This is an automated email from the ASF dual-hosted git repository.
pkarwasz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j-audit.git
The following commit(s) were added to refs/heads/master by this push:
new a57253a Enabled Github Actions
a57253a is described below
commit a57253aedea3acbbb5e9a3aad63391de5a920004
Author: Piotr P. Karwasz <[email protected]>
AuthorDate: Tue Oct 24 00:01:28 2023 +0200
Enabled Github Actions
---
.github/dependabot.yml | 29 +++++++++
.github/generate-email.sh | 107 ++++++++++++++++++++++++++++++++
.github/workflows/build.yml | 77 +++++++++++++++++++++++
.github/workflows/codeql-analysis.yml | 40 ++++++++++++
.github/workflows/merge-dependabot.yaml | 46 ++++++++++++++
5 files changed, 299 insertions(+)
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..5ca5e68
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,29 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+version: 2
+updates:
+- package-ecosystem: maven
+ directory: "/"
+ schedule:
+ interval: "daily"
+ target-branch: "master"
+
+- package-ecosystem: github-actions
+ directory: "/"
+ schedule:
+ interval: "daily"
+ target-branch: "master"
diff --git a/.github/generate-email.sh b/.github/generate-email.sh
new file mode 100755
index 0000000..c048133
--- /dev/null
+++ b/.github/generate-email.sh
@@ -0,0 +1,107 @@
+#!/bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+SCRIPT_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
+
+stderr() {
+ echo "$*" 1>&2
+}
+
+fail_for_invalid_args() {
+ stderr "Invalid arguments!"
+ stderr "Expected arguments: <vote|announce> <version> <commitId>"
+ exit 1
+}
+
+# Check arguments
+[ $# -ne 3 ] && fail_for_invalid_args
+
+# Constants
+PROJECT_NAME="Apache Log4j Audit"
+PROJECT_SITE="https://logging.apache.org/log4j-audit";
+PROJECT_STAGING_SITE="${PROJECT_SITE/apache.org/staged.apache.org}"
+PROJECT_REPO="https://github.com/apache/logging-log4j-audit";
+PROJECT_DIST_DIR="https://dist.apache.org/repos/dist/dev/logging/log4j-audit";
+PROJECT_VERSION="$2"
+COMMIT_ID="$3"
+
+# Check release notes file
+RELEASE_NOTES_FILE="$SCRIPT_DIR/../src/site/_release-notes/_$PROJECT_VERSION.adoc"
+[ -f "$RELEASE_NOTES_FILE" ] || {
+ stderr "Couldn't find release notes file: $RELEASE_NOTES_FILE"
+ exit 1
+}
+
+dump_release_notes() {
+ awk "f{print} /^Release date::/{f=1}" "$RELEASE_NOTES_FILE" \
+ | sed -r 's!'$PROJECT_REPO'/(issues|pull)/[0-9]+\[([0-9]+)\]!#\2!g'
+}
+
+case $1 in
+
+vote)
+ cat <<EOF
+To: [email protected]
+Title: [VOTE] Release $PROJECT_NAME $PROJECT_VERSION
+
+This is a vote to release the $PROJECT_NAME $PROJECT_VERSION.
+
+Website: $PROJECT_STAGING_SITE
+GitHub: $PROJECT_REPO
+Commit: $COMMIT_ID
+Distribution: $PROJECT_DIST_DIR
+Nexus: https://repository.apache.org/content/repositories/orgapachelogging-1113
+Signing key: 0x077e8893a6dcc33dd4a4d5b256e73ba9a0b592d0
+
+Please download, test, and cast your votes on this mailing list.
+
+[ ] +1, release the artifacts
+[ ] -1, don't release, because...
+
+This vote is open for 72 hours and will pass unless getting a
+net negative vote count. All votes are welcome and we encourage
+everyone to test the release, but only the Logging Services PMC
+votes are officially counted.
+
+== Release Notes
+EOF
+ dump_release_notes
+ ;;
+
+announce)
+ cat <<EOF
+To: [email protected], [email protected]
+Title: [ANNOUNCE] $PROJECT_NAME $PROJECT_VERSION released
+
+${PROJECT_NAME} team is pleased to announce the $PROJECT_VERSION
+release. ${PROJECT_NAME} is a versatile, industrial-strength
+Java logging framework composed of an API, its implementation,
+and components to assist the deployment for various use cases.
+For further information (support, download, etc.) see the project
+website[1].
+
+[1] $PROJECT_SITE
+
+== Release Notes
+EOF
+ dump_release_notes
+ ;;
+
+*) fail_for_invalid_args
+
+esac
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..320a2db
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,77 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: build
+
+on:
+ push:
+ branches:
+ - "master"
+ - "release/*"
+ paths-ignore:
+ - "**.adoc"
+ - "**.md"
+ - "**.txt"
+ pull_request:
+ paths-ignore:
+ - "**.adoc"
+ - "**.md"
+ - "**.txt"
+
+permissions: read-all
+
+jobs:
+
+ build:
+ if: github.actor != 'dependabot[bot]'
+ uses: apache/logging-parent/.github/workflows/build-reusable.yaml@main
+ with:
+ java-version: 11
+ site-enabled: true
+
+ deploy-snapshot:
+ needs: build
+ if: github.repository == 'apache/logging-log4j-audit' && github.ref_name
== 'master'
+ uses:
apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@main
+ # Secrets for deployments
+ secrets:
+ NEXUS_USER: ${{ secrets.NEXUS_USER }}
+ NEXUS_PW: ${{ secrets.NEXUS_PW }}
+ with:
+ java-version: 11
+
+ deploy-release:
+ needs: build
+ if: github.repository == 'apache/logging-log4j-audit' &&
startsWith(github.ref_name, 'release/')
+ uses:
apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@main
+ # Secrets for deployments
+ secrets:
+ GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
+ LOGGING_STAGE_DEPLOYER_USER: ${{ secrets.LOGGING_STAGE_DEPLOYER_USER }}
+ LOGGING_STAGE_DEPLOYER_PW: ${{ secrets.LOGGING_STAGE_DEPLOYER_PW }}
+ SVN_USERNAME: ${{ secrets.LOGGING_SVN_DEV_USERNAME }}
+ SVN_PASSWORD: ${{ secrets.LOGGING_SVN_DEV_PASSWORD }}
+ # Write permissions to allow the Maven `revision` property update,
changelog release, etc.
+ permissions:
+ contents: write
+ with:
+ java-version: 11
+ project-id: log4j
+ # TODO Adapt to Log4j Audit
+ distribution-attachment-filepath-pattern: ~
+ distribution-attachment-count: 30
+ site-enabled: true
diff --git a/.github/workflows/codeql-analysis.yml
b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..002c111
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,40 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: codeql-analysis
+
+on:
+ push:
+ branches: [ "master" ]
+ pull_request:
+ branches: [ "master" ]
+ schedule:
+ - cron: '32 12 * * 5'
+
+permissions: read-all
+
+jobs:
+
+ analyze:
+ uses:
apache/logging-parent/.github/workflows/codeql-analysis-reusable.yaml@main
+ with:
+ java-version: 11
+ # Permissions required to publish Security Alerts
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
diff --git a/.github/workflows/merge-dependabot.yaml
b/.github/workflows/merge-dependabot.yaml
new file mode 100644
index 0000000..145abe8
--- /dev/null
+++ b/.github/workflows/merge-dependabot.yaml
@@ -0,0 +1,46 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: merge-dependabot
+
+on:
+ pull_request_target:
+ paths-ignore:
+ - "**.adoc"
+ - "**.md"
+ - "**.txt"
+
+permissions: read-all
+
+jobs:
+
+ build:
+ if: github.repository == 'apache/logging-log4j-audit' && github.event_name
== 'pull_request_target' && github.actor == 'dependabot[bot]'
+ uses: apache/logging-parent/.github/workflows/build-reusable.yaml@main
+ with:
+ java-version: 11
+
+ merge-dependabot:
+ needs: build
+ uses:
apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@main
+ with:
+ java-version: 11
+ permissions:
+ contents: write # to push
changelog commits
+ pull-requests: write # to close
the PR
+ secrets:
+ GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }} # to sign
commits
