Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into solarisfixes
Browse files Browse the repository at this point in the history
sxa authored Dec 3, 2024
2 parents 290bcb3 + ededebc commit 14d9387
Showing 18 changed files with 981 additions and 147 deletions.
5 changes: 5 additions & 0 deletions .github/linters/.gitleaks.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
title = "gitleaks config"
[allowlist]
files = [
"cyclonedx-lib/dependency_data/dependency_data.properties"
]
3 changes: 2 additions & 1 deletion .github/linters/suppressed-java.xml
Original file line number Diff line number Diff line change
@@ -28,4 +28,5 @@
<suppress files="." checks="LineLength" />
<suppress files="." checks="Header" /> <!-- Disabled as we don't use headers in our project for the test files -->
<suppress files="." checks="FileTabCharacter" /> <!-- Disabled as it generally doesn't matter if tabs are disabled or not -->
</suppressions>
<suppress files="." checks="ParameterNumber" />
</suppressions>
73 changes: 42 additions & 31 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -35,10 +35,6 @@ jobs:
build_linux:
name: Linux
runs-on: ubuntu-latest
env:
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
container:
image: ${{ matrix.image }}
strategy:
fail-fast: false
matrix:
@@ -80,24 +76,23 @@ jobs:
variant: bisheng
image: adoptopenjdk/centos7_build_image
steps:
# pinned at v3 to as Node.js 20.x is not supported on Centos 7
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- uses: actions/checkout@v4

- name: Build Linux
run: ./build-farm/make-adopt-build-farm.sh
env:
JAVA_TO_BUILD: ${{ matrix.version }}
ARCHITECTURE: x64
VARIANT: ${{ matrix.variant }}
TARGET_OS: ${{ matrix.os }}
FILENAME: OpenJDK.tar.gz
# Don't set the OS as we use both linux and alpine-linux
PLATFORM_CONFIG_LOCATION: adoptium/temurin-build/master/build-farm/platform-specific-configurations
BUILD_ARGS: --create-sbom
CONFIGURE_ARGS: --with-native-debug-symbols=none

# pinned at v3 to as Node.js 20.x is not supported on Centos 7
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
- name: Build Linux within container image "${{ matrix.image }}"
run: |
docker run --rm -w /home/jenkins -v "$PWD":"/home/jenkins" \
-e "JAVA_TO_BUILD=${{ matrix.version }}" \
-e "ARCHITECTURE=x64" \
-e "VARIANT=${{ matrix.variant }}" \
-e "TARGET_OS=${{ matrix.os }}" \
-e "FILENAME=OpenJDK.tar.gz" \
-e "PLATFORM_CONFIG_LOCATION=adoptium/temurin-build/master/build-farm/platform-specific-configurations" \
-e "BUILD_ARGS=--create-sbom" \
-e "CONFIGURE_ARGS=--with-native-debug-symbols=none" \
"${{ matrix.image }}" \
./build-farm/make-adopt-build-farm.sh
- uses: actions/upload-artifact@v4
name: Collect and Archive Artifacts
with:
name: ${{matrix.version}}-${{matrix.os}}-${{matrix.variant}}
@@ -110,17 +105,33 @@ jobs:
- name: Set root of jdk image dir
run: |
imageroot=$(find "${HOME}/JDK" -name release -type f)
echo "TEST_JDK_HOME=$(dirname "${imageroot}")" >> "$GITHUB_ENV"
- name: Smoke test
uses: adoptium/run-aqa@6bacb4e732ad546eda1b09665b9067cdc87651f4 # v2
# TEST_JDK_HOME needs to be mapped to the docker container /home/jenkins mapping
echo "TEST_JDK_HOME=$(dirname "${imageroot}")" | sed "s,${HOME},/home/jenkins," >> "$GITHUB_ENV"
- name: Checkout aqa-tests repo
uses: actions/checkout@v4
with:
build_list: 'functional/buildAndPackage'
target: '_extended.functional'
vendor_testRepos: "${{ github.event.pull_request.head.repo.html_url }}.git"
vendor_testBranches: "${{ github.head_ref }}"
vendor_testDirs: "/test/functional"
# pinned at v3 to as Node.js 20.x is not supported on Centos 7
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
repository: adoptium/aqa-tests
path: aqa-tests
- name: Run Smoke test within container image "${{ matrix.image }}"
env:
VENDOR_REPOS: ${{ github.event.pull_request.head.repo.html_url }}.git
VENDOR_BRANCH: ${{ github.head_ref }}
run: |
WORK_DIR="${PWD//${HOME}//home/jenkins}"
docker run --rm -w /home/jenkins -v "$HOME":"/home/jenkins" \
-e "TEST_JDK_HOME=${TEST_JDK_HOME}" \
-e "BUILD_LIST=functional/buildAndPackage" \
"${{ matrix.image }}" \
sh -c "cd ${WORK_DIR}/aqa-tests && \
./get.sh --vendor_repos ${VENDOR_REPOS} \
--vendor_branches ${VENDOR_BRANCH} \
--vendor_dirs /test/functional && \
cd TKG && \
make compile && \
make _extended.functional"
- uses: actions/upload-artifact@v4
name: Collect and Archive SmokeTest Results
if: failure()
with:
2 changes: 1 addition & 1 deletion .github/workflows/ca-cert-updater.yml
Original file line number Diff line number Diff line change
@@ -35,7 +35,7 @@ jobs:
working-directory: ./security
run: "./mk-ca-bundle.pl"

- uses: gr2m/create-or-update-pull-request-action@488876a65a2ca38b7eb05e9086166337087f5323 # v1.10.0
- uses: gr2m/create-or-update-pull-request-action@b65137ca591da0b9f43bad7b24df13050ea45d1b # v1.10.1
env:
GITHUB_TOKEN: ${{ secrets.ADOPTIUM_TEMURIN_BOT_TOKEN }}
with:
6 changes: 3 additions & 3 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -58,7 +58,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -68,7 +68,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
uses: github/codeql-action/autobuild@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -81,6 +81,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
with:
category: "/language:${{matrix.language}}"
2 changes: 1 addition & 1 deletion .github/workflows/ossf-scorecard.yml
Original file line number Diff line number Diff line change
@@ -46,6 +46,6 @@ jobs:
name: SARIF file
path: results.sarif
retention-days: 5
- uses: github/codeql-action/upload-sarif@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v2.13.4
- uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v2.13.4
with:
sarif_file: results.sarif
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# ********************************************************************************
# Copyright (c) 2023 Contributors to the Eclipse Foundation
# Copyright (c) 2023, 2024 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) with this work for additional
# information regarding copyright ownership.
@@ -12,7 +12,7 @@
# ********************************************************************************

---
name: TestSBOM
name: TestCycloneDX

on:
pull_request:
@@ -30,30 +30,49 @@ permissions:
contents: read

jobs:
test_sbom_gen:
name: gen_sbom
test_cyclonedx_gen:
name: gen_cyclonedx
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

# Build with jdk8 to ensure TemurinGenSBOM meets min compatibility
# Build with jdk8 to ensure TemurinGen* meets min compatibility
- uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
id: setup-java
with:
java-version: 8
distribution: 'temurin'

- name: Build TemurinGenSBOM.java
- name: Build TemurinGenSBOM.java and TemurinGenCDXA.java
run: |
ant -noinput -buildfile cyclonedx-lib/build.xml clean
ant -noinput -buildfile cyclonedx-lib/build.xml build
- name: Run TemurinGenSBOM Unit test
run: ant -noinput -buildfile cyclonedx-lib/build.xml run

- name: Run TemurinGenCDXA Unit test
run: ant -noinput -buildfile cyclonedx-lib/build.xml runCDXA

- name: Validate generated SBOM and CDXA documents using cyclonedx-cli validate
run: |
curl -L -O https://github.com/CycloneDX/cyclonedx-cli/releases/latest/download/cyclonedx-linux-x64
chmod +x cyclonedx-linux-x64
./cyclonedx-linux-x64 validate --input-file cyclonedx-lib/build/testSBOM.json --fail-on-errors --input-version v1_6
./cyclonedx-linux-x64 validate --input-file cyclonedx-lib/build/testSBOM.xml --fail-on-errors --input-version v1_6
./cyclonedx-linux-x64 validate --input-file cyclonedx-lib/build/testCDXA.json --fail-on-errors --input-version v1_6
./cyclonedx-linux-x64 validate --input-file cyclonedx-lib/build/testCDXA.xml --fail-on-errors --input-version v1_6
- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
name: Collect and Archive TemurinGenSBOM Artifacts
with:
name: testSBOM
path: cyclonedx-lib/build/testSBOM.json
path: cyclonedx-lib/build/testSBOM.*

- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
name: Collect and Archive TemurinGenCDXA Artifacts
with:
name: testCDXA
path: cyclonedx-lib/build/testCDXA.*

2 changes: 1 addition & 1 deletion RELEASING.md
Original file line number Diff line number Diff line change
@@ -149,7 +149,7 @@ flowchart TD

</details>

Disable nightly testing so the release builds aren't delayed by any nightly test runs (set `enableTests : false` in [defaults.json](https://github.com/adoptium/ci-jenkins-pipelines/blob/master/pipelines/defaults.json)). Ensure the build pipeline generator job runs successfully (<https://ci.adoptium.net/job/build-scripts/job/utils/job/build-pipeline-generator/>), and the flag is disabled by bringing up the Build pipeline job and check the `enableTests` checkbox is unticked.
Scheduled pipeline Testing is automatically disabled from the Saturday prior to "release Tuesday", to the Sunday after, see: https://github.com/adoptium/ci-jenkins-pipelines/blob/5bd79eb1d95a033c4ee364a8f9fcc270ad653178/pipelines/build/common/trigger_beta_build.groovy#L51

Add a banner to the website to indicate that the releases are coming in the near future ([Example Changes](https://github.com/adoptium/adoptium.net/blob/main/src/components/Banner.tsx)).

5 changes: 3 additions & 2 deletions SmokeTesting.md
Original file line number Diff line number Diff line change
@@ -7,8 +7,9 @@ These are the general steps to execute the Smoke Tests found in[/test/functional
1. export TEST_JDK_HOME=/someLocation // set test JDK home. On windows, the windows path format is expected. (i.e., TEST_JDK_HOME=C:\someLocation )
1. git clone [https://github.com/adoptium/aqa-tests.git](https://github.com/adoptium/aqa-tests) to /testLocation
1. cd aqa-tests
1. ./get.sh
1. ./get.sh --vendor_repos https://github.com/adoptium/temurin-build --vendor_branches master --vendor_dirs /test/functional
1. ( When running get.sh ensure the vendor parameters are passed correctly, the above example shows how to run the smoke tests contained within the temurin-build repository )
1. cd TKG
1. Export environment variables suitable for the SDK under test and for the test materials being used (i.e., export BUILD_LIST=functional/buildAndPackage, VENDOR_TEST_REPOS=https://github.com/adoptium/temurin-build, VENDOR_TEST_BRANCHES=master, VENDOR_TEST_DIRS=/test/functional )
1. Export environment variables suitable for the SDK under test and for the test materials being used (i.e., export BUILD_LIST=functional/buildAndPackage, this value details which test material that should be compiled.
1. make compile // fetches test material and compiles it, based on build.xml files in the test directories
1. make _extended.functional // executes the test target (can be test group, level, level.group or specific test). i.e., openjdk (all tests in openjdk group), sanity.functional (all functional tests labelled at sanity level), or in the case of smoke tests which are all tagged to belong to level=extended and group=functional, we use `_extended.functional` and because we have limited BUILD_LIST to the directory where the smoke test material lives, we will only run tests from that directory tagged as extended.functional.
Loading

0 comments on commit 14d9387

Please sign in to comment.