle - if: matrix.os.name != 'macos' uses: gradle/gradle-build-action@v2 with: gradle-version: ${{ matrix.gradle-version }} - name: Setup Go with cache - if: matrix.os.name != 'macos' uses: jfrog/.github/actions/install-go-with-cache@main - name: Debug macOS Environment and Set Timeout @@ -76,12 +66,10 @@ jobs: echo "RT_CONNECTION_TIMEOUT_SECONDS=2400" >> $GITHUB_ENV - name: Install local Artifactory - if: matrix.os.name != 'macos' uses: jfrog/.github/actions/install-local-artifactory@main with: RTLIC: ${{ secrets.RTLIC }} RT_CONNECTION_TIMEOUT_SECONDS: ${{ env.RT_CONNECTION_TIMEOUT_SECONDS || '1200' }} - name: Run Gradle tests - if: matrix.os.name != 'macos' run: go test -v github.com/jfrog/jfrog-cli --timeout 0 --test.gradle diff --git a/.github/workflows/lifecycleTests.yml b/.github/workflows/lifecycleTests.yml index 451d802a2..04af90bb0 100644 --- a/.github/workflows/lifecycleTests.yml +++ b/.github/workflows/lifecycleTests.yml @@ -7,7 +7,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" diff --git a/.github/workflows/mavenTests.yml b/.github/workflows/mavenTests.yml index 68bf0b1e0..dcc7dccf6 100644 --- a/.github/workflows/mavenTests.yml +++ b/.github/workflows/mavenTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -22,11 +22,11 @@ jobs: matrix: os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Skip macOS - JGC-413 diff --git a/.github/workflows/npmTests.yml b/.github/workflows/npmTests.yml index 98056bc0d..f93826200 100644 --- a/.github/workflows/npmTests.yml +++ b/.github/workflows/npmTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -22,11 +22,11 @@ jobs: matrix: os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Skip macOS - JGC-413 diff --git a/.github/workflows/nugetTests.yml b/.github/workflows/nugetTests.yml index 4da6edb3f..3952fb846 100644 --- a/.github/workflows/nugetTests.yml +++ b/.github/workflows/nugetTests.yml @@ -6,7 +6,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -24,11 +24,11 @@ jobs: matrix: os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Skip macOS - JGC-413 diff --git a/.github/workflows/oidcTests.yml b/.github/workflows/oidcTests.yml index cf3556f99..91666460f 100644 --- a/.github/workflows/oidcTests.yml +++ b/.github/workflows/oidcTests.yml @@ -7,7 +7,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -29,8 +29,15 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-latest, macos-latest, windows-latest] - runs-on: ${{ matrix.os }} + os: + - name: ubuntu + version: 24.04 + - name: macos + version: latest + - name: windows + version: 2022 + name: OIDC tests (${{ matrix.os.name }}) + runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Setup Go with cache uses: jfrog/.github/actions/install-go-with-cache@main diff --git a/.github/workflows/pluginsTests.yml b/.github/workflows/pluginsTests.yml index 54a02ad4a..f12e46590 100644 --- a/.github/workflows/pluginsTests.yml +++ b/.github/workflows/pluginsTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -22,11 +22,11 @@ jobs: matrix: os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Skip macOS - JGC-413 diff --git a/.github/workflows/podmanTests.yml b/.github/workflows/podmanTests.yml index a407a1a66..55b4ae132 100644 --- a/.github/workflows/podmanTests.yml +++ b/.github/workflows/podmanTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -16,8 +16,13 @@ concurrency: cancel-in-progress: true jobs: Podman-tests: - name: ubuntu-latest - runs-on: ubuntu-latest + name: Podman tests (${{ matrix.os.name }}) + strategy: + matrix: + os: + - name: ubuntu + version: 24.04 + runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Checkout code uses: actions/checkout@v4 diff --git a/.github/workflows/pythonTests.yml b/.github/workflows/pythonTests.yml index 3dd88f40d..50030009d 100644 --- a/.github/workflows/pythonTests.yml +++ b/.github/workflows/pythonTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -23,11 +23,11 @@ jobs: suite: [pip, pipenv] os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Skip macOS - JGC-413 diff --git a/.github/workflows/removeLabel.yml b/.github/workflows/removeLabel.yml index 67be7e8d3..9d60598db 100644 --- a/.github/workflows/removeLabel.yml +++ b/.github/workflows/removeLabel.yml @@ -1,6 +1,6 @@ name: Remove Label on: - pull_request_target: + pull_request: types: [labeled] # Ensures that only the latest commit is running for each PR at a time. concurrency: diff --git a/.github/workflows/scriptTests.yml b/.github/workflows/scriptTests.yml index 5a3434a16..4848550d4 100644 --- a/.github/workflows/scriptTests.yml +++ b/.github/workflows/scriptTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -15,25 +15,34 @@ concurrency: cancel-in-progress: true jobs: Scripts-tests: - name: Script tests (${{ matrix.suite.os }}) + name: Script tests (${{ matrix.os.name }}-${{ matrix.os.version }}) defaults: run: shell: sh strategy: fail-fast: false matrix: - suite: - - os: "ubuntu-latest" + os: + - name: ubuntu + version: 24.04 + osSuffix: "" - - os: "ubuntu-22.04" + - name: ubuntu + version: 22.04 + osSuffix: "" - - os: "macos-latest" + - name: macos + version: latest + osSuffix: "" - - os: "macos-13" + - name: macos + version: 13 + osSuffix: "" - - os: "windows-latest" + - name: windows + version: 2022 osSuffix: ".exe" - runs-on: ${{ matrix.suite.os }} + runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Checkout code uses: actions/checkout@v4 @@ -74,21 +83,21 @@ jobs: Write-Host "The JFrog CLI Windows binary's certificate will expire within $daysUntilExpiration days." exit 1 } - if: contains( matrix.suite.os, 'windows') + if: matrix.os.name == 'windows' - name: Test Build CLI - sh run: | rm ./jf sh build/build.sh ./jf --version - if: contains( matrix.suite.os, 'macos') || contains( matrix.suite.os, 'ubuntu') + if: matrix.os.name == 'macos' || matrix.os.name == 'ubuntu' - name: Test Build CLI - bat run: | rm ./jfrog.exe build/build.bat ./jfrog.exe --version - if: contains( matrix.suite.os, 'windows') + if: matrix.os.name == 'windows' - name: Test install npm - v2 working-directory: build/npm/v2 @@ -99,7 +108,7 @@ jobs: latest_version=$(npm view jfrog-cli-v2 version) npm version $latest_version --allow-same-version npm install --no-audit - ./bin/jfrog${{ matrix.suite.osSuffix }} --version + ./bin/jfrog${{ matrix.os.osSuffix }} --version - name: Test install npm - v2-jf working-directory: build/npm/v2-jf @@ -110,4 +119,4 @@ jobs: latest_version=$(npm view jfrog-cli-v2-jf version) npm version $latest_version --allow-same-version npm install --no-audit - ./bin/jf${{ matrix.suite.osSuffix }} --version + ./bin/jf${{ matrix.os.osSuffix }} --version diff --git a/.github/workflows/transferTests.yml b/.github/workflows/transferTests.yml index 939a859c4..5e571e31c 100644 --- a/.github/workflows/transferTests.yml +++ b/.github/workflows/transferTests.yml @@ -5,7 +5,7 @@ on: branches: - "master" # Triggers the workflow on PRs to master branch only. - pull_request_target: + pull_request: types: [opened, synchronize] branches: - "master" @@ -21,11 +21,11 @@ jobs: matrix: os: - name: ubuntu - version: latest + version: 24.04 - name: windows - version: latest + version: 2022 - name: macos - version: latest + version: 14 runs-on: ${{ matrix.os.name }}-${{ matrix.os.version }} steps: - name: Skip macOS - JGC-413