924c80a224
Merge branch '5.8.x'
2022-08-23 13:50:29 -05:00
8c69699458
Remove backportbot.yml
...
Issue gh-11736
2022-08-23 13:46:32 -05:00
02459919cc
Skip workflows on forks of spring-security
2022-07-28 15:13:56 -05:00
57d212ddca
Use cache and user.name system property on Windows
2022-07-28 15:13:55 -05:00
539b17f6da
Only run prerequisites job if on upstream repo
2022-07-28 15:13:54 -05:00
37e1ad27fe
Simplify dependency graph
2022-07-28 15:13:53 -05:00
043fdd6f03
Use Spring Gradle Build Action
...
Closes gh-11630
2022-07-28 15:13:52 -05:00
3234e05085
Polish gh-11367
2022-07-28 15:13:51 -05:00
f957e3c051
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
Closes gh-11367
2022-07-28 15:13:51 -05:00
9d248c7185
Skip workflows on forks of spring-security
2022-07-28 14:17:42 -05:00
865bf23ecc
Use cache and user.name system property on Windows
2022-07-28 13:00:15 -05:00
f86d30f4a1
Only run prerequisites job if on upstream repo
2022-07-27 16:01:16 -05:00
dc59d12405
Simplify dependency graph
2022-07-27 16:01:15 -05:00
bdeb32854e
Use Spring Gradle Build Action
...
Closes gh-11630
2022-07-27 16:01:15 -05:00
3f4efedd23
Polish gh-11367
2022-07-26 15:33:34 -05:00
8f93a7fc94
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-07-26 15:33:33 -05:00
aaf20e7b61
Build only on branches
...
Issue gh-11480
2022-07-18 11:47:25 -05:00
148756076c
Backport release automation and github actions
...
Closes gh-11501
2022-07-13 15:51:25 -05:00
92d4f1237d
Use JDK 17 for Antora
...
Issue gh-11430
Issue gh-11324
2022-07-13 14:11:31 -05:00
095f23d81f
Fix slack notifications in #spring-security-ci
...
Issue gh-11346
2022-07-05 17:50:27 -05:00
c4a55b90e3
Antora generate workflow use JDK 17
...
Closes gh-11430
2022-06-22 15:21:29 -03:00
ac98e358a5
Add slack announcement when release is successful
...
Closes gh-11307
2022-06-14 14:10:09 -05:00
d1cb236df5
Fix slack notifications in #spring-security-ci
...
This change can be reverted if upgrading to a new version of
Gamesight/slack-workflow-status with the fix available (> 1.1.0).
Closes gh-11346
2022-06-07 16:07:10 -05:00
592db9180d
Enable BackportBot on 5.6.x
2022-06-06 14:16:28 -05:00
07f28de79b
Polish gh-11184
...
Propagate rename in notify_result section.
2022-06-03 15:23:48 -05:00
46723a601c
Add workflow step for scheduling the next milestone
...
This step introduces the concept of a release train to determine the appropriate release dates and schedules milestones as needed. It uses the following rules:
- If the current SNAPSHOT version is a minor release (patchVersion == 0), checks to see if a GA release exists. If not, a release train is scheduled as follows:
- Finds the next available release train starting month (including this month), either January or July.
- Schedules a release train with M1, M2, M3, RC1 and GA versions on either January/February/March/April/May or July/August/September/October/November
- If the current SNAPSHOT version is a patch release (patchVersion != 0), checks to see if a GA release exists. If not, an individual milestone is scheduled on the next even month whose release day is in the future (can include this month).
- In either case, the release day used to schedule the release is based on the configured weekOfMonth (1-4) and dayOfWeek (1-5), e.g. 3rd Monday of the month (3, 1).
If a milestone already exists, nothing is created. Once created, milestone due dates can be updated manually as desired.
Closes gh-10458
2022-06-03 15:07:42 -05:00
ad19fc1330
Add workflow for scheduling releases on maintenance branches
...
Closes gh-11180
2022-06-03 10:19:02 -05:00
96caecc639
Disable pull request for backport-bot.yml
2022-06-02 11:00:46 -05:00
a10f707b6e
Fix spacing in backport-bot.yml
2022-06-01 16:46:54 -05:00
1d4bf88a0f
Cleanup backport-bot.yml
...
Issue gh-11313
2022-06-01 16:45:50 -05:00
b78a28be5f
Add backport-bot.yml
...
Closes gh-11313
2022-05-31 21:42:56 -05:00
8e34b4c15e
Fix step id in conditional checks
2022-05-16 14:22:36 -05:00
8f4d003602
Revert "Add expression syntax to conditionals"
...
This reverts commit ea0b271a73
2022-05-16 14:21:49 -05:00
ea0b271a73
Add expression syntax to conditionals
...
Issue gh-11158
2022-05-16 12:39:55 -05:00
d07c5e0804
Add quotes to boolean conditional checks
...
Issue gh-11158
2022-05-16 12:25:24 -05:00
0c94cfca63
Fix conditional using env namespace at job level
...
Issue gh-11158
2022-05-16 12:13:25 -05:00
44e672d969
Use properties in the checkSamples job
...
Issue gh-10344
2022-05-11 16:13:34 -03:00
0137f94f3b
Use properties in the checkSamples job
...
Issue gh-10344
2022-05-11 12:32:16 -03:00
e4f5d2c6ef
Fix release-next-version.yml
...
- Improve speed by using single job and multiple steps
- Check output of tasks rather than rely on status codes to fail
Issue gh-11158
2022-04-27 19:07:36 +02:00
eba091bad5
Push tag in release workflow
...
Issue gh-11023
2022-04-26 10:10:27 +02:00
8914f06eca
Use non-default access token in release pipeline
...
This ensures that subsequent workflows are triggered
Closes gh-11022
2022-04-26 09:54:40 +02:00
9601efd341
Add gradle-build-action to GitHub Actions pipelines
...
Closes gh-11099
2022-04-14 15:05:46 -05:00
0e7dec2d2c
Tag release after updating gradle.properties
...
Closes gh-11023
2022-03-29 13:44:22 +02:00
992b8c38ac
Update antora on next development version release
...
Move commit from gradle task to workflow. Update antora.yml after project version update and before commit.
Closes gh-11021
2022-03-29 12:28:37 +02:00
4a25264404
Stage changes before committing in release pipeline
...
Issue gh-11020
2022-03-29 12:28:05 +02:00
55c956ee68
Add task to update version in antora.yml
...
This task updates the docs version based on the version in gradle.properties
Closes gh-11020
2022-03-28 18:11:20 +02:00
155fe11815
Update release pipeline scheduled time to 5pm UTC
...
Issue gh-10455
2022-03-18 13:43:37 -05:00
43142a8137
Update CI pipeline to push next snapshot version after release
...
Issue gh-10461
2022-03-18 13:43:37 -05:00
d7ac254b3d
Do not run CI on tags
...
Issue gh-10457
2022-03-16 11:47:14 -05:00
5f37ee2f64
Add missing output and checkout
...
Issue gh-10928
2022-03-09 10:47:48 -06:00
Rob Winch
Steve Riesenberg
naveen
Marcus Da Coregio
Eleftheria Stein