diff --git a/.github/labeler-config-srvaroa.yml b/.github/labeler-config-srvaroa.yml index b2324fbe3..e37a8a810 100644 --- a/.github/labeler-config-srvaroa.yml +++ b/.github/labeler-config-srvaroa.yml @@ -2,37 +2,46 @@ version: 1 labels: - label: "Bugfix" - title: '^fix:.*' + title: '^fix(\([^)]*\))?:|^fix:.*' - label: "enhancement" - title: '^feat:.*' + title: '^feat(\([^)]*\))?:|^feat:.*' - label: "build" - title: '^build:.*' + title: '^build(\([^)]*\))?:|^build:.*' - label: "chore" - title: '^chore:.*' + title: '^chore(\([^)]*\))?:|^chore:.*' - label: "ci" - title: '^ci:.*' + title: '^ci(\([^)]*\))?:|^ci:.*' + + - label: "ci" + title: '^.*\(ci\):.*' - label: "perf" - title: '^perf:.*' + title: '^perf(\([^)]*\))?:|^perf:.*' - label: "refactor" - title: '^refactor:.*' + title: '^refactor(\([^)]*\))?:|^refactor:.*' - label: "revert" - title: '^revert:.*' + title: '^revert(\([^)]*\))?:|^revert:.*' - label: "style" - title: '^style:.*' + title: '^style(\([^)]*\))?:|^style:.*' - label: "Documentation" - title: '^docs:.*' + title: '^docs(\([^)]*\))?:|^docs:.*' + + - label: "dependencies" + title: '^deps(\([^)]*\))?:|^deps:.*' + + - label: "dependencies" + title: '^.*\(deps\):.*' - label: 'API' - title: '.*openapi.*' + title: '.*openapi.*|.*swagger.*|.*api.*' - label: 'Translation' files: @@ -81,6 +90,7 @@ labels: - 'stirling-pdf/src/main/java/stirling/software/SPDF/controller/web/MetricsController.java' - 'stirling-pdf/src/main/java/stirling/software/SPDF/controller/api/.*' - 'stirling-pdf/src/main/java/stirling/software/SPDF/model/api/.*' + - 'stirling-pdf/src/main/java/stirling/software/SPDF/service/ApiDocService.java' - 'proprietary/src/main/java/stirling/software/proprietary/security/controller/api/.*' - 'scripts/png_to_webp.py' - 'split_photos.py' diff --git a/.github/labels.yml b/.github/labels.yml index b7f5642e7..9b35ccb1a 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -175,3 +175,6 @@ description: "This PR changes 1000+ lines ignoring generated files." - name: "to research" color: "FBCA04" +- name: "pr-deployed" + color: "00FF00" + description: "Pull request has been deployed to a test environment" diff --git a/.github/workflows/PR-Demo-Comment-with-react.yml b/.github/workflows/PR-Demo-Comment-with-react.yml index edb696bf0..877a78524 100644 --- a/.github/workflows/PR-Demo-Comment-with-react.yml +++ b/.github/workflows/PR-Demo-Comment-with-react.yml @@ -6,20 +6,18 @@ on: permissions: contents: read - issues: write # Required for adding reactions to comments - pull-requests: read # Required for reading PR information + pull-requests: read jobs: check-comment: runs-on: ubuntu-latest permissions: issues: write - pull-requests: read if: | github.event.issue.pull_request && ( - contains(github.event.comment.body, 'prdeploy') || - contains(github.event.comment.body, 'deploypr') + contains(github.event.comment.body, 'prdeploy') || + contains(github.event.comment.body, 'deploypr') ) && ( @@ -47,10 +45,14 @@ jobs: with: egress-policy: audit - # Generate GitHub App token - - name: Generate GitHub App Token - id: generate-token - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 + - name: Checkout PR + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Setup GitHub App Bot + if: github.actor != 'dependabot[bot]' + id: setup-bot + uses: ./.github/actions/setup-bot + continue-on-error: true with: app-id: ${{ secrets.GH_APP_ID }} private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} @@ -123,7 +125,7 @@ jobs: id: add-eyes-reaction uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: - github-token: ${{ steps.generate-token.outputs.token }} + github-token: ${{ steps.setup-bot.outputs.token }} script: | console.log(`Adding eyes reaction to comment ID: ${context.payload.comment.id}`); try { @@ -145,8 +147,8 @@ jobs: needs: check-comment runs-on: ubuntu-latest permissions: - contents: read issues: write + pull-requests: write steps: - name: Harden Runner @@ -154,9 +156,14 @@ jobs: with: egress-policy: audit - - name: Generate GitHub App Token - id: generate-token - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 + - name: Checkout PR + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Setup GitHub App Bot + if: github.actor != 'dependabot[bot]' + id: setup-bot + uses: ./.github/actions/setup-bot + continue-on-error: true with: app-id: ${{ secrets.GH_APP_ID }} private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} @@ -166,7 +173,7 @@ jobs: with: repository: ${{ needs.check-comment.outputs.pr_repository }} ref: ${{ needs.check-comment.outputs.pr_ref }} - token: ${{ secrets.GITHUB_TOKEN }} + token: ${{ steps.setup-bot.outputs.token }} - name: Set up JDK uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 @@ -188,12 +195,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - - name: Get version number - id: versionNumber - run: | - VERSION=$(grep "^version =" build.gradle | awk -F'"' '{print $2}') - echo "versionNumber=$VERSION" >> $GITHUB_OUTPUT - - name: Login to Docker Hub uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 with: @@ -297,7 +298,7 @@ jobs: if: success() uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: - github-token: ${{ steps.generate-token.outputs.token }} + github-token: ${{ steps.setup-bot.outputs.token }} script: | console.log(`Adding rocket reaction to comment ID: ${{ needs.check-comment.outputs.comment_id }}`); try { @@ -313,11 +314,26 @@ jobs: console.error(error); } + // add label to PR + const prNumber = ${{ needs.check-comment.outputs.pr_number }}; + try { + await github.rest.issues.addLabels({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: prNumber, + labels: ['pr-deployed'] + }); + console.log(`Added 'pr-deployed' label to PR #${prNumber}`); + } catch (error) { + console.error(`Failed to add label to PR: ${error.message}`); + console.error(error); + } + - name: Add failure reaction to comment if: failure() uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: - github-token: ${{ steps.generate-token.outputs.token }} + github-token: ${{ steps.setup-bot.outputs.token }} script: | console.log(`Adding -1 reaction to comment ID: ${{ needs.check-comment.outputs.comment_id }}`); try { @@ -337,7 +353,7 @@ jobs: if: success() uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: - github-token: ${{ steps.generate-token.outputs.token }} + github-token: ${{ steps.setup-bot.outputs.token }} script: | const { GITHUB_REPOSITORY } = process.env; const [repoOwner, repoName] = GITHUB_REPOSITORY.split('/'); @@ -357,3 +373,11 @@ jobs: issue_number: prNumber, body: commentBody }); + + - name: Cleanup temporary files + if: always() + run: | + echo "Cleaning up temporary files..." + rm -f ../private.key docker-compose.yml + echo "Cleanup complete." + continue-on-error: true diff --git a/.github/workflows/PR-Demo-cleanup.yml b/.github/workflows/PR-Demo-cleanup.yml index bec52c2bb..0cc6e3c1e 100644 --- a/.github/workflows/PR-Demo-cleanup.yml +++ b/.github/workflows/PR-Demo-cleanup.yml @@ -1,7 +1,7 @@ name: PR Deployment cleanup on: - pull_request: + pull_request_target: types: [opened, synchronize, reopened, closed] permissions: @@ -13,11 +13,11 @@ env: jobs: cleanup: + if: github.event.action == 'closed' runs-on: ubuntu-latest permissions: - contents: write pull-requests: write - if: github.event.action == 'closed' + issues: write steps: - name: Harden Runner @@ -25,13 +25,84 @@ jobs: with: egress-policy: audit + - name: Checkout PR + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Setup GitHub App Bot + if: github.actor != 'dependabot[bot]' + id: setup-bot + uses: ./.github/actions/setup-bot + continue-on-error: true + with: + app-id: ${{ secrets.GH_APP_ID }} + private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} + + - name: Remove 'pr-deployed' label if present + id: remove-label-comment + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + with: + github-token: ${{ steps.setup-bot.outputs.token }} + script: | + const prNumber = ${{ github.event.pull_request.number }}; + const owner = context.repo.owner; + const repo = context.repo.repo; + + // Hole alle Labels auf dem PR + const { data: labels } = await github.rest.issues.listLabelsOnIssue({ + owner, + repo, + issue_number: prNumber + }); + + const hasLabel = labels.some(label => label.name === 'pr-deployed'); + + if (hasLabel) { + console.log("Label 'pr-deployed' found. Removing..."); + await github.rest.issues.removeLabel({ + owner, + repo, + issue_number: prNumber, + name: 'pr-deployed' + }); + } else { + console.log("Label 'pr-deployed' not found. Nothing to do."); + } + + // Find existing comment + const comments = await github.rest.issues.listComments({ + owner, + repo, + issue_number: prNumber + }); + + const deploymentComments = comments.data.filter(c => + c.body?.includes("## 🚀 PR Test Deployment") && + c.user?.type === "Bot" + ); + + if (deploymentComments.length > 0) { + for (const comment of deploymentComments) { + await github.rest.issues.deleteComment({ + owner, + repo, + comment_id: comment.id + }); + console.log(`Deleted deployment comment (ID: ${comment.id})`); + } + } else { + console.log("No matching deployment comments found."); + } + core.setOutput('present', hasLabel || deploymentComment ? 'true' : 'false'); + - name: Set up SSH + if: steps.remove-label-comment.outputs.present == 'true' run: | mkdir -p ~/.ssh/ echo "${{ secrets.VPS_SSH_KEY }}" > ../private.key sudo chmod 600 ../private.key - name: Cleanup PR deployment + if: steps.remove-label-comment.outputs.present == 'true' id: cleanup run: | ssh -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -T ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }} << 'ENDSSH' @@ -57,3 +128,11 @@ jobs: echo "NO_CLEANUP_NEEDED" fi ENDSSH + + - name: Cleanup temporary files + if: always() + run: | + echo "Cleaning up temporary files..." + rm -f ../private.key + echo "Cleanup complete." + continue-on-error: true