add pipelines

NUM-Forschungsdatenplattform · Apr 2, 2024 · bbe94bb · bbe94bb
2 parents df9c40b + 2c1d0e7
commit bbe94bb
Show file tree

Hide file tree

Showing 11 changed files with 321 additions and 69 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,18 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: npm
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: weekly
+      day: monday
+      time: "04:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: weekly
diff --git a/.github/workflows/build-for-development.yml b/.github/workflows/build-for-development.yml
@@ -0,0 +1,30 @@
+name: Build for development
+
+on:
+  push:
+    branches: [ 'feature/**', 'dependabot/**' ]
+
+jobs:
+  test_and_scan:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Node 20
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          ignore-unfixed: true
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+          severity: 'CRITICAL,HIGH'
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: 'trivy-results.sarif'
diff --git a/.github/workflows/create-release-branch.yml b/.github/workflows/create-release-branch.yml
@@ -0,0 +1,84 @@
+name: Create release branch
+
+on:
+  workflow_dispatch:
+    branches: [ develop ]
+    inputs:
+      release:
+        description: 'Type of the release.'
+        type: choice
+        options:
+          - major
+          - minor
+          - patch
+        default: minor
+
+jobs:
+  create_branch:
+    if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/develop'
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: main
+      - name: Set up Node 20
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - name: Create version
+        id: createVersion
+        run: |
+          CURRENT_VERSION=$(node -e "console.log(require('./package.json').version)")
+          echo "Current version: $CURRENT_VERSION"
+          MAJOR=`echo $CURRENT_VERSION | cut -d. -f1`
+          MINOR=`echo $CURRENT_VERSION | cut -d. -f2`
+          PATCH=`echo $CURRENT_VERSION | cut -d. -f3 | cut -d- -f1`
+
+          if [ ${{ inputs.release }} == 'major' ]; then
+            MAJOR=$((MAJOR+1))
+            MINOR=0
+            PATCH=0
+          elif [ ${{ inputs.release }} == 'minor' ]; then
+            MINOR=$((MINOR+1))
+            PATCH=0
+          else
+            PATCH=$((PATCH+1))
+          fi
+
+          VERSION=${MAJOR}.${MINOR}.${PATCH}
+
+          echo
+          echo "Release version: $VERSION"
+
+          echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT"
+
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Create release branch
+        env:
+          VERSION: ${{ steps.createVersion.outputs.VERSION }}
+        run: |
+          git config --global user.email "[email protected]"
+          git config --global user.name "Github Actions"
+
+          git branch release/$VERSION
+          git checkout release/$VERSION
+
+          npm version ${VERSION}-SNAPSHOT
+          git add package.json
+          git commit -m "updated project version to ${VERSION}"
+
+          git push --set-upstream origin release/$VERSION
+
+  wrong_branch:
+    if: github.event_name == 'workflow_dispatch' && github.ref != 'refs/heads/develop'
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: ERROR
+        run: echo 'This workflow only runs on develop branch!'
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
@@ -0,0 +1,29 @@
+name: Nightly
+
+on:
+  schedule:
+    - cron: '0 21 * * *'
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Node 20
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          ignore-unfixed: true
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+          severity: 'CRITICAL,HIGH'
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: 'trivy-results.sarif'
diff --git a/.github/workflows/release-new-tag.yml b/.github/workflows/release-new-tag.yml
@@ -0,0 +1,31 @@
+name: Release new tag
+
+on:
+  push:
+    tags:
+      - '[0-9]+.[0-9]+.[0-9]+'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Node 20
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - name: Login to docker hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      - name: Build and push docker image
+        uses: docker/build-push-action@v5
+        with:
+          load: true
+          tags: ${{ secrets.DOCKER_USERNAME }}/keycloak-theme-num:${{ github.ref_name }}
+      - name: Print Release Version
+        run: |
+          echo "### :rocket: ${{ github.ref_name }}" >> $GITHUB_STEP_SUMMARY
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,112 @@
+name: release
+
+on:
+  workflow_dispatch:
+    branches: [ 'release/**' ]
+
+env:
+  RELEASE_VERSION: ''
+  DEV_VERSION: ''
+
+jobs:
+
+  read_version:
+    runs-on: ubuntu-latest
+
+    outputs:
+      DEV_VERSION: ${{ steps.createVersion.outputs.DEV_VERSION}}
+      RELEASE_VERSION: ${{ steps.createVersion.outputs.RELEASE_VERSION}}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Node 20
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - name: Create new development version
+        id: createVersion
+        run: |
+          CURRENT_VERSION=$(node -e "console.log(require('./package.json').version)")
+          RELEASE_VERSION=`echo $CURRENT_VERSION | cut -d- -f1`
+          echo "Current version: $CURRENT_VERSION"
+          MAJOR=`echo $CURRENT_VERSION | cut -d. -f1`
+          MINOR=`echo $CURRENT_VERSION | cut -d. -f2`
+
+          DEV_VERSION=${MAJOR}.$((MINOR+1)).0-SNAPSHOT
+
+          echo
+          echo "Release version: $RELEASE_VERSION"
+          echo "Develop version: $DEV_VERSION"
+
+          echo "RELEASE_VERSION=${RELEASE_VERSION}" >> "$GITHUB_OUTPUT"
+          echo "DEV_VERSION=${DEV_VERSION}" >> "$GITHUB_OUTPUT"
+
+          echo "### :rocket: ${RELEASE_VERSION}" >> $GITHUB_STEP_SUMMARY
+
+  update_dev:
+    needs: read_version
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Node 20
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - name: Create branch to update develop version
+        env:
+          DEV_VERSION: ${{ needs.read_version.outputs.DEV_VERSION }}
+        run: |
+          git config --global user.email "[email protected]"
+          git config --global user.name "Github Actions"
+
+          git branch feature/update_develop_${DEV_VERSION}
+          git checkout feature/update_develop_${DEV_VERSION}
+
+          npm version ${DEV_VERSION}
+          git commit -am "updated development version to ${DEV_VERSION}"
+
+          git push --set-upstream origin feature/update_develop_${DEV_VERSION}
+
+      - name: Create PR to merge changes to Develop and update Version
+        env:
+          RELEASE_VERSION: ${{ needs.read_version.outputs.RELEASE_VERSION }}
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          PR_URL=`gh pr create -B develop --title "Merge release branch '${RELEASE_VERSION}' back to develop" --body "Merge release branch '${RELEASE_VERSION}' back to develop"`
+          echo $PR_URL
+
+  release:
+    needs: read_version
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Node 20
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - name: Set the release version
+        env:
+          RELEASE_VERSION: ${{ needs.read_version.outputs.RELEASE_VERSION }}
+        run: |
+          git config --global user.email "[email protected]"
+          git config --global user.name "Github Actions"
+
+          npm version ${RELEASE_VERSION}
+          git commit -am "updated release version to ${RELEASE_VERSION}"
+          git push
+
+      - name: Create PR to merge release branch to main
+        env:
+          RELEASE_VERSION: ${{ needs.read_version.outputs.RELEASE_VERSION }}
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          PR_URL=`gh pr create -B main --title "Merge release branch '${RELEASE_VERSION}'" --body "Merge release branch '${RELEASE_VERSION}'"`
+          echo $PR_URL
diff --git a/login/messages/messages_de.properties b/login/messages/messages_de.properties
@@ -175,7 +175,8 @@ client_broker=Broker
 
 invalidUserMessage=Benutzername oder Passwort ung\u00fcltig
 invalidEmailMessage=E-Mail-Adresse ung\u00fcltig
-accountDisabledMessage=Ihr Benutzerkonto wurde deaktiviert. Wenden Sie sich an Ihren Systemadministrator, um weitere Informationen zu erhalten.
+#accountDisabledMessage=Ihr Benutzerkonto wurde deaktiviert. Wenden Sie sich an Ihren Systemadministrator, um weitere Informationen zu erhalten.
+accountDisabledMessage=Benutzername oder Passwort ung\u00fcltig
 accountTemporarilyDisabledMessage=Ihr Benutzerkonto wurde vor\u00fcbergehend deaktiviert. Wenden Sie sich an Ihren Systemadministrator, um weitere Informationen zu erhalten, oder versuchen Sie es sp\u00e4ter noch einmal.
 expiredCodeMessage=Ihre Sitzung ist abgelaufen. Melden Sie sich bitte neu an.
 expiredActionMessage=Ihre Aktion ist abgelaufen. Melden Sie sich bitte neu an.

diff --git a/login/messages/messages_en.properties b/login/messages/messages_en.properties
@@ -171,7 +171,8 @@ client_broker=Broker
 
 invalidUserMessage=Invalid username or password
 invalidEmailMessage=Invalid email address
-accountDisabledMessage=Your account is disabled. Contact your System Administrator for more information.
+#accountDisabledMessage=Your account is disabled. Contact your System Administrator for more information.
+accountDisabledMessage=Invalid username or password.
 accountTemporarilyDisabledMessage=Your account is temporarily disabled. Contact your System Administrator for more information or try again later.
 expiredCodeMessage=Your session has timed out. Try signing in again.
 expiredActionMessage=Your action has expired. Try signing in again.