Skip to content

Commit

Permalink
Initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
eclipse-basyx-bot authored Dec 12, 2023
0 parents commit 5d97d98
Show file tree
Hide file tree
Showing 13 changed files with 432 additions and 0 deletions.
5 changes: 5 additions & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# The releng team is by default the owner of everything.
* @{{ org }}/eclipsefdn-releng

# Otterdog related configurations are also owned by the security team.
/otterdog/** @{{ org }}/eclipsefdn-security @{{ org }}/eclipsefdn-releng
13 changes: 13 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
version: 2
updates:
- package-ecosystem: github-actions
directory: "/"
# We scan and create dependabot PRs against the develop branch only.
# Such a branch only exists for the template master at EclipseFdn/.eclipsefdn-template
# dependabot shall only update the template master, and changes will be synchronized to
# all repos by otterdog using the sync-template operation to avoid having many similar
# dependabot PRs for each individual .eclipsefdn repo which we would like to avoid at all costs.
target-branch: "develop"
schedule:
interval: daily
open-pull-requests-limit: 10
122 changes: 122 additions & 0 deletions .github/workflows/build-page.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
name: Build GH Page

on:
workflow_dispatch:
push:
branches:
- 'main'
paths:
- 'otterdog/*.jsonnet'
- 'otterdog/*.json'
- 'docs/**'
- 'mkdocs.yml'
- '.github/workflows/build-page.yml'

concurrency:
group: "pages"
cancel-in-progress: false

permissions:
contents: read
pages: write
id-token: write

jobs:
generate-markdown:
# do not run the workflow in the template repo itself
if: ${{ !contains (github.repository, '/.eclipsefdn-template') }}
runs-on: ubuntu-latest
steps:
- name: Checkout OtterDog
run: git clone https://gitlab.eclipse.org/eclipsefdn/security/otterdog.git

- name: Checkout EclipseFdn/otterdog-configs
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
repository: EclipseFdn/otterdog-configs
path: otterdog-configs

# checkout the HEAD ref
- name: Checkout HEAD
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
path: ${{ github.repository_owner }}

- name: Install jsonnet-bundler
run: |
go install -a github.com/jsonnet-bundler/jsonnet-bundler/cmd/[email protected]
echo $(go env GOPATH)/bin >> $GITHUB_PATH
- name: Install poetry
run: pipx install poetry

- name: Setup Python
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
python-version: '3.10'
cache: 'poetry'

- name: Install dependencies with poetry
run: |
poetry install --only=main
working-directory: otterdog

- name: Copy configuration from HEAD ref
run: |
mkdir -p orgs/${{ github.repository_owner }}
cp -r ../${{ github.repository_owner }}/otterdog/* orgs/${{ github.repository_owner }}
working-directory: otterdog-configs

- name: Generate current configuration as markdown
run: ../otterdog/otterdog.sh show ${{ github.repository_owner }} -c otterdog.json --markdown --output-dir generated-site
working-directory: otterdog-configs

- name: Generate default configuration as markdown
run: ../otterdog/otterdog.sh show-default ${{ github.repository_owner }} -c otterdog.json --markdown > default.txt
working-directory: otterdog-configs

- name: Upload generated site content
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: generated-site
path: |
otterdog-configs/default.txt
otterdog-configs/orgs/${{ github.repository_owner }}/vendor/otterdog-defaults/*.libsonnet
otterdog-configs/generated-site/
build-page:
runs-on: ubuntu-latest
needs: generate-markdown
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Download generated site content
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: generated-site
- shell: bash
run: |
cat default.txt >> ./docs/playground.md
cp generated-site/*.md ./docs/
cp orgs/${{ github.repository_owner }}/vendor/otterdog-defaults/*.libsonnet ./docs/jsonnet/
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
python-version: 3.x
cache: 'pip'
- run: pip install -r requirements.txt
- name: Build with Mkdocs
run: mkdocs build
- name: Setup Pages
uses: actions/configure-pages@1f0c5cde4bc74cd7e1254d0cb4de8d49e9068c7d # v4.0.0
- name: Upload artifact
uses: actions/upload-pages-artifact@a753861a5debcf57bf8b404356158c8e1e33150c # v2.0.0

deploy:
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: build-page
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@13b55b33dd8996121833dbc1db458c793a334630 # v3.0.1
106 changes: 106 additions & 0 deletions .github/workflows/validate.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
name: Validate Otterdog Configuration

on:
workflow_dispatch:
pull_request_target:
branches: [ main ]

permissions:
contents: read
pull-requests: write

jobs:
validate:
# do not run the workflow in the template repo itself
if: ${{ !contains (github.repository, '/.eclipsefdn-template') }}
runs-on: ubuntu-latest
steps:
- name: Checkout OtterDog
run: git clone https://gitlab.eclipse.org/eclipsefdn/security/otterdog.git

- name: Checkout EclipseFdn/otterdog-configs
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
repository: EclipseFdn/otterdog-configs
path: otterdog-configs

# checkout the head ref of the PR
# NOTE: in general it is bad practice to check out the pull request HEAD for PRs originating from forked repos,
# however, this validation workflow produces a diff between the changes in the PR with the base ref, thus
# doing this is acceptable, see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
- name: Checkout HEAD ref of the PR
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{ github.event.pull_request.head.sha }}
path: ${{ github.repository_owner }}

# checkout the base ref of the PR
- name: Checkout BASE ref of the PR (target branch)
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{ github.base_ref }}
path: ${{ github.repository_owner }}-base

- name: Install jsonnet-bundler
run: |
go install -a github.com/jsonnet-bundler/jsonnet-bundler/cmd/[email protected]
echo $(go env GOPATH)/bin >> $GITHUB_PATH
- name: Install poetry
run: pipx install poetry

- name: Setup Python
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
python-version: '3.10'
cache: 'poetry'

- name: Install dependencies with poetry
run: |
poetry install --only=main
working-directory: otterdog

- name: Copy configuration from HEAD and BASE ref
run: |
mkdir -p orgs/${{ github.repository_owner }}
cp -r ../${{ github.repository_owner }}/otterdog/* orgs/${{ github.repository_owner }}
cp ../${{ github.repository_owner }}-base/otterdog/${{ github.repository_owner }}.jsonnet orgs/${{ github.repository_owner }}/${{ github.repository_owner }}.jsonnet-BASE
working-directory: otterdog-configs

- name: Validate Otterdog Configuration and diff HEAD <-> BASE
run: |
# use script to enable ansi color output
script -q /dev/null --command "../otterdog/otterdog.sh local-plan ${{ github.repository_owner }} -c otterdog.json --suffix=-BASE" | tee "$GITHUB_WORKSPACE/diff-ansi.txt"
# filter out ansi escape sequences again, use sed as ansi2txt is not available
cat "$GITHUB_WORKSPACE/diff-ansi.txt" | sed -e 's/\x1b\[[0-9;]*m//g' | sed -E 's/^([[:space:]]+)([-+!])/\2\1/g' | sed -E 's/^([[:space:]]+)([~])/!\1/g' > "$GITHUB_WORKSPACE/diff.txt"
working-directory: otterdog-configs

- name: Generate canonical diff
run: ../otterdog/otterdog.sh canonical-diff ${{ github.repository_owner }} -c otterdog.json | tee "$GITHUB_WORKSPACE/canonical-diff.txt"
working-directory: otterdog-configs

# Add a comment to the pull request with the diff

- name: Generate comment
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const commentText = 'Diff for ' + process.env.GITHUB_SHA + ':';
const canonicalCommentText = 'Canonical Diff for ' + process.env.GITHUB_SHA + ':';
const fs = require('fs');
const diff = fs.readFileSync(process.env.GITHUB_WORKSPACE + '/diff.txt').toString().trimEnd();
const canonicalDiff = fs.readFileSync(process.env.GITHUB_WORKSPACE + '/canonical-diff.txt').toString().trimEnd();
var body = "<details>\n<summary>" + commentText + "</summary>\n\n```diff\n" + diff + "\n```\n\n</details>\n" +
"<details>\n<summary>" + canonicalCommentText + "</summary>\n\n```diff\n" + canonicalDiff + "\n```\n\n</details>";
fs.writeFileSync(process.env.GITHUB_STEP_SUMMARY, body);
fs.writeFileSync(process.env.GITHUB_WORKSPACE + '/comment.txt', body);
- name: Attach comment to PR
uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd # v2.8.0
with:
hide_and_recreate: true
hide_classify: "OUTDATED"
path: ${{ github.workspace }}/comment.txt
7 changes: 7 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# Eclipse Foundation Config Repo

Repository to host configurations related to the Eclipse Foundation.

## Self service of your GitHub organization

You can find more information at <https://{{ org }}.github.io/.eclipsefdn/>.
17 changes: 17 additions & 0 deletions docs/index.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
---
hide:
- navigation
- toc
---

# Self-service of GitHub resources

General documentation for using the self-service (stored in directory *otterdog*) can be accessed at [otterdog.readthedocs.io](https://otterdog.readthedocs.io).

## Current configuration

The current configuration can be reviewed [here](configuration.md).

## Playground

A playground for creating and testing resources in jsonnet format is available [here](playground.md).
3 changes: 3 additions & 0 deletions docs/jsonnet/playground.jsonnet
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
local orgs = import 'otterdog-defaults.libsonnet';

orgs.newRepo('myrepo')
44 changes: 44 additions & 0 deletions docs/overrides/editor.html
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
{% extends "base.html" %}

{% block libs %}
{{ super() }}
<script src="https://eclipsefdn.github.io/otterdog-assets/third_party/js-yaml/dist/js-yaml.min.js"></script>
<script src="https://eclipsefdn.github.io/otterdog-assets/third_party/CodeMirror/lib/codemirror.js"></script>
<script src="https://eclipsefdn.github.io/otterdog-assets/third_party/CodeMirror/mode/yaml/yaml.js"></script>
<script src="https://eclipsefdn.github.io/otterdog-assets/third_party/CodeMirror/addon/edit/matchbrackets.js"></script>
<script src="https://eclipsefdn.github.io/otterdog-assets/js/codemirror-mode-jsonnet.js"></script>

<!-- Executing Jsonnet -->
<script src="https://eclipsefdn.github.io/otterdog-assets/js/wasm_exec.js"></script>
<script>
if (!WebAssembly.instantiateStreaming) {
// This function was observed to be missing on Safari 14.
WebAssembly.instantiateStreaming = async (resp, importObject) => {
const source = await (await resp).arrayBuffer();
return await WebAssembly.instantiate(source, importObject);
};
}
const go = new Go();
WebAssembly.instantiateStreaming(fetch("https://eclipsefdn.github.io/otterdog-assets/js/libjsonnet.wasm"), go.importObject).then((result) => {
go.run(result.instance);
});
</script>
<script src="https://eclipsefdn.github.io/otterdog-assets/js/demo.js"></script>
{% endblock %}

{% block styles %}
<!-- Google Fonts -->
<link href="https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,600,700" rel="stylesheet" type="text/css">

<!-- jsonnet.org stylesheet -->
<link rel="stylesheet" type="text/css" href="https://eclipsefdn.github.io/otterdog-assets/css/doc.css" />
<link rel="stylesheet" media="print" href="https://eclipsefdn.github.io/otterdog-assets/css/desktop.css">
<!-- The extra 16px is to account for the scrollbar, which is not always included. -->
<link rel="stylesheet" media="screen and (min-width: 1296px)" href="https://eclipsefdn.github.io/otterdog-assets/css/desktop.css">
<link rel="stylesheet" media="screen and (max-width: 1295px) and (min-width: 720px)" href="https://eclipsefdn.github.io/otterdog-assets/css/cellphone.css">
<link rel="stylesheet" media="screen and (max-width: 719px)" href="https://eclipsefdn.github.io/otterdog-assets/css/cellphone-small.css">
{{ super() }}

<!-- CodeMirror -->
<link rel="stylesheet" href="https://eclipsefdn.github.io/otterdog-assets/third_party/CodeMirror/lib/codemirror.css">
{% endblock %}
11 changes: 11 additions & 0 deletions docs/overrides/main.html
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{% extends "base.html" %}

{% block site_meta %}
{{ super() }}
<!-- prevent caching -->
<meta http-equiv="cache-control" content="no-cache, must-revalidate, post-check=0, pre-check=0" />
<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
<meta http-equiv="pragma" content="no-cache" />
{% endblock %}
56 changes: 56 additions & 0 deletions docs/playground.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
---
template: editor.html
hide:
- navigation
- toc
---

# Playground

You can use the playground below to create and evaluate resource snippets to include in your jsonnet configuration:

<div class="inverse hgroup">
<div class=hgroup-inline>
<div class="tab-window-input" id="input">
<div class="tab-header">
</div>
<textarea id=playground-jsonnet>
{% include 'jsonnet/playground.jsonnet' %}
</textarea>
<textarea id=otterdog-defaults-libsonnet>
{% include 'jsonnet/otterdog-defaults.libsonnet' %}
</textarea>
<textarea id=otterdog-functions-libsonnet>
{% include 'jsonnet/otterdog-functions.libsonnet' %}
</textarea>
</div>
<div class="bigarrow">➡</div>
<div class="tab-window-output" id="output">
<div class="tab-header">
<div class=selected onclick="tab_output_click(this, 'json-output')">output.json</div>
</div>
<textarea readonly class="selected code-json" id="json-output">
</textarea>
</div>
<script>
demo(
'input',
{
'playground-jsonnet': 'playground.jsonnet',
'otterdog-defaults-libsonnet': 'otterdog-defaults.libsonnet',
'otterdog-functions-libsonnet': 'otterdog-functions.libsonnet'
},
'playground.jsonnet',
'output',
false,
false
);
</script>
<div style="clear: both"></div>
</div>
</div>

## Resource functions and default values

The following snippets illustrate the functions to create the supported resources with default values as defined in the
[default configuration](https://github.com/EclipseFdn/otterdog-defaults/blob/main/otterdog-defaults.libsonnet) used at the Eclipse Foundation.
3 changes: 3 additions & 0 deletions docs/stylesheets/extra.css
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
.md-grid {
max-width: 1440px;
}
Loading

0 comments on commit 5d97d98

Please sign in to comment.