open-edge-platform
diff --git a/‎.dockerignore‎
Lines changed: 8 additions & 0 deletions b/‎.dockerignore‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 10 additions & 0 deletions b/‎.github/CODEOWNERS‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎.github/CONTRIBUTING.md‎
Lines changed: 35 additions & 0 deletions b/‎.github/CONTRIBUTING.md‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎.github/PULL_REQUEST_TEMPLATE.md‎
Lines changed: 16 additions & 0 deletions b/‎.github/PULL_REQUEST_TEMPLATE.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎.github/actions/go-fuzz/action.yaml‎
Lines changed: 84 additions & 0 deletions b/‎.github/actions/go-fuzz/action.yaml‎
Lines changed: 84 additions & 0 deletions
diff --git a/‎.github/workflows/auto-close.yml‎
Lines changed: 26 additions & 0 deletions b/‎.github/workflows/auto-close.yml‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎.github/workflows/auto-update.yml‎
Lines changed: 26 additions & 0 deletions b/‎.github/workflows/auto-update.yml‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎.github/workflows/go-fuzz.yaml‎
Lines changed: 90 additions & 0 deletions b/‎.github/workflows/go-fuzz.yaml‎
Lines changed: 90 additions & 0 deletions
diff --git a/‎.github/workflows/post-merge-adm-nbi.yaml‎
Lines changed: 32 additions & 0 deletions b/‎.github/workflows/post-merge-adm-nbi.yaml‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎.github/workflows/post-merge-adm.yaml‎
Lines changed: 32 additions & 0 deletions b/‎.github/workflows/post-merge-adm.yaml‎
Lines changed: 32 additions & 0 deletions
@@ -0,0 +1,8 @@
+# SPDX-FileCopyrightText: (C) 2023 Intel Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+
+*
+
+!/common.mk
+!/version.mk
@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: (C) 2024 Intel Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# These owners will be the default owners for everything in the repo. Unless a
+# later match takes precedence, these owners will be requested for review when
+# someone opens a pull request.
+
+# Everything requires team review by default
+* @malruben @badhrinathpa @pudelkoM @cgoea @ajaythakurintel @ray-milkey @adibrastegarnia @SeanCondon @kuujo @scottmbaker @sys-devops-approve
@@ -0,0 +1,35 @@
+##### SPDX-FileCopyrightText: (C) 2022 Intel Corporation
+##### SPDX-License-Identifier: Apache-2.0
+------------------------------------------------------------------
+
+## <a name="commit"></a> Commit Message Guidelines
+
+We have precise rules over how our git commit messages should be formatted.  This leads to more readable messages that are easy to follow when looking through the project history.
+
+### Commit Message Format
+Each commit message consists of a **header**, a **body** and a **footer**.  The header has a special format that includes a **JIRA ticket** and a **subject**:
+
+```
+[SL6-****] <subject>
+<BLANK LINE>
+<body>
+<BLANK LINE>
+<footer>
+```
+
+Any line of the commit message should not be longer than 50 characters max on the subject line and 72 characters max on the body! This allows the message to be easier to read on GitHub as well as in various git tools.
+
+Example:
+```
+[SL6-1000]: Introduce new ROS parameter for client node
+
+In order to give a user option to set value X, a new ROS
+parameter has been introduced as Xvalue.
+Corresponding tests and docs updated
+
+```
+
+### Pull Requests practices
+
+* PR author is responsible to merge its own PR after review has been done and CI has passed.
+* When merging, make sure git linear history is preserved. PR author should select a merge option (`Rebase and merge` or `Squash and merge`) based on which option will fit the best to the git linear history.
@@ -0,0 +1,16 @@
+## Description
+
+Describe the purpose of this pull request.
+
+## Changes
+
+List the changes you have made.
+
+## Additional Information
+
+Include any additional information, such as how to test your changes.
+
+## Checklist
+
+- [ ] Tests passed
+- [ ] Documentation updated
@@ -0,0 +1,84 @@
+---
+# SPDX-FileCopyrightText: (C) 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+name: Go Fuzzing Test
+description: "Sets up the environment with necessary tools and dependencies to run Go fuzzing tests"
+inputs:
+  bootstrap_tools:
+    required: false
+    description: "Comma-separated list of tools to install (e.g., 'go,docker') or 'all' for all tools"
+    default: "all"
+  gh_token:
+    required: true
+    description: "PAT token for private repositories"
+  fuzz_seconds:
+    required: false
+    description: "Fuzzing test duration in seconds for each test case"
+    default: 60
+  fuzz_subprojects:
+    required: false
+    description: "Space-separated list of AppOrch services to run Fuzz tests"
+    default: "app-resource-manager app-deployment-manager app-service-proxy"
+  test_data_dir:
+    required: false
+    description: "Directory used to store Go fuzzing test data used to run test"
+    default: "/"
+runs:
+  using: "composite"
+  steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      with:
+        # Fetch all history, workaround sporadic issue with missing tags
+        fetch-depth: 0
+        # Fetch tags
+        fetch-tags: true
+        # Checkout the branch that triggered the workflow to avoid detached HEAD
+        ref: ${{ github.head_ref }}
+    - name: Checkout action repository
+      uses: actions/checkout@v4
+      with:
+        repository: open-edge-platform/orch-ci
+        path: ci
+        ref: ${{ inputs.orch_ci_repo_ref }}
+        token: ${{ inputs.gh_token }}
+    - name: Bootstrap CI environment
+      uses: ./ci/.github/actions/bootstrap
+      with:
+        gh_token: ${{ inputs.gh_token }}
+        bootstrap_tools: ${{ inputs.bootstrap_tools }}
+    - name: Cache Bootstrap CI environment
+      uses: actions/cache@v4.2.0
+      with:
+        path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+        key: bootstrap-${{ runner.os }}-go-${{ env.GOLANG_VER }}-${{ hashFiles('**/GOTOOLS_VERSIONS') }}
+        restore-keys: |
+          bootstrap-${{ runner.os }}-go-${{ env.GOLANG_VER }}-
+          bootstrap-${{ runner.os }}-go-
+    - name: Run Go Fuzzing test
+      env:
+        FUZZ_SECONDS: ${{ inputs.fuzz_seconds }}
+        FUZZ_SUBPROJECTS: ${{ inputs.fuzz_subprojects }}
+      shell: bash
+      run: |
+        if make go-fuzz; then
+          echo "All tests passed"
+        else
+          echo "========================="
+          echo "Test failed see output file below to reproduce issue and to re-run: go test -run=<failed-func>/<filename>"
+          echo "Copy output file contents (2 lines) below and create file in "${{ inputs.test_data_dir }}"/<failed-func>/<filename> directory"
+          echo "========================="
+          dir=${{ inputs.test_data_dir }}
+          if [ -d "$dir" ]; then
+              find "$dir" -type f -print0 | while IFS= read -r -d $'\0' file; do
+              if [ -f "$file" ]; then
+                  echo "--- Contents of file: $file ---"
+                  cat "$file"
+              fi
+              done
+          fi
+          exit 1
+        fi
@@ -0,0 +1,26 @@
+---
+# SPDX-FileCopyrightText: (C) 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+name: Stale Pull Requests
+
+# After 30 days of no activity on a PR, the PR should be marked as stale, 
+# a comment made on the PR informing the author of the new status, 
+# and closed after 15 days if there is no further activity from the change to stale state.
+on:
+  schedule:
+    - cron: '30 1 * * *'  # run every day
+  workflow_dispatch: {}
+
+jobs:
+  stale-auto-close:
+    runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
+    steps:
+      - uses: actions/stale@v5.1.1
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          stale-pr-message: 'This pull request is stale because it has been open 30 days with no activity. Make a comment or update the PR to avoid closing PR after 15 days.'
+          days-before-pr-stale: 30
+          days-before-pr-close: 15
+          remove-pr-stale-when-updated: 'true'
+          close-pr-message: 'This pull request was automatically closed due to inactivity'
@@ -0,0 +1,26 @@
+---
+# SPDX-FileCopyrightText: (C) 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+name: Auto Update PR
+
+# On push to the main branch and support branches, update any branches that are out of date
+# and have auto-merge enabled. If the branch is currently out of date with the base branch,
+# it must be first manually updated and then will be kept up to date on future runs.
+on:
+  push:
+    branches:
+      - main
+      - release-*
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  Auto-Update-PR:
+    runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
+    steps:
+      - uses: tibdex/auto-update@v2.2.1
+        with:
+          github_token: ${{ secrets.SYS_ORCH_GITHUB }}
@@ -0,0 +1,90 @@
+---
+# SPDX-FileCopyrightText: (C) 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+name: Go Fuzzing Tests
+
+on:
+  workflow_dispatch:
+    inputs:
+      run_adm:
+        description: 'Run ADM fuzzing tests'
+        required: false
+        type: boolean
+        default: true
+      fuzz_seconds_adm:
+        description: 'Duration per test case in secs. Total duration is secs X # of test cases'
+        required: false
+        type: number
+        default: 1200
+      run_arm:
+        description: 'Run ARM fuzzing tests'
+        required: false
+        type: boolean
+        default: true
+      fuzz_seconds_arm:
+        description: 'Duration per test case in secs. Total duration is secs X # of test cases'
+        required: false
+        type: number
+        default: 2100
+      run_asp:
+        description: 'Run ASP fuzzing tests'
+        required: false
+        type: boolean
+        default: true
+      fuzz_seconds_asp:
+        description: 'Duration per test case in secs. Total duration is secs X # of test cases'
+        required: false
+        type: number
+        default: 4800
+  # Scheduled workflows will only run on the default branch. Input values from workflow_dispatch will be null when schedule event is triggered
+  schedule:
+    - cron: "0 0 * * 6"   # every week, at 00:00 on Saturday
+
+jobs:
+  go-fuzz-adm:
+    if: ${{ inputs.run_adm || github.event_name == 'schedule' }}
+    name: ADM Go Fuzzing Tests
+    runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v1
+    - name: Fuzzing tests
+      uses: ./.github/actions/go-fuzz
+      with:
+        # Declare 1200 secs duration since schedule event will not pick up input values from workflow_dispatch
+        fuzz_seconds: ${{ inputs.fuzz_seconds_adm || 1200 }}
+        fuzz_subprojects: app-deployment-manager
+        test_data_dir: app-deployment-manager/internal/northbound/fuzztests/testdata/fuzz
+        gh_token: ${{ secrets.SYS_ORCH_GITHUB }}
+  go-fuzz-arm:
+    if: ${{ inputs.run_arm || github.event_name == 'schedule' }}
+    name: ARM Go Fuzzing Tests
+    runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v1
+    - name: Fuzzing tests
+      uses: ./.github/actions/go-fuzz
+      with:
+        # Declare 2100 secs duration since schedule event will not pick up input values from workflow_dispatch
+        fuzz_seconds: ${{ inputs.fuzz_seconds_arm || 2100 }}
+        fuzz_subprojects: app-resource-manager
+        test_data_dir: app-resource-manager/internal/northbound/services/v2/resource/testdata/fuzz
+        gh_token: ${{ secrets.SYS_ORCH_GITHUB }}
+  go-fuzz-asp:
+    # todo enable schedule once ASP fuzzing tests are ready {{ inputs.run_asp || github.event_name == 'schedule' }}
+    if: ${{ inputs.run_asp }}
+    name: ASP Go Fuzzing Tests
+    runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v1
+    - name: Fuzzing tests
+      uses: ./.github/actions/go-fuzz
+      with:
+        # Declare 4800 secs duration since schedule event will not pick up input values from workflow_dispatch
+        fuzz_seconds: ${{ inputs.fuzz_seconds_asp || 4800 }}
+        fuzz_subprojects: app-service-proxy
+        test_data_dir: app-service-proxy/internal/server/fuzztests/testdata/fuzz
+        gh_token: ${{ secrets.SYS_ORCH_GITHUB }}
@@ -0,0 +1,32 @@
+---
+# SPDX-FileCopyrightText: (C) 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+name: Post-Merge App Deployment Manager NB API
+
+on:
+  push:
+    branches:
+      - main
+      - release-*
+    paths:
+      - 'app-deployment-manager/api/nbi/**'
+  workflow_dispatch:
+
+jobs:
+  post-merge-pipeline:
+    uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@main
+    with:
+      run_security_scans: true
+      run_version_check: true
+      run_dep_version_check: false
+      run_build: false
+      run_docker_build: false
+      run_docker_push: false
+      run_version_tag: true
+      run_artifact: false
+      run_helm_build: false
+      run_helm_push: false
+      prefix_tag_separator: "/"
+      project_folder: "app-deployment-manager/api/nbi"
+    secrets: inherit
@@ -0,0 +1,32 @@
+---
+# SPDX-FileCopyrightText: (C) 2025 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+name: Post-Merge App Deployment Manager
+
+on:
+  push:
+    branches:
+      - main
+      - release-*
+    paths:
+      - 'app-deployment-manager/**'
+  workflow_dispatch:
+
+jobs:
+  post-merge-pipeline:
+    uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@main
+    with:
+      run_security_scans: true
+      run_version_check: true
+      run_dep_version_check: false
+      run_build: true
+      run_docker_build: true
+      run_docker_push: true
+      run_version_tag: true
+      run_artifact: false
+      run_helm_build: true
+      run_helm_push: true
+      prefix_tag_separator: "/"
+      project_folder: "app-deployment-manager"
+    secrets: inherit