Publish to dockerhub on merge to the main branch
Signed-off-by: garyschulte <garyschulte@gmail.com>
Co-authored-by: Simon Dudley <simon.dudley@consensys.net>
* correcting env vars
* removes conditionals which result in skipped tasks being considered success
* spotless fix
---------
Signed-off-by: Justin Florentine <justin+github@florentine.us>
* resumes publishing jars, but not distros to artifactory
* checkMavenCoordinateCollisions needs a publication with an explicitly set version, does not inherit project.version
---------
Signed-off-by: Justin Florentine <justin+github@florentine.us>
Co-authored-by: garyschulte <garyschulte@gmail.com>
* pull_req instead of target
* updates template to put description first
* compensate for changes to versioning on interim builds
---------
Signed-off-by: Justin Florentine <justin+github@florentine.us>
Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
* make artifacts more snapshot friendly
* break out new workflows for snapshots, and a develop releease
* removes checking for approval, runs on pr update
* adds concurrency so updated refs cancel prior runs if still running
* explicitly disable caching on gradle setup tasks
---------
Signed-off-by: Justin Florentine <justin+github@florentine.us>
* repo owner didn't include repo name
* switches back to docker.io
* specify registry and login consistently
* artifacts workflow can be manually executed
---------
Signed-off-by: Justin Florentine <justin+github@florentine.us>
* wildcard in place of task name in path, in case it gets changed.
* test splitting action is unreliable at these numbers of tests
* pin to new gradle action, increase runners
* found the missing tests, back to parity
* rename to avoid consolidation status collision with workflow name
* fixes javadoc checks at build time
* overrides project version on release, so embeds (startup info) will match release artifacts
---------
Signed-off-by: Justin Florentine <justin+github@florentine.us>
Co-authored-by: RoboCopsGoneSock <158174948+RoboCopsGoneSock@users.noreply.github.com>
- Uses pull_request_target to make sure action definitions only come from main or release-*. This also allows them to escalate privs.
- All priv escalations moved as narrowly as possible. Typically this is only required to upload test results.
- All actions pinned to specific SHA versions. When updated, repository settings will need to be adjusted to allow it.
---------
Signed-off-by: Justin Florentine <justin+github@florentine.us>
* no need to run codeql on merge group
* no need to run repolinter on merge group
* no need to run checks and gradle-wrapper on merge group
Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com>
---------
Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com>
This GHA will add the checklist that's currently in the PR template, as
a comment, on newly opened PRs.
Because it needs write access (to add the comment), it needs to run on
the `pull_request_target` action, which means you won't see the outcome
on _this_ PR, but only once it's merged in, you'll see it on subsequent
PRs - example -
https://github.com/daisy-row/vigilant-octo-umbrella/pull/51
---------
Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com>
Update following sections:
Gradle build, CircleCI, GitHub Actions, Docker
The devp2p TLS mutual authentication unit tests dealing with PKCS11+nss and QBFT+PKCS11+nss ATs were failing on Java 17 when dealing with RSA keys. The unit tests and AT are updated to use EC keys instead. The keystores, truststores, CRL etc. involved in those ATs are regenerated and detailed instructions are provided on how they are created.
Signed-off-by: Usman Saleem <usman@usmans.info>