Andreas Dangel
4c45d6125e
Merge branch 'master' into pmd/7.0.x
2022-04-29 13:40:05 +02:00
naveen
57dfc7fb40
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-04-29 01:00:46 +00:00
Andreas Dangel
e0c0e96d07
Merge branch 'master' into pmd/7.0.x
2022-04-12 20:15:44 +02:00
dependabot[bot]
2a57871fdb
Bump actions/cache from 2 to 3
...
Bumps [actions/cache](https://github.com/actions/cache ) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases )
- [Commits](https://github.com/actions/cache/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 03:01:58 +00:00
Andreas Dangel
c26275a2b6
Merge remote-tracking branch 'adangel/regression-tester-update' into
...
pmd7-regression-tester-update
2022-03-24 18:54:45 +01:00
Andreas Dangel
f2db24ffbb
Use new caches in CI build
2022-03-18 17:04:02 +01:00
Andreas Dangel
4160092ceb
Merge branch 'master' into pr-3819
2022-03-10 10:32:41 +01:00
dependabot[bot]
45a85806b5
Bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-07 03:01:36 +00:00
Andreas Dangel
a9c3c019fe
Merge branch 'master' into pmd/7.0.x
2021-11-25 11:50:31 +01:00
Andreas Dangel
47938e674d
Bump build-tools from 17-SNAPSHOT to 17
2021-11-25 10:08:30 +01:00
Andreas Dangel
3cde14a534
[ci] Start with an empty cache
2021-11-19 11:00:08 +01:00
Andreas Dangel
f9a012a8de
Merge branch 'master' into pmd/7.0.x
2021-10-16 10:40:02 +02:00
Andreas Dangel
4bfb35cb86
Use GITHUB_TOKEN or deploy key
...
Also use pmd-bot@users.noreply.github.com as committer email.
2021-10-15 12:09:22 +02:00
Andreas Dangel
7cee47d71e
Merge branch 'master' into pmd/7.0.x
2021-09-27 20:11:01 +02:00
Andreas Dangel
6c60196bc1
Use build-tools 17-SNAPSHOT
2021-09-27 20:02:03 +02:00
Andreas Dangel
32bd651969
Merge branch 'master' into pmd/7.0.x
2021-07-30 14:11:48 +02:00
Andreas Dangel
fbdcec348b
Bump build-tools from 15-SNAPSHOT to 15
2021-07-30 12:12:40 +02:00
Clément Fournier
ed98ec7078
Merge branch 'master' into 7.0.x
2021-06-16 14:22:40 +02:00
Andreas Dangel
0b6c0594f1
Use build-tools scripts 14
2021-06-11 17:47:08 +02:00
Andreas Dangel
89d0d76035
Merge branch 'master' into pmd/7.0.x
2021-05-28 19:02:50 +02:00
Andreas Dangel
6d321b89e4
[ci] Use new build-tools 13
...
Should fix build problems under windows
2021-05-28 17:45:00 +02:00
Andreas Dangel
0fea742f3d
Merge branch 'master' into pmd/7.0.x
2021-05-28 17:01:04 +02:00
Andreas Dangel
1fce60faf0
[ci] Use ruby/setup-ruby@v1 instead of deprecated setup-ruby action
2021-05-28 16:59:31 +02:00
Andreas Dangel
50080c496d
[ci] Use ruby/setup-ruby@v1 instead of deprecated setup-ruby action
2021-05-28 16:57:32 +02:00
Clément Fournier
4dec17b937
Merge branch 'master' into 7.0.x
2021-05-09 14:36:29 +02:00
Andreas Dangel
d444f30ee4
[ci] Add gradle cache
2021-05-07 16:19:26 +02:00
Clément Fournier
9274af1e8e
Merge branch 'master' into 7.0.x
2021-05-06 12:52:34 +02:00
Andreas Dangel
b73afc47f7
Bump build-tools from 11 to 12
2021-05-06 10:25:28 +02:00
Clément Fournier
10186c85ba
Merge branch 'master' into 7.0.x
2021-04-30 12:49:10 +02:00
Clément Fournier
f587b7f5f2
Explain FP & FN in issue template description
2021-04-30 12:25:55 +02:00
Andreas Dangel
e7ebae1cea
Improve issue templates
2021-04-29 10:53:41 +02:00
Andreas Dangel
2ada953df5
Merge branch 'master' into pmd/7.0.x
2021-04-24 18:33:52 +02:00
Andreas Dangel
375e7a1bff
[ci] Improve caching for pmd-regression-tester
2021-04-24 18:01:17 +02:00
Andreas Dangel
96dc198fc6
Merge branch 'master' into pmd/7.0.x
2021-04-24 16:17:42 +02:00
Andreas Dangel
4b4af8c12f
[ci] Increase fetch depth for git-repo-sync
2021-04-24 16:15:09 +02:00
Andreas Dangel
f89c9e40d4
[ci] Sync branch pmd/7.0.x to sourceforge
2021-04-23 23:01:28 +02:00
Andreas Dangel
aea369a80b
Merge branch 'pr-3220' into pmd7-build-scripts-update
2021-04-22 11:35:31 +02:00
Andreas Dangel
2d5fc019ac
Merge branch 'master' into build-scripts-update
2021-04-22 11:10:24 +02:00
Andreas Dangel
fe9bf3c352
Bump build-tools from 10 to 11
2021-04-22 10:59:51 +02:00
Clément Fournier
7301082d2e
Merge branch 'master' into 7.0.x
2021-04-20 17:37:22 +02:00
Andreas Dangel
a09e38471f
[ci] Run git-repo-sync only on pushes, not on pull requests
...
Also remove unneeded actions
2021-04-18 19:57:50 +02:00
Andreas Dangel
2ad755f963
[ci] Add git-repo-sync
2021-04-18 19:50:52 +02:00
Andreas Dangel
f413328653
[ci] Set autoReleaseAfterClose=true in workflow
2021-04-18 18:49:14 +02:00
Andreas Dangel
953a9999b4
[ci] Checkout with fetch-depth 2
...
Otherwise we can't fetch later more commits
for regression-tester and danger.
2021-04-16 20:06:56 +02:00
Andreas Dangel
081edd5213
Revert "[ci] Enable debug mode for check-environment.sh"
...
This reverts commit ff68dd7bef8fb7911f390ebc64769993b915e4ea.
2021-04-16 16:43:28 +02:00
Andreas Dangel
ff68dd7bef
[ci] Enable debug mode for check-environment.sh
2021-04-16 16:35:52 +02:00
Andreas Dangel
417cc7fcbe
[ci] Finish scripts migration, integration sonar+coveralls
2021-04-15 16:20:22 +02:00
Andreas Dangel
10c6906f0f
[ci] First round of migration to new build scripts
2021-04-15 15:26:33 +02:00
Andreas Dangel
c2ae8b19c2
Add FUNDING.yml
2021-04-12 19:26:46 +02:00
Andreas Dangel
74fffb35c4
Merge branch 'master' into pmd/7.0.x
2021-03-27 15:38:36 +01:00
Andreas Dangel
fdc6336bf2
[ci] Increase timeout for staging to oss.sonatype.org
2021-03-26 17:56:26 +01:00
Clément Fournier
5afb4956c3
Merge branch 'master' into 7.0.x
2021-02-16 20:08:18 +01:00
Clément Fournier
2b6dcb3f22
Change default labels for violation issue template
...
An issue that has both labels probably needs one of them to be removed.
2021-02-08 19:37:00 +01:00
Andreas Dangel
f0f2286f98
Merge branch 'master' into pmd/7.0.x
2021-01-16 10:37:27 +01:00
Andreas Dangel
49ff9a5c5f
[ci] Increase build timeout for pull requests to 60 minutes
2021-01-08 15:33:48 +01:00
Andreas Dangel
60d21a2feb
Merge branch 'master' into pmd/7.0.x
2020-12-12 12:54:15 +01:00
Andreas Dangel
f276eec0ba
[ci] Use ruby 2.7 for release build ( #2967 )
2020-12-12 11:19:51 +01:00
Andreas Dangel
384d32ddd0
Merge branch 'master' into pmd/7.0.x
2020-12-11 19:48:54 +01:00
Andreas Dangel
4229343173
Use Github Discussions for Q&A
2020-12-11 16:52:17 +01:00
Andreas Dangel
b21a2e5d38
Merge branch 'master' into pmd/7.0.x
2020-11-25 14:17:10 +01:00
Andreas Dangel
db3c636081
[ci] Avoid mixing caches
2020-11-25 14:14:49 +01:00
Andreas Dangel
a99e205a54
Merge branch 'master' into pmd/7.0.x
2020-11-14 20:34:49 +01:00
Andreas Dangel
bc4938087a
[ci] Only install java7 on Linux, add GITHUB_TOKEN for sonar
2020-11-14 20:29:27 +01:00
Andreas Dangel
3ca98b7313
[ci] Enable pushes workflow for branch pmd/7.0.x
2020-11-14 19:35:20 +01:00
Andreas Dangel
4147d09771
[ci] Windows needs maven_dependencies_resolve
...
* Use the same build script for Windows+MacOS as for PRs
* Also install java7 for PRs (that was missing from the old travis solution)
* Run coveralls and sonar in parallel to win/macos after linux
2020-11-14 19:27:40 +01:00
Andreas Dangel
faa0a6109e
[ci] Fix builds for Windows / MacOS
...
Add missing include for logger
2020-11-14 18:29:44 +01:00
Andreas Dangel
91835315cc
Add vendor/bundle to cache
2020-11-14 12:44:57 +01:00
Andreas Dangel
4246cb77ca
Add sonar and coveralls jobs
2020-11-14 12:33:31 +01:00
Andreas Dangel
e2514c546c
Implement release builds
2020-11-13 20:34:37 +01:00
Andreas Dangel
8c087e9357
Describe workaround for failing downloads
2020-11-13 19:43:55 +01:00
Andreas Dangel
825e3426d7
Fetch more commits of the PR for danger
2020-11-13 17:15:53 +01:00
Andreas Dangel
a5c7f3c77a
Increase fetch depth so that danger finds the HEAD commit of the PR
2020-11-13 15:56:05 +01:00
Andreas Dangel
e8525008b2
Move install-openjdk into main script, add check-environment
2020-11-13 15:35:16 +01:00
Andreas Dangel
412ddb3018
Fix pull requests build - correctly extract data from event
2020-11-13 14:58:57 +01:00
Andreas Dangel
7e35165c01
Externalize tokens for Danger, use correct base branch ref
2020-11-13 14:27:26 +01:00
Andreas Dangel
be07f5b8c8
Enable windows build again
2020-11-13 12:01:53 +01:00
Andreas Dangel
6e81754078
There are no secrets in pull requests
2020-11-13 12:01:28 +01:00
Andreas Dangel
9d531cba4d
Enable pull-requests workflow
2020-11-13 11:39:30 +01:00
Andreas Dangel
70f2c56888
Resolve maven dependencies before building
...
This tries to solve build timeouts while downloading dependencies.
Also the job timeout for PRs is 30 minutes - if it takes longer,
something is wrong.
2020-11-13 11:37:05 +01:00
Andreas Dangel
1790684fff
Add troubleshooting
2020-11-12 20:12:07 +01:00
Andreas Dangel
1edc659456
Take out windows build
...
It's always failing to download dependencies
2020-11-12 19:15:29 +01:00
Andreas Dangel
295505af5b
Integrate danger for pull requests
2020-11-12 13:11:56 +01:00
Andreas Dangel
4628664545
Add regression-tester for updating baseline
2020-11-12 11:54:51 +01:00
Andreas Dangel
0f14066adc
Use github job infos
2020-11-12 10:42:19 +01:00
Andreas Dangel
b42a358844
Add workaround for connection timeouts
2020-11-12 09:44:17 +01:00
Andreas Dangel
14548e7b80
Integrate setup secrets into build.sh, add env.gpg, add sourceforge upload
2020-11-11 22:56:02 +01:00
Andreas Dangel
a089bbc143
Use bash
2020-11-10 22:37:04 +01:00
Andreas Dangel
3d4928dfbb
Initial version of new ci scripts
2020-11-10 22:26:26 +01:00
Andreas Dangel
398305144d
[ci] Display used java version in github action
2020-10-28 11:03:20 +01:00
Andreas Dangel
d626b9314e
[ci] Support [skip ci] with github actions
...
See https://github.com/marketplace/actions/skip-based-on-commit-message
2020-10-15 11:28:46 +02:00
Andreas Dangel
b8da15ce00
[ci] use actions/checkout@v2 and actions/setup-java@v1
...
instead of specific subversions. This uses then always the latest
versions automatically.
2020-10-10 14:03:32 +02:00
dependabot[bot]
d37ccca4ab
Bump actions/setup-java from v1.4.2 to v1.4.3
...
Bumps [actions/setup-java](https://github.com/actions/setup-java ) from v1.4.2 to v1.4.3.
- [Release notes](https://github.com/actions/setup-java/releases )
- [Commits](https://github.com/actions/setup-java/compare/v1.4.2...d202f5dbf7256730fb690ec59f6381650114feb2 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-10-05 06:16:30 +00:00
dependabot[bot]
2a6b04ef4d
Bump actions/checkout from v2.3.2 to v2.3.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from v2.3.2 to v2.3.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2.3.2...a81bbbf8298c0fa03ea29cdc473d45769f953675 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-09-28 06:18:42 +00:00
dependabot[bot]
72f9d0f90a
Bump actions/setup-java from v1.4.0 to v1.4.2
...
Bumps [actions/setup-java](https://github.com/actions/setup-java ) from v1.4.0 to v1.4.2.
- [Release notes](https://github.com/actions/setup-java/releases )
- [Commits](https://github.com/actions/setup-java/compare/v1.4.0...8bb50d97d6b4d316daf284fdf8eafbfc988421fc )
Signed-off-by: dependabot[bot] <support@github.com>
2020-09-12 10:46:46 +00:00
Andreas Dangel
352760c09c
[ci] Fix dependabot schedule interval
2020-09-12 12:45:52 +02:00
Andreas Dangel
b247d616d9
[ci] github actions: Build on push and pull requests
2020-09-12 12:13:28 +02:00
Andreas Dangel
2093f6c82a
[ci] dependabot: don't open PRs for maven dependencies
...
We might enable this for PMD 7 later
2020-09-12 12:13:04 +02:00
XenoAmess
01de9ce450
add github actions for a fast view of pr succeed/not.
...
travis-ci is toooo slow.
2020-08-24 19:15:52 +08:00
Andreas Dangel
2da636305e
Update pull request template
2020-04-18 10:34:21 +02:00
Andreas Dangel
0356895cc2
[doc] Fix github issue templates
...
The labels were wrong, maybe now they are assigned
automatically...
2020-04-04 18:29:50 +02:00