diff --git a/.github/workflows/knative-boilerplate.yaml b/.github/workflows/knative-boilerplate.yaml deleted file mode 100644 index 2a0b01ba4..000000000 --- a/.github/workflows/knative-boilerplate.yaml +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright 2020 The Knative Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This file is automagically synced here from github.com/knative-sandbox/.github -# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten. - -name: Boilerplate - -on: - pull_request: - branches: [ 'main', 'master', 'release-*' ] - -jobs: - - check: - name: Boilerplate Check - runs-on: ubuntu-latest - strategy: - fail-fast: false # Keep running if one leg fails. - matrix: - extension: - - go - - sh - - # Map between extension and human-readable name. - include: - - extension: go - language: Go - - extension: sh - language: Bash - - steps: - - - name: Set up Go 1.17.x - uses: actions/setup-go@v2 - with: - go-version: 1.17.x - id: go - - - name: Check out code - uses: actions/checkout@v2 - - - name: Install Tools - run: | - TEMP_PATH="$(mktemp -d)" - cd $TEMP_PATH - - echo '::group::🐶 Installing reviewdog ... https://github.com/reviewdog/reviewdog' - curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b "${TEMP_PATH}" 2>&1 - echo '::endgroup::' - - echo '::group:: Installing boilerplate-check ... https://github.com/mattmoor/boilerplate-check' - go install github.com/mattmoor/boilerplate-check/cmd/boilerplate-check@latest - echo '::endgroup::' - - echo "${TEMP_PATH}" >> $GITHUB_PATH - - - id: boilerplate_txt - uses: andstor/file-existence-action@v1 - with: - files: ./hack/boilerplate/boilerplate.${{ matrix.extension }}.txt - - name: ${{ matrix.language }} license boilerplate - shell: bash - if: ${{ steps.boilerplate_txt.outputs.files_exists == 'true' }} - env: - REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }} - run: | - set -e - cd "${GITHUB_WORKSPACE}" || exit 1 - - echo '::group:: Running github.com/mattmoor/boilerplate-check for ${{ matrix.language }} with reviewdog 🐶 ...' - # Don't fail because of boilerplate-check - set +o pipefail - boilerplate-check check \ - --boilerplate ./hack/boilerplate/boilerplate.${{ matrix.extension }}.txt \ - --file-extension ${{ matrix.extension }} \ - --exclude "(vendor|third_party)/" | - reviewdog -efm="%A%f:%l: %m" \ - -efm="%C%.%#" \ - -name="${{ matrix.language }} headers" \ - -reporter="github-pr-check" \ - -filter-mode="diff_context" \ - -fail-on-error="true" \ - -level="error" - echo '::endgroup::' diff --git a/.github/workflows/knative-donotsubmit.yaml b/.github/workflows/knative-donotsubmit.yaml deleted file mode 100644 index cec5c3077..000000000 --- a/.github/workflows/knative-donotsubmit.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright 2020 The Knative Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This file is automagically synced here from github.com/knative-sandbox/.github -# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten. - -name: Do Not Submit - -on: - pull_request: - branches: [ 'main', 'master', 'release-*' ] - -jobs: - - donotsubmit: - name: Do Not Submit - runs-on: ubuntu-latest - - steps: - - name: Check out code - uses: actions/checkout@v2 - - - name: Do Not Submit - shell: bash - env: - REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }} - run: | - set -e - cd "${GITHUB_WORKSPACE}" || exit 1 - - TEMP_PATH="$(mktemp -d)" - PATH="${TEMP_PATH}:$PATH" - - echo '::group::🐶 Installing reviewdog ... https://github.com/reviewdog/reviewdog' - curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b "${TEMP_PATH}" 2>&1 - echo '::endgroup::' - - echo '::group:: Running DO NOT SUBMIT with reviewdog 🐶 ...' - # Don't fail because of grep - set +o pipefail - find . -type f -not -path './vendor/*' -not -path './third_party/*' -not -path './.git/*' -not -path './.github/workflows/*' | - xargs grep -n "DO NOT SUBMIT" | - reviewdog -efm="%f:%l:%m" \ - -name="DO NOT SUBMIT" \ - -reporter="github-pr-check" \ - -filter-mode="added" \ - -fail-on-error="true" \ - -level="error" - - echo '::endgroup::' diff --git a/.github/workflows/knative-go-build.yaml b/.github/workflows/knative-go-build.yaml index b83849869..0ecbdbccb 100644 --- a/.github/workflows/knative-go-build.yaml +++ b/.github/workflows/knative-go-build.yaml @@ -11,4 +11,4 @@ on: jobs: build: - uses: knative/actions/.github/workflows/go-build.yaml@main + uses: knative/actions/.github/workflows/reusable-go-build.yaml@main diff --git a/.github/workflows/knative-go-test.yaml b/.github/workflows/knative-go-test.yaml index bb016dcda..52a2d60ed 100644 --- a/.github/workflows/knative-go-test.yaml +++ b/.github/workflows/knative-go-test.yaml @@ -14,4 +14,4 @@ on: jobs: test: - uses: knative/actions/.github/workflows/go-test.yaml@main + uses: knative/actions/.github/workflows/reusable-go-test.yaml@main diff --git a/.github/workflows/knative-releasability.yaml b/.github/workflows/knative-releasability.yaml deleted file mode 100644 index be5f765eb..000000000 --- a/.github/workflows/knative-releasability.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright 2022 The Knative Authors. -# SPDX-License-Identifier: Apache-2.0 - -# This file is automagically synced here from github.com/knative-sandbox/knobots - -name: 'Releasability' - -on: - schedule: - - cron: '0 1 * * 1-5' # 6am Pacific, weekdays. - - workflow_dispatch: # Manual trigger. - inputs: - releaseFamily: - description: 'Release? (vX.Y)' - required: false - moduleReleaseFamily: - description: 'Module Release? (vX.Y)' - required: false - slackChannel: - description: 'Slack Channel? (release-#)' - required: false - -jobs: - releasability: - uses: knative/actions/.github/workflows/releasability.yaml@main - with: - releaseFamily: ${{ github.event.inputs.releaseFamily || 'v1.9' }} - moduleReleaseFamily: ${{ github.event.inputs.moduleReleaseFamily || 'v0.36' }} - slackChannel: ${{ github.event.inputs.slackChannel || 'release' }} - secrets: - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/knative-release-notes.yaml b/.github/workflows/knative-release-notes.yaml deleted file mode 100644 index 45de1cc4f..000000000 --- a/.github/workflows/knative-release-notes.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 2020 The Knative Authors. -# SPDX-License-Identifier: Apache-2.0 - -# This file is automagically synced here from github.com/knative-sandbox/knobots - -name: 'Release Notes' - -on: - workflow_dispatch: - inputs: - branch: - description: 'Branch' - required: true - default: 'main' - start-rev: - description: 'Start Tag (defaults to merge-base(branch, prev-branch))' - required: false - end-rev: - description: 'End Tag (defaults to HEAD of the target branch)' - required: false - -jobs: - release-notes: - uses: knative/actions/.github/workflows/release-notes.yaml@main - with: - branch: ${{ github.event.inputs.branch }} - start-rev: ${{ github.event.inputs.start-rev }} - end-rev: ${{ github.event.inputs.end-rev }} diff --git a/.github/workflows/knative-security.yaml b/.github/workflows/knative-security.yaml index fbc343842..4a0848ca6 100644 --- a/.github/workflows/knative-security.yaml +++ b/.github/workflows/knative-security.yaml @@ -14,4 +14,4 @@ on: jobs: analyze: - uses: knative/actions/.github/workflows/security.yaml@main + uses: knative/actions/.github/workflows/reusable-security.yaml@main diff --git a/.github/workflows/knative-stale.yaml b/.github/workflows/knative-stale.yaml index bca559c0c..e46461c1e 100644 --- a/.github/workflows/knative-stale.yaml +++ b/.github/workflows/knative-stale.yaml @@ -11,4 +11,4 @@ on: jobs: stale: - uses: knative/actions/.github/workflows/stale.yaml@main + uses: knative/actions/.github/workflows/reusable-stale.yaml@main diff --git a/.github/workflows/knative-style.yaml b/.github/workflows/knative-style.yaml index ee7d49f8f..7ca9e6024 100644 --- a/.github/workflows/knative-style.yaml +++ b/.github/workflows/knative-style.yaml @@ -12,4 +12,4 @@ on: jobs: style: - uses: knative/actions/.github/workflows/style.yaml@main + uses: knative/actions/.github/workflows/reusable-style.yaml@main diff --git a/.github/workflows/knative-verify.yaml b/.github/workflows/knative-verify.yaml index 982a72711..28a4af54b 100644 --- a/.github/workflows/knative-verify.yaml +++ b/.github/workflows/knative-verify.yaml @@ -23,4 +23,4 @@ on: jobs: verify: - uses: knative/actions/.github/workflows/verify-codegen.yaml@main + uses: knative/actions/.github/workflows/reusable-verify-codegen.yaml@main diff --git a/.github/workflows/knative-vulnerability.yaml b/.github/workflows/knative-vulnerability.yaml deleted file mode 100644 index 828acae6d..000000000 --- a/.github/workflows/knative-vulnerability.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 2021 The Knative Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This file is automagically synced here from github.com/knative-sandbox/.github -# repo by knobots: https://github.com/knative-sandbox/knobots and will be overwritten. - -name: 'Vulnerability scan' - -on: - schedule: - - cron: '0 1 1,15 * *' # 6am Pacific, 1st of the month to not exceed limits (200 total for all repos). - workflow_dispatch: {} - -jobs: - snyk: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/golang@master - continue-on-error: true # To make sure that SARIF upload gets called - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - with: - args: --sarif-file-output=snyk.sarif - - - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v1 - with: - sarif_file: snyk.sarif