From bbc1a6ef3c1dfa7fc47460e0619e7441a5a8ca23 Mon Sep 17 00:00:00 2001 From: benfonty Date: Thu, 28 Dec 2023 10:31:09 +0100 Subject: [PATCH] chore(TPSVC-20719): dependabot (#36) --- .github/CODEOWNERS | 4 +++ .github/workflows/commit.yml | 17 +++++++++++++ .../workflows/dependabot-pr-validation.yaml | 25 +++++++++++++++++++ .tool-versions | 1 + build.gradle | 23 +++++++++++++++++ dependencies.gradle | 2 +- gradle.properties | 19 -------------- 7 files changed, 71 insertions(+), 20 deletions(-) create mode 100644 .github/workflows/commit.yml create mode 100644 .github/workflows/dependabot-pr-validation.yaml create mode 100644 .tool-versions delete mode 100644 gradle.properties diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 28c628a..c64c5a3 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1,5 @@ * @Talend/tpsvc-dev + +# Specific ownership for CI/dependabot automation +.github/workflows/** @Talend/tpsvc-dev @build-talend-tpsvc +**.gradle @Talend/tpsvc-dev @build-talend-tpsvc \ No newline at end of file diff --git a/.github/workflows/commit.yml b/.github/workflows/commit.yml new file mode 100644 index 0000000..25e9704 --- /dev/null +++ b/.github/workflows/commit.yml @@ -0,0 +1,17 @@ +--- +name: Conventional commit +on: + pull_request: + +jobs: + lint: + name: Lint + runs-on: ubuntu-latest + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - uses: wagoid/commitlint-github-action@v4 + if: ${{ github.actor != 'dependabot[bot]' }} diff --git a/.github/workflows/dependabot-pr-validation.yaml b/.github/workflows/dependabot-pr-validation.yaml new file mode 100644 index 0000000..31a94a6 --- /dev/null +++ b/.github/workflows/dependabot-pr-validation.yaml @@ -0,0 +1,25 @@ +name: Dependabot CI + +on: pull_request + +permissions: + pull-requests: write + +jobs: + pr-validation: + runs-on: + - self-hosted + - Linux + - X64 + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: "Checkout sources" + uses: actions/checkout@v3 + with: + token: ${{ secrets.GIT_ACTION_TOKEN }} + - name: "Install gh cli" + uses: asdf-vm/actions/install@v1 + - name: "PR validation" + uses: Talend/github-actions/dependabot-pr-validation@dependabot_pr_validation-v1.0.2 + with: + github_token: ${{ secrets.GIT_ACTION_TOKEN }} \ No newline at end of file diff --git a/.tool-versions b/.tool-versions new file mode 100644 index 0000000..ab778a2 --- /dev/null +++ b/.tool-versions @@ -0,0 +1 @@ +github-cli 2.31.0 diff --git a/build.gradle b/build.gradle index 76c654f..9ae12dd 100644 --- a/build.gradle +++ b/build.gradle @@ -1,4 +1,27 @@ buildscript { + ext { + tsbiFrameworkVersion="3.2" + tsbiBomVersion="0.0.5" + springBootVersion="3.2.0" + + securityBomVersion="4.2.0" + + checkstyleVersion="10.3.4" + pmdVersion="6.55.0" + jacocoVersion="0.8.11" + spotbugsVersion="4.8.1" + spotbugsPluginVersion="4.6.0" + sonarqubePluginVersion="4.4.1.3373" + + reckonVersion="0.13.1" + // workaround for reckon issue with Java 8 + grgitVersion="5.2.0" + + testngVersion="6.4" + jakartaVersion="6.0.0" + jakartaValidationVersion="3.0.2" + + } repositories { gradlePluginPortal() } diff --git a/dependencies.gradle b/dependencies.gradle index b133d69..57f3b32 100644 --- a/dependencies.gradle +++ b/dependencies.gradle @@ -8,7 +8,7 @@ configurations.all { dependencyManagement { imports { - mavenBom "org.talend.tsbi.java.springboot-bom:$tsbiBomVersion" + mavenBom "org.talend.tsbi.java.springboot-bom:$tsbiFrameworkVersion:$tsbiBomVersion" } dependencies { diff --git a/gradle.properties b/gradle.properties deleted file mode 100644 index dfafefa..0000000 --- a/gradle.properties +++ /dev/null @@ -1,19 +0,0 @@ -tsbiBomVersion=3.2:0.0.5 -springBootVersion=3.2.0 - -securityBomVersion=4.2.0 - -checkstyleVersion=10.3.4 -pmdVersion=6.55.0 -jacocoVersion=0.8.11 -spotbugsVersion=4.8.1 -spotbugsPluginVersion=4.6.0 -sonarqubePluginVersion=4.4.1.3373 - -reckonVersion=0.13.1 -# workaround for reckon issue with Java 8 -grgitVersion=5.2.0 - -testngVersion=6.4 -jakartaVersion=6.0.0 -jakartaValidationVersion=3.0.2