Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BRAVO-666 - Create release artifact after creating the release #1

Merged
merged 27 commits into from
Jun 18, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
b209a45
Tried another repository to fix missing dependency
jrgarlick Jun 8, 2020
bbc85a3
Setting artifact version
jrgarlick Jun 8, 2020
c2ae74a
Set build to only publish SNAPSHOT from develop branch
jrgarlick Jun 8, 2020
4b08aef
BRAVO-666 - Added release workflow
jrgarlick Jun 11, 2020
1264645
BRAVO-666 - Fixed typo
jrgarlick Jun 11, 2020
70b7d1d
BRAVO-666 - Cleaned up and removed conditional
jrgarlick Jun 11, 2020
6dc4540
BRAVO-666 - Trying another thing
jrgarlick Jun 11, 2020
4cf50a7
BRAVO-666 - Debugging this tag version thing
jrgarlick Jun 11, 2020
4c1106c
BRAVO-666 - Adding package remover on delete of release
jrgarlick Jun 11, 2020
d5bd616
BRAVO-666 - Executing release a little differently. Cleanup of cleanup
jrgarlick Jun 11, 2020
3bf5001
BRAVO-666 - Removed cleanup script
jrgarlick Jun 11, 2020
0796332
BRAVO-666 - Tiny tweak to publish from master branch
jrgarlick Jun 11, 2020
a178e59
BRAVO-666 - Added snyk monitor check to normal build
jrgarlick Jun 15, 2020
124ff03
BRAVO-666 - Trying to fix gradle/snyk issue
jrgarlick Jun 15, 2020
125d0d1
BRAVO-666 - Moved Snyk check to it's own action
jrgarlick Jun 15, 2020
0b8e90f
BRAVO-666 - Adding test phase to publish during release
jrgarlick Jun 15, 2020
746946e
BRAVO-666 - Renamed snyk check
jrgarlick Jun 15, 2020
bdbdfaf
BRAVO-666 - Changing the trigger to just PRs
jrgarlick Jun 15, 2020
ae29c3d
BRAVO-666 - Updating dependencies to newer versions
jrgarlick Jun 16, 2020
f8d2918
BRAVO-666 - Updated a couple jenkins dependencies
jrgarlick Jun 16, 2020
dea35cb
BRAVO-666 - Forced updated of two vulnerable transient dependencies
jrgarlick Jun 16, 2020
83a4774
BRAVO-666 - These changes didn't have any effect. Removing
jrgarlick Jun 16, 2020
44d01da
Create SECURITY.md
Jun 18, 2020
0a199c4
Update CHANGELOG.md
Jun 18, 2020
62be351
Update CHANGELOG.md
Jun 18, 2020
e7246ce
Update CHANGELOG.md
Jun 18, 2020
a9e4ca4
Merge pull request #2 from EliLillyCo/security-doc
Jun 18, 2020
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@

name: CI
name: SNAPSHOT

on:
push:
branches: [ feature/* ]
branches: [ master, develop, feature/* ]
pull_request:
branches: [ master ]

Expand All @@ -26,6 +26,7 @@ jobs:
arguments: build

- name: Upload Build Artifacts
if: github.ref == 'refs/heads/master'
uses: eskatos/gradle-command-action@v1
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
Expand Down
32 changes: 32 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@

name: RELEASE

on:
release:
types: [created]

jobs:
perform-release:
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Get the version
id: get_version
run: echo ::set-output name=VERSION::$(echo ${GITHUB_REF##*/})

- name: Setup Java
uses: actions/setup-java@v1
with:
java-version: 11

- name: Publish artifact
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
RELEASE_VERSION: ${{ steps.get_version.outputs.VERSION }}
jrgarlick marked this conversation as resolved.
Show resolved Hide resolved
run: |
echo "New version: ${RELEASE_VERSION}"
echo "Github username: ${GITHUB_ACTOR}"
./gradlew -Pversion=${RELEASE_VERSION} test publish
22 changes: 22 additions & 0 deletions .github/workflows/snyk.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@

name: SNYK

on:
pull_request:
branches: [ master ]

jobs:
run_snyk:
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/gradle-jdk11@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --severity-threshold=high
command: monitor
1 change: 0 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@
/bin/
/.vscode/
/.groovy
/gradle.properties
.idea/
.externalToolBuilders/
/out
Expand Down
8 changes: 7 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,16 @@ All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [1.0.1]
### Created
- `SECURITY.md` file creation.
- GitHub Actions Workflow Creation.
- Updated dependenices resolving security problems.

## 1.0.0
## [1.0.0]
### Created
- Initial release of JenkinsDSL core.

[1.0.1]: https://github.com/EliLillyCo/CIRR_JenkinsPipelineLibraries/releases/v1.0.1...v1.0.0
[1.0.0]: https://github.com/EliLillyCo/CIRR_JenkinsPipelineLibraries/releases/v1.0.0

18 changes: 18 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# Security Policy

## Supported Versions

The versions of this project which are currently being supported with security updates are:

| Version | Supported |
| ------- | ------------------ |
| 1.x | :white_check_mark: |

## Reporting a Vulnerability

If you find a vulnerability assosiated with this source code please contact either:

- [Jarrett Alexander](mailto:[email protected]).
- [Nick Liffen](mailto:[email protected]).

For the moment in time, **please do not** open a GitHub issue on the repository to report a vulnerability.
41 changes: 23 additions & 18 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ apply plugin: 'java'
apply plugin: 'maven-publish'
apply plugin: 'jacoco'
apply plugin: "io.spring.dependency-management"
apply plugin: 'org.owasp.dependencycheck'
apply plugin: 'com.github.ben-manes.versions'

//// Configuration
group = 'com.lilly.opensource.edat'
Expand Down Expand Up @@ -40,21 +42,24 @@ test.testLogging {
}

repositories {
maven {
url 'https://elilillyco.jfrog.io/elilillyco/Lilly-Maven'
}
mavenCentral()
jcenter()
maven { url 'https://repo1.maven.org/maven2/' }
maven { url 'https://repo.jenkins-ci.org/releases/' }
}

buildscript {
repositories {
mavenCentral()
jcenter()
}
dependencies {
classpath "io.spring.gradle:dependency-management-plugin:1.0.3.RELEASE"
classpath "io.spring.gradle:dependency-management-plugin:1.0.3.RELEASE"
classpath 'org.owasp:dependency-check-gradle:5.3.2'
classpath 'com.github.ben-manes:gradle-versions-plugin:0.28.0'
}
}


dependencyManagement {
imports {
mavenBom 'com.amazonaws:aws-java-sdk-bom:1.11.485'
Expand All @@ -63,9 +68,9 @@ dependencyManagement {

dependencies {
implementation 'org.codehaus.groovy:groovy-all:2.4.15'
implementation 'org.jenkins-ci.main:jenkins-core:2.141'
implementation group: 'org.jenkins-ci.plugins.workflow', name: 'workflow-cps', version: '2.57', ext: 'jar'
implementation group: 'org.jenkins-ci.plugins', name: 'credentials-binding', version: '1.17', ext: 'jar'
implementation 'org.jenkins-ci.main:jenkins-core:2.238'
implementation group: 'org.jenkins-ci.plugins.workflow', name: 'workflow-cps', version: '2.80', ext: 'jar'
implementation group: 'org.jenkins-ci.plugins', name: 'credentials-binding', version: '1.23', ext: 'jar'
implementation group: 'org.jenkins-ci.plugins', name: 'branch-api', version: '2.0.21', ext: 'jar'
implementation group: 'org.jenkins-ci.plugins', name: 'cloudbees-folder', version: '6.7', ext: 'jar'
implementation group: 'org.jenkins-ci.plugins', name: 'scm-api', version: '2.3.0', ext: 'jar'
Expand All @@ -78,18 +83,18 @@ dependencies {
implementation group: 'com.cloudbees', name: 'groovy-cps', version: '1.24', ext: 'jar'
implementation group: 'org.jenkins-ci.plugins.workflow', name: 'workflow-durable-task-step', version: '2.26', ext: 'jar'
implementation group: 'org.jenkins-ci.plugins', name: 'durable-task', version: '1.28', ext: 'jar'
implementation 'com.amazonaws:aws-java-sdk-core'
implementation 'com.amazonaws:aws-java-sdk-s3'
implementation 'com.amazonaws:aws-java-sdk-sts'
implementation group: 'com.amazonaws', name: 'aws-java-sdk-core', version: '1.11.803', ext: 'jar'
implementation group: 'com.amazonaws', name: 'aws-java-sdk-s3', version: '1.11.803', ext: 'jar'
implementation group: 'com.amazonaws', name: 'aws-java-sdk-sts', version: '1.11.803', ext: 'jar'
implementation group: 'org.jenkins-ci.plugins', name: 'cloudbees-folder', version: '6.7', ext: 'jar'
implementation group: 'org.apache.ivy', name: 'ivy', version: '2.4.0', ext: 'jar'
implementation 'javax.servlet:javax.servlet-api:4.0.1'
implementation 'org.spockframework:spock-core:1.2-groovy-2.4'
implementation 'org.yaml:snakeyaml:1.23'
testImplementation 'junit:junit:4.12'
testRuntimeOnly 'net.bytebuddy:byte-buddy:1.8.21'
testRuntimeOnly 'org.objenesis:objenesis:2.6'
testRuntimeOnly 'org.slf4j:slf4j-simple:1.7.25'
implementation group: 'javax.servlet', name: 'javax.servlet-api', version: '4.0.1', ext: 'jar'
implementation group: 'org.spockframework', name: 'spock-core', version: '1.2-groovy-2.4', ext: 'jar'
implementation group: 'org.yaml', name: 'snakeyaml', version: '1.23', ext: 'jar'
testImplementation group: 'junit', name: 'junit', version: '4.12', ext: 'jar'
testRuntimeOnly group: 'net.bytebuddy', name: 'byte-buddy', version: '1.8.21', ext: 'jar'
testRuntimeOnly group: 'org.objenesis', name: 'objenesis', version: '2.6', ext: 'jar'
testRuntimeOnly group: 'org.slf4j', name: 'slf4j-simple', version: '1.7.25', ext: 'jar'
}

//// Sources and GroovyDoc Jars
Expand Down
1 change: 1 addition & 0 deletions gradle.properties
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
version=1.0.0-SNAPSHOT
jrgarlick marked this conversation as resolved.
Show resolved Hide resolved