Merge pull request #3997 from zowe/user/markackert/v3.x-staging-to-rc…

…-3.0.0 Merge 3.x/staging into rc - prepare for 3.0.0-RC1
zowe · Sep 18, 2024 · 178a067 · 178a067
2 parents 754b035 + 6101eb2
commit 178a067
Show file tree

Hide file tree

Showing 253 changed files with 9,096 additions and 53,972 deletions.
diff --git a/.dependency/prepare_source_zip.sh b/.dependency/prepare_source_zip.sh
@@ -21,7 +21,7 @@ SCRIPT_NAME=$(basename "$0")
 SCRIPT_PWD=$(cd "$(dirname "$0")" && pwd)
 ROOT_PWD=$(cd "$SCRIPT_PWD" && cd .. && pwd)
 cd "$ROOT_PWD"
-WORK_BRANCH=v2.x/master
+WORK_BRANCH=v3.x/master
 ZOWE_MANIFEST="https://raw.githubusercontent.com/zowe/zowe-install-packaging/${WORK_BRANCH}/manifest.json.template"
 WORK_DIR=.release
 ZIP_DIR="${WORK_DIR}/source_zip"
@@ -51,7 +51,7 @@ echo
 
 ################################################################################
 echo "[${SCRIPT_NAME}] download manifest.json"
-/bin/sh -c "curl -s ${GITHUB_AUTH_HEADER} \"${ZOWE_MANIFEST}\"" > "${WORK_DIR}/manifest.json.template"
+/bin/sh -c "curl -s ${GITHUB_AUTH_HEADER} \"${ZOWE_MANIFEST}\"" >"${WORK_DIR}/manifest.json.template"
 if [ -f "${WORK_DIR}/manifest.json.template" ]; then
   echo "[${SCRIPT_NAME}] - ${WORK_DIR}/manifest.json.template downloaded"
 else
@@ -67,7 +67,7 @@ echo
 
 ################################################################################
 echo "[${SCRIPT_NAME}] write README.md"
-cat > "${ZIP_DIR}/README.md" << EOF
+cat >"${ZIP_DIR}/README.md" <<EOF
 # Source files for the Zowe project - version ${ZOWE_VERSION}
 
 Included in this zip file are the source files used to build the Zowe ${ZOWE_VERSION} Release.

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,22 @@
+version: 2
+
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: weekly
+    groups:
+      all-version-dependencies:
+        applies-to: version-updates
+        patterns:
+          - "*"
+        update-types:
+          - "patch"
+          - "minor"
+      all-security-minorpatch:
+        applies-to: security-updates  
+        patterns:
+          - "*"
+        update-types:
+          - "patch"
+          - "minor"
diff --git a/.github/scripts/cicd_test/make_matrix.sh b/.github/scripts/cicd_test/make_matrix.sh
@@ -32,17 +32,13 @@ case $install_test_choice in
   test_file="$KEYRING_TESTFILE"
   ;;
 
-"z/OS node v14")
-  test_file="$ZOS_NODE_V14_TESTFILE"
-  ;;
-
-"z/OS node v16")
-  test_file="$ZOS_NODE_V16_TESTFILE"
-  ;;
-
 "z/OS node v18")
   test_file="$ZOS_NODE_V18_TESTFILE"
-  test_force_system="zzow04"
+  test_force_system="zzow08"
+  ;;
+
+"z/OS node v20")
+  test_file="$ZOS_NODE_V20_TESTFILE"
   ;;
 
 "Non-strict Verify External Certificate")
@@ -91,17 +87,18 @@ if [[ ! -z "$test_force_system" ]]; then
 else
   if [[ -z "$dont_parse_test_server" ]]; then
     if [[ "$test_server" == "Any zzow servers" ]]; then
-      test_server="zzow0"$(echo $(($RANDOM % 3 + 2)))
+      test_server="zzow0"$(echo $(($RANDOM % 3 + 6)))
     fi
     TEST_FILE_SERVER="$test_file($test_server)"
   else
     any_occurrence=$(echo $test_file | grep -o "(any)" | wc -l)
     interim_test_file_server=$test_file
     for i in $(seq $any_occurrence); do
-      interim_test_file_server=$(echo $interim_test_file_server | sed "s#(any)#(zzow0$(echo $(($RANDOM % 3 + 2))))#")
+      # Generates zzow06, zzow07, zzow08
+      interim_test_file_server=$(echo $interim_test_file_server | sed "s#(any)#(zzow0$(echo $(($RANDOM % 3 + 6))))#")
     done
 
-    TEST_FILE_SERVER=$(echo $interim_test_file_server | sed "s#(all)#(zzow02,zzow03,zzow04)#g")
+    TEST_FILE_SERVER=$(echo $interim_test_file_server | sed "s#(all)#(zzow06,zzow07,zzow08)#g")
   fi
 fi
 

diff --git a/.github/scripts/cicd_test/prep7_more_test_prep/03_process_test_server.sh b/.github/scripts/cicd_test/prep7_more_test_prep/03_process_test_server.sh
@@ -14,24 +14,24 @@ TEST_SERVER=$(echo "$MATRIX_SERVER" | cut -d "-" -f2)
 
 case $TEST_SERVER in
 
-"zzow02")
-    TEST_SERVER_NICKNAME=marist-2
-    ;;
+"zzow06")
+  TEST_SERVER_NICKNAME=marist-6
+  ;;
 
-"zzow03")
-    TEST_SERVER_NICKNAME=marist-3
-    ;;
+"zzow07")
+  TEST_SERVER_NICKNAME=marist-7
+  ;;
 
-"zzow04")
-    TEST_SERVER_NICKNAME=marist-4
-    ;;
+"zzow08")
+  TEST_SERVER_NICKNAME=marist-8
+  ;;
 
 *)
-    printf "${RED}[Check 2 ERROR] Something went wrong when parsing test server nickname\n"
-    exit 1
-    ;;
+  printf "${RED}[Check 2 ERROR] Something went wrong when parsing test server nickname\n"
+  exit 1
+  ;;
 esac
 
 assert_env_var "TEST_SERVER"
 assert_env_var "TEST_SERVER_NICKNAME"
-printf "${GREEN}[Check 2/$TOTAL_CHECK] Test server name processing complete!${NC}\n"
+printf "${GREEN}[Check 2/$TOTAL_CHECK] Test server name processing complete!${NC}\n"
diff --git a/.github/scripts/manifest_verification/check_sources.js b/.github/scripts/manifest_verification/check_sources.js
@@ -0,0 +1,162 @@
+// This script checks that the manifest sourceDependencies are reachable.
+
+const core = require('@actions/core');
+const fs = require('fs-extra');
+
+const results = {
+  success: 'found_matching_commit_or_tag',
+  warn: 'found_matching_branch',
+  fail: 'no_matching_tag_or_branch'
+}
+
+function is_sha(item) {
+  return /^[0-9a-f]{7}$/.test(item) || /^[0-9a-f]{40}$/.test(item)
+}
+
+function isRcOrMaster(branchName) {
+  return /v[0-9]\.x\/(rc|master)/i.test(branchName);
+}
+
+async function main() {
+
+  if (process.env['BASE_REF'] == null) {
+    core.setFailed('This script requires the BASE_REF env to bet set.');
+    return;
+  }
+
+  if (process.env['GITHUB_TOKEN'] == null) {
+    core.setFailed('This script requires the GITHUB_TOKEN env to be set.');
+    return;
+  }
+
+  const baseRef = process.env['BASE_REF'].trim();
+
+  const github = require('@actions/github')
+  const octokit = github.getOctokit(process.env['GITHUB_TOKEN']);
+
+  // expect script to be run from repo root
+  const sourceDeps = fs.readJSONSync('./manifest.json.template').sourceDependencies;
+
+  /**
+   * Source dep structure is below:
+   * 
+   * [
+   *   {
+   *    "componentGroup": "Performance Timing Utility",
+   *    "entries": [{
+   *      "repository": "perf-timing",
+   *      "tag": "master",
+   *      "destinations": ["Zowe CLI Package"]
+   *    }]
+   *  },
+   *  { ...same structure as prior...}
+   * ]
+   */
+
+  const analyzedRepos = [];
+
+  for (const dep of sourceDeps) {
+    for (const entry of dep.entries) {
+      const repo = entry.repository;
+      const tag = entry.tag;
+
+      // octokit ref/commit_sha APIs work for branches/tags, and we only want to test when its an actual hash 
+      if (is_sha(tag)) {
+        const isCommit = await octokit.rest.repos.getCommit({
+          owner: 'zowe',
+          repo: repo,
+          ref: tag
+        }).then((resp) => {
+          if (resp.status < 400) {
+            return true;
+          }
+          return false;
+        })
+
+        // Pinning repos with a commit is ok
+        if (isCommit) {
+          analyzedRepos.push({repository: repo, tag: tag, result: results.success});
+          continue;
+        }
+      }
+
+      // If not a commit, check repo tags
+      //  requires paginate API.
+
+      const tags = await octokit.paginate(
+        "GET /repos/{owner}/{repo}/tags",
+        {
+            owner: 'zowe',
+            repo: repo,
+        }
+      ).then((resp) => {
+        // resp is the aggregated data from paginate.. [ { name: 'tag-a', ..other-fields.. }, {}, {}, ...]
+        return resp; 
+      });
+
+      const knownTag = tags.find((item) => item.name === tag);
+      if (knownTag != null && knownTag.name.trim().length > 0) {
+        analyzedRepos.push({repository: repo, tag: tag, result: results.success});
+        continue;
+      }
+
+      // if we didn't find tag, look at branches
+      // 2 REST Requests, unset protected was operating as protected=false
+      const protBranches = await octokit.rest.repos.listBranches({
+        owner: 'zowe',
+        repo: repo,
+        protected: true
+      }).then((resp) => {
+        if (resp.status < 400) {
+          return resp.data;
+        }
+        return [];
+      })
+      const unProtBranches = await octokit.rest.repos.listBranches({
+        owner: 'zowe',
+        repo: repo,
+        protected: false
+      }).then((resp) => {
+        if (resp.status < 400) {
+          return resp.data;
+        }
+        return [];
+      })
+
+      const branches = [...protBranches, ...unProtBranches];
+
+      const knownBranch = branches.find((item) => item.name === tag);
+      if (knownBranch != null && knownBranch.name.trim().length > 0) {
+        analyzedRepos.push({repository: repo, tag: tag, result: results.warn});
+        continue;
+      }
+
+      // if we didn't find commit, tag or branch
+      analyzedRepos.push({repository: repo, tag: tag, result: results.fail});
+    }
+  }
+
+  let didFail = false;
+
+  const failRepos = analyzedRepos.filter((item) => item.result === results.fail);
+  if (failRepos != null && failRepos.length > 0) {
+    core.warning('There are manifest sourceDependencies without a matching tag or branch. Review the output and update the manifest.');
+    core.warning('The following repositories do not have a matching commit hash, tag or branch: ' + JSON.stringify(failRepos, null, {indent: 4}))
+    didFail = true;
+  }
+
+  const warnRepos = analyzedRepos.filter((item) => item.result === results.warn) ;
+  if (warnRepos != null && warnRepos.length > 0) { 
+    if (isRcOrMaster(baseRef)) {
+      core.warning('Merges to RC and master require tags or commit hashes instead of branches for sourceDependencies.')
+      didFail = true
+    }
+    core.warning('The following repositories have a branch instead of tag: ' + JSON.stringify(warnRepos, null, {indent: 4}))
+  }
+
+  if (didFail) {
+    core.setFailed('The manifest validation was not successful. Review the warning output for more details.');
+  }
+
+}
+main()