[
https://issues.apache.org/jira/browse/GEODE-10550?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18052565#comment-18052565
]
ASF subversion and git services commented on GEODE-10550:
---------------------------------------------------------
Commit 79a74d001f795c3dffb50da6539d2d3f7cc97fb6 in geode's branch
refs/heads/GEODE-10550-enable-github-workflows-support-1.15 from Sai Boorlagadda
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=79a74d001f ]
GEODE-10550: Enable GitHub Actions workflows for support/1.15 branch
Add GitHub Actions workflow files to support/1.15 branch to enable
automated CI/CD checks for pull requests targeting this branch.
This change adds two workflow files:
- .github/workflows/codeql.yml: CodeQL security scanning
- .github/workflows/gradle.yml: Build, test, and code quality checks
The workflows will run on:
- Push events to support/1.15 branch
- Pull requests targeting support/1.15 branch
- Scheduled weekly security scans (CodeQL only)
This ensures that dependency updates and security fixes submitted
to the support/1.15 branch are properly validated before merge.
> Enable GitHub Actions workflows for support/1.15 branch
> -------------------------------------------------------
>
> Key: GEODE-10550
> URL: https://issues.apache.org/jira/browse/GEODE-10550
> Project: Geode
> Issue Type: Task
> Components: build
> Reporter: Sai Boorlagadda
> Assignee: Sai Boorlagadda
> Priority: Major
>
> Summary
> The new support/1.15 branch requires GitHub Actions workflows to run
> automated tests and security checks for pull requests targeting this branch.
> Currently, the existing workflows (.github/workflows/codeql.yml and
> .github/workflows/gradle.yml) only trigger on the develop branch.
> Background
> A new support branch support/1.15 has been created for maintaining the
> 1.15 release line. PRs are being created to bump dependencies and fix
> security vulnerabilities, but there are no automated CI/CD checks running on
> these PRs, which creates risk of introducing regressions or missing issues.
> Scope
> Update existing GitHub Actions workflow files to include the support/1.15
> branch in their trigger conditions:
> • .github/workflows/codeql.yml - CodeQL security scanning
> • .github/workflows/gradle.yml - Build, test, and code quality checks
> Expected Outcome
> When PRs are created against the support/1.15 branch, the following
> automated checks will run:
> • Build verification with code quality checks (spotlessCheck, rat,
> checkPom, pmdMain)
> • Java API compatibility checks (japicmp)
> • Unit tests
> • Integration tests
> • Acceptance tests
> • Distributed tests (WAN, CQ, Lucene, Management, Assembly modules)
> • CodeQL security scanning for multiple languages
> • Test report artifacts generated on failures
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
