diff --git a/.github/workflows/centreon-collect.yml b/.github/workflows/centreon-collect.yml index eb25e84f8f..839975c7ef 100644 --- a/.github/workflows/centreon-collect.yml +++ b/.github/workflows/centreon-collect.yml @@ -109,22 +109,6 @@ jobs: version_file: CMakeLists.txt nightly_manual_trigger: ${{ inputs.nightly_manual_trigger || false }} - veracode-analysis: - needs: [get-environment] - if: ${{ github.event_name == 'schedule' && github.ref_name == 'develop' }} - uses: ./.github/workflows/veracode-analysis.yml - with: - module_name: centreon-collect - major_version: ${{ needs.get-environment.outputs.major_version }} - minor_version: ${{ needs.get-environment.outputs.minor_version }} - img_version: ${{ needs.get-environment.outputs.img_version }} - secrets: - veracode_api_id: ${{ secrets.VERACODE_API_ID_COLL }} - veracode_api_key: ${{ secrets.VERACODE_API_KEY_COLL }} - veracode_srcclr_token: ${{ secrets.VERACODE_SRCCLR_TOKEN }} - docker_registry_id: ${{ secrets.HARBOR_CENTREON_PULL_USERNAME }} - docker_registry_passwd: ${{ secrets.HARBOR_CENTREON_PULL_TOKEN }} - unit-test: needs: [get-environment] if: | diff --git a/.github/workflows/gorgone-analysis.yml b/.github/workflows/gorgone-analysis.yml new file mode 100644 index 0000000000..0e3ee3817a --- /dev/null +++ b/.github/workflows/gorgone-analysis.yml @@ -0,0 +1,71 @@ +name: gorgone-analysis + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +on: + workflow_dispatch: + inputs: + unit_tests: + description: 'Execute the unit tests' + required: true + default: true + type: boolean + pull_request: + types: + - opened + - synchronize + - reopened + - ready_for_review + paths: + - ".version" + - "gorgone/**" + - "perl-libs/**" + - "!gorgone/tests/**" + - "!gorgone/veracode.json" + - "!gorgone/.veracode-exclusions" + push: + branches: + - develop + - dev-[2-9][0-9].[0-9][0-9].x + - master + - "[2-9][0-9].[0-9][0-9].x" + paths: + - ".version" + - "gorgone/**" + - "perl-libs/**" + - "!gorgone/tests/**" + - "!gorgone/veracode.json" + - "!gorgone/.veracode-exclusions" + +env: + base_directory: gorgone + +jobs: + get-environment: + uses: ./.github/workflows/get-environment.yml + with: + version_file: gorgone/.version + + veracode-analysis: + needs: [get-environment] + if: | + needs.get-environment.outputs.skip_workflow == 'false' && + needs.get-environment.outputs.is_targeting_feature_branch != 'true' && + github.event.pull_request.draft != 'true' + uses: ./.github/workflows/veracode-analysis.yml + with: + module_directory: gorgone + module_name: centreon-gorgone + major_version: ${{ needs.get-environment.outputs.major_version }} + minor_version: ${{ needs.get-environment.outputs.minor_version }} + secrets: + veracode_api_id: ${{ secrets.VERACODE_API_ID_GORG }} + veracode_api_key: ${{ secrets.VERACODE_API_KEY_GORG }} + veracode_srcclr_token: ${{ secrets.VERACODE_SRCCLR_TOKEN }} + + set-skip-label: + needs: [get-environment, veracode-analysis] + if: needs.get-environment.outputs.skip_workflow == 'false' + uses: ./.github/workflows/set-pull-request-skip-label.yml diff --git a/.github/workflows/gorgone.yml b/.github/workflows/gorgone.yml index f2fc0ba916..be76fe2112 100644 --- a/.github/workflows/gorgone.yml +++ b/.github/workflows/gorgone.yml @@ -7,11 +7,6 @@ concurrency: on: workflow_dispatch: pull_request: - types: - - opened - - synchronize - - reopened - - ready_for_review paths: - "gorgone/**" - "!gorgone/tests/**" @@ -38,23 +33,6 @@ jobs: with: version_file: gorgone/.version - veracode-analysis: - needs: [get-environment] - if: ${{ needs.get-environment.outputs.is_targeting_feature_branch != 'true' && github.event.pull_request.draft != 'true' }} - uses: ./.github/workflows/veracode-analysis.yml - with: - module_directory: gorgone - module_name: centreon-gorgone - major_version: ${{ needs.get-environment.outputs.major_version }} - minor_version: ${{ needs.get-environment.outputs.minor_version }} - img_version: ${{ needs.get-environment.outputs.img_version }} - secrets: - veracode_api_id: ${{ secrets.VERACODE_API_ID_GORG }} - veracode_api_key: ${{ secrets.VERACODE_API_KEY_GORG }} - veracode_srcclr_token: ${{ secrets.VERACODE_SRCCLR_TOKEN }} - docker_registry_id: ${{ secrets.HARBOR_CENTREON_PULL_USERNAME }} - docker_registry_passwd: ${{ secrets.HARBOR_CENTREON_PULL_TOKEN }} - package: needs: [get-environment] if: | diff --git a/.github/workflows/veracode-analysis.yml b/.github/workflows/veracode-analysis.yml index 99c81a3ca2..d196b5d929 100644 --- a/.github/workflows/veracode-analysis.yml +++ b/.github/workflows/veracode-analysis.yml @@ -14,9 +14,6 @@ on: minor_version: required: true type: string - img_version: - required: true - type: string secrets: veracode_api_id: required: true @@ -24,10 +21,6 @@ on: required: true veracode_srcclr_token: required: true - docker_registry_id: - required: true - docker_registry_passwd: - required: true jobs: routing: @@ -62,63 +55,13 @@ jobs: build: name: Binary preparation - runs-on: [self-hosted, collect] + runs-on: [self-hosted, common] needs: [routing] if: needs.routing.outputs.skip_analysis == 'false' - container: - image: ${{ vars.DOCKER_INTERNAL_REGISTRY_URL }}/centreon-collect-alma9:${{ inputs.img_version }} - credentials: - username: ${{ secrets.docker_registry_id }} - password: ${{ secrets.docker_registry_passwd }} steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - if: ${{ inputs.module_name == 'centreon-collect' }} - name: Compiling Cpp sources - run: | - mv /root/.cache /github/home - export VCPKG_ROOT=/vcpkg - export PATH=$VCPKG_ROOT:$PATH - rm -rf build - cmake \ - -B build \ - -DVCPKG_OVERLAY_TRIPLETS=/custom-triplets \ - -DVCPKG_TARGET_TRIPLET=x64-linux-release \ - -DVCPKG_OVERLAY_PORTS=/overlays \ - -S . \ - -GNinja \ - -DCMAKE_CXX_FLAGS="-gdwarf-2 -g3 -O0 -fno-builtin" \ - -DDEBUG_ROBOT=OFF \ - -DWITH_TESTING=OFF \ - -DWITH_BENCH=OFF \ - -DWITH_MODULE_SIMU=OFF \ - -DCMAKE_INSTALL_PREFIX=/usr \ - -DWITH_STARTUP_SCRIPT=systemd \ - -DWITH_ENGINE_LOGROTATE_SCRIPT=ON \ - -DWITH_USER_BROKER=centreon-broker \ - -DWITH_GROUP_BROKER=centreon-broker \ - -DWITH_USER_ENGINE=centreon-engine \ - -DWITH_GROUP_ENGINE=centreon-engine \ - -DWITH_VAR_DIR=/var/log/centreon-engine \ - -DWITH_DAEMONS=ON \ - -DWITH_CREATE_FILES=OFF \ - -DWITH_CONFIG_FILES=ON \ - -DNG=ON - - ninja -Cbuild - - echo "[DEBUG] - Find compiled files" - find build/{broker,engine,clib,connectors,common} -name "*.so" -type f - echo "[DEBUG] - Build size" - du -sh $(find build/{broker,engine,clib,connectors,common} -name "*.so" -type f) | sort -rh - - - if: ${{ inputs.module_name == 'centreon-collect' }} - name: Preserve centreon-collect binaries from cleaning - run: | - echo "[INFO] - Keeping only compiled files" - find build -type f -not \( -name "*.so" -or -name "cbd" -or -name "centengine" -or -name "cbwd" -or -name "centreon_connector_*" \) -delete - - name: Binary preparation of ${{ inputs.module_name }} run: | if [ -n "${{ inputs.module_directory }}" ]; then @@ -144,25 +87,17 @@ jobs: echo "::warning::No '.veracode-exclusions' file found for this module. Skipping exclusion step" fi - if [ "${{ inputs.module_name }}" = "centreon-collect" ]; then - echo "[INFO] - Keeping only build's non empty folders" - find build -empty -type d -delete - ls -la build - echo "[INFO] - Generating the tarball" - tar cvzf "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.tar.gz" build - else - echo "[INFO] - Generating the zip" - zip -rq "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" * - if [ -n "${{ inputs.module_directory }}" ]; then - cd - - mv ${{ inputs.module_directory }}/${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip . - fi + echo "[INFO] - Generating the zip" + zip -rq "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" * + if [ -n "${{ inputs.module_directory }}" ]; then + cd - + mv ${{ inputs.module_directory }}/${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip . fi - name: Cache uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: - path: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.${{ inputs.module_name == 'centreon-collect' && 'tar.gz' || 'zip' }}" + path: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" key: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary" policy-scan: @@ -192,7 +127,7 @@ jobs: - name: Get build binary uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: - path: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.${{ inputs.module_name == 'centreon-collect' && 'tar.gz' || 'zip' }}" + path: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" key: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary" - name: Sandbox scan @@ -201,7 +136,7 @@ jobs: with: appname: "${{ inputs.module_name }}" version: "${{ inputs.major_version }}.${{ inputs.minor_version }}_runId-${{ github.run_id }}_attempt-${{ github.run_attempt }}" - filepath: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.${{ inputs.module_name == 'centreon-collect' && 'tar.gz' || 'zip' }}" + filepath: "${{ inputs.module_name }}-${{ github.sha }}-${{ github.run_id }}-veracode-binary.zip" vid: "vera01ei-${{ secrets.veracode_api_id }}" vkey: "vera01es-${{ secrets.veracode_api_key }}" createprofile: true