Skip to content

Commit

Permalink
Merge branch 'develop' into 16004-prevent-certain-checks-from-running…
Browse files Browse the repository at this point in the history 
…-on-forked-prs

Signed-off-by: Andrew Brandt <[email protected]>
  • Loading branch information
@andrewb1269hg
andrewb1269hg authored Nov 26, 2024
2 parents c14b80e + df149d7 commit 768919c
Show file tree
Hide file tree
Showing 1,386 changed files with 49,484 additions and 26,940 deletions.
90 changes: 46 additions & 44 deletions .github/CODEOWNERS
View file
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -53,41 +53,41 @@
###############################
##### Hedera Cryptography #####
###############################
/hedera-cryptography/ @hashgraph/platform-cryptography
/hedera-cryptography/ @hashgraph/platform-cryptography

#########################
##### Platform SDK ######
#########################

# Platform SDK Root Protections
/platform-sdk/ @hashgraph/platform-hashgraph @hashgraph/platform-data @hashgraph/platform-base @hashgraph/platform-architects
/platform-sdk/README.md @hashgraph/platform-hashgraph @hashgraph/devops-ci @hashgraph/release-engineering-managers
/platform-sdk/ @hashgraph/platform-hashgraph @hashgraph/platform-data @hashgraph/platform-base @hashgraph/platform-architects
/platform-sdk/README.md @hashgraph/platform-hashgraph @hashgraph/devops-ci @hashgraph/release-engineering-managers

# Platform SDK Modules
/platform-sdk/platform-apps/ @hashgraph/platform-hashgraph
/platform-sdk/swirlds-base/ @hashgraph/platform-base
/platform-sdk/swirlds-benchmarks/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-cli/ @hashgraph/platform-hashgraph
/platform-sdk/swirlds-common/ @hashgraph/platform-hashgraph @hashgraph/platform-base @hashgraph/platform-data
/platform-sdk/swirlds-config-*/ @hashgraph/platform-base
/platform-sdk/swirlds-fchashmap/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-fcqueue/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-merkledb/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-logging/ @hashgraph/platform-hashgraph @hashgraph/platform-base
/platform-sdk/swirlds-logging-*/ @hashgraph/platform-base
/platform-sdk/swirlds-merkle/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-platform-core/ @hashgraph/platform-hashgraph
/platform-sdk/swirlds-unit-tests/common/ @hashgraph/platform-hashgraph @hashgraph/platform-base
/platform-sdk/swirlds-unit-tests/core/ @hashgraph/platform-hashgraph @hashgraph/platform-base
/platform-sdk/swirlds-unit-tests/structures/ @hashgraph/platform-data @hashgraph/platform-architects @hashgraph/platform-base
/platform-sdk/swirlds-virtualmap/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/**/module-info.java @hashgraph/platform-hashgraph @hashgraph/platform-base @hashgraph/devops-ci @hashgraph/release-engineering-managers
/platform-sdk/platform-apps/ @hashgraph/platform-hashgraph
/platform-sdk/swirlds-base/ @hashgraph/platform-base
/platform-sdk/swirlds-benchmarks/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-cli/ @hashgraph/platform-hashgraph
/platform-sdk/swirlds-common/ @hashgraph/platform-hashgraph @hashgraph/platform-base @hashgraph/platform-data
/platform-sdk/swirlds-config-*/ @hashgraph/platform-base
/platform-sdk/swirlds-fchashmap/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-fcqueue/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-merkledb/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-logging/ @hashgraph/platform-hashgraph @hashgraph/platform-base
/platform-sdk/swirlds-logging-*/ @hashgraph/platform-base
/platform-sdk/swirlds-merkle/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/swirlds-platform-core/ @hashgraph/platform-hashgraph
/platform-sdk/swirlds-unit-tests/common/ @hashgraph/platform-hashgraph @hashgraph/platform-base
/platform-sdk/swirlds-unit-tests/core/ @hashgraph/platform-hashgraph @hashgraph/platform-base
/platform-sdk/swirlds-unit-tests/structures/ @hashgraph/platform-data @hashgraph/platform-architects @hashgraph/platform-base
/platform-sdk/swirlds-virtualmap/ @hashgraph/platform-data @hashgraph/platform-architects
/platform-sdk/**/module-info.java @hashgraph/platform-hashgraph @hashgraph/platform-base @hashgraph/devops-ci @hashgraph/release-engineering-managers

# Documentation
/platform-sdk/docs/platformWiki.md @hashgraph/platform-hashgraph @hashgraph/platform-data @hashgraph/platform-base
/platform-sdk/docs/base @hashgraph/platform-base
/platform-sdk/docs/components @hashgraph/platform-hashgraph
/platform-sdk/docs/core @hashgraph/platform-hashgraph
/platform-sdk/docs/platformWiki.md @hashgraph/platform-hashgraph @hashgraph/platform-data @hashgraph/platform-base
/platform-sdk/docs/base @hashgraph/platform-base
/platform-sdk/docs/components @hashgraph/platform-hashgraph
/platform-sdk/docs/core @hashgraph/platform-hashgraph

#########################
##### Core Files ######
Expand All @@ -96,38 +96,40 @@
# NOTE: Must be placed last to ensure enforcement over all other rules

# Protection Rules for Github Configuration Files and Actions Workflows
/.github/ @hashgraph/devops-ci @hashgraph/release-engineering-managers
/.github/workflows/ @hashgraph/devops-ci @hashgraph/devops-ci-committers
/.github/ @hashgraph/devops-ci @hashgraph/release-engineering-managers
/.github/workflows/ @hashgraph/devops-ci @hashgraph/devops-ci-committers
/.github/workflows/node-zxf-deploy-integration.yaml @hashgraph/devops-ci @hashgraph/devops-ci-committers @hashgraph/devops
/.github/workflows/node-zxf-deploy-preview.yaml @hashgraph/devops-ci @hashgraph/devops-ci-committers @hashgraph/devops

# Legacy Maven project files
**/pom.xml @hashgraph/devops-ci
**/pom.xml @hashgraph/devops-ci @hashgraph/devops

# Gradle project files and inline plugins
/gradle/ @hashgraph/devops-ci @hashgraph/devops-ci-committers
gradlew @hashgraph/devops-ci @hashgraph/devops-ci-committers
gradlew.bat @hashgraph/devops-ci @hashgraph/devops-ci-committers
**/build-logic/ @hashgraph/devops-ci @hashgraph/devops-ci-committers
**/gradle.* @hashgraph/devops-ci @hashgraph/devops-ci-committers
**/*.gradle.* @hashgraph/devops-ci @hashgraph/devops-ci-committers
/gradle/ @hashgraph/devops-ci @hashgraph/devops-ci-committers
gradlew @hashgraph/devops-ci @hashgraph/devops-ci-committers
gradlew.bat @hashgraph/devops-ci @hashgraph/devops-ci-committers
**/build-logic/ @hashgraph/devops-ci @hashgraph/devops-ci-committers
**/gradle.* @hashgraph/devops-ci @hashgraph/devops-ci-committers
**/*.gradle.* @hashgraph/devops-ci @hashgraph/devops-ci-committers

# Codacy Tool Configurations
/config/ @hashgraph/devops-ci @hashgraph/release-engineering-managers
.remarkrc @hashgraph/devops-ci @hashgraph/release-engineering-managers
/config/ @hashgraph/devops-ci @hashgraph/release-engineering-managers
.remarkrc @hashgraph/devops-ci @hashgraph/release-engineering-managers

# Self-protection for root CODEOWNERS files (this file should not exist and should definitely require approval)
/CODEOWNERS @hashgraph/release-engineering-managers
/CODEOWNERS @hashgraph/release-engineering-managers

# Protect the repository root files
/README.md @hashgraph/devops-ci @hashgraph/release-engineering-managers
**/LICENSE @hashgraph/release-engineering-managers
/README.md @hashgraph/devops-ci @hashgraph/release-engineering-managers
**/LICENSE @hashgraph/release-engineering-managers

# CodeCov configuration
**/codecov.yml @hashgraph/devops-ci @hashgraph/release-engineering-managers
**/codecov.yml @hashgraph/devops-ci @hashgraph/release-engineering-managers

# Git Ignore definitions
**/.gitignore @hashgraph/devops-ci @hashgraph/release-engineering-managers
**/.gitignore.* @hashgraph/devops-ci @hashgraph/release-engineering-managers
**/.gitignore @hashgraph/devops-ci @hashgraph/release-engineering-managers
**/.gitignore.* @hashgraph/devops-ci @hashgraph/release-engineering-managers

# Legacy CircleCI configuration
.circleci.settings.xml @hashgraph/devops-ci @hashgraph/release-engineering-managers
/.circleci/ @hashgraph/devops-ci @hashgraph/release-engineering-managers
.circleci.settings.xml @hashgraph/devops-ci @hashgraph/release-engineering-managers
/.circleci/ @hashgraph/devops-ci @hashgraph/release-engineering-managers
8 changes: 4 additions & 4 deletions .github/workflows/config/node-release.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
release:
branching:
execution:
time: "21:00:00"
time: "20:00:00"
schedule:
- on: "2024-10-25"
name: release/0.56
- on: "2024-11-22"
name: release/0.57
initial-tag:
create: true
name: v0.56.0
name: v0.57.0-alpha.0

4 changes: 2 additions & 2 deletions .github/workflows/flow-node-performance-tests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,15 +48,15 @@ jobs:
runs-on: network-node-linux-medium
steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit

- name: Checkout Code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Authenticate to Google Cloud
uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
with:
workload_identity_provider: "projects/235822363393/locations/global/workloadIdentityPools/hedera-builds-pool/providers/hedera-builds-gh-actions"
service_account: "[email protected]"
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/flow-pull-request-formatting.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ jobs:
runs-on: network-node-linux-medium
steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit

Expand All @@ -60,7 +60,7 @@ jobs:
runs-on: network-node-linux-medium
steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit

Expand All @@ -76,7 +76,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit

Expand Down
34 changes: 31 additions & 3 deletions .github/workflows/node-flow-build-application.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,16 +91,44 @@ jobs:
if: ${{ needs.code.result == 'success' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit

- name: Configure Workflow Inputs
id: workflow-inputs
env:
REFERENCE: ${{ github.ref }}
AUTHOR: ${{ github.event.head_commit.author.name }}
MESSAGE: ${{ github.event.head_commit.message }}
COMMIT_SHA: ${{ github.sha }}
run: |
# massage the message to remove invalid control characters
MASSAGED_MESSAGE="${MESSAGE//[$'\t\r\n']/' '}"
# Assign github step outputs
echo "input-ref=${REFERENCE}" >> $GITHUB_OUTPUT
echo "input-author=${AUTHOR}" >> $GITHUB_OUTPUT
echo "input-msg=${MASSAGED_MESSAGE}" >> $GITHUB_OUTPUT
echo "input-sha=${COMMIT_SHA}" >> $GITHUB_OUTPUT
# Preview the input values
echo "### Workflow Dispatch Inputs" >> $GITHUB_STEP_SUMMARY
echo "input-ref=${REFERENCE}" >> $GITHUB_STEP_SUMMARY
echo "input-author=${AUTHOR}" >> $GITHUB_STEP_SUMMARY
echo "input-msg=${MASSAGED_MESSAGE}" >> $GITHUB_STEP_SUMMARY
echo "input-sha=${COMMIT_SHA}" >> $GITHUB_STEP_SUMMARY
- name: Trigger ZXF Deploy Production Release
uses: step-security/workflow-dispatch@4d1049025980f72b1327cbfdeecb07fe7a20f577 # v1.2.4
with:
workflow: .github/workflows/node-flow-deploy-release-artifact.yaml
repo: hashgraph/hedera-services # ensure we are executing in the hashgraph org
ref: develop # ensure we are always using the workflow definition from the develop branch
token: ${{ secrets.GH_ACCESS_TOKEN }}
inputs: '{ "ref": "${{ github.ref }}" }'
#inputs: '{ "event": "${{ toJSON(github.event) }}", "ref": "${{ github.ref }}" }'
inputs: '{
"ref": "${{ steps.workflow-inputs.outputs.input-ref }}",
"author": "${{ steps.workflow-inputs.outputs.input-author }}",
"msg": "${{ steps.workflow-inputs.outputs.input-msg }}",
"sha": "${{ steps.workflow-inputs.outputs.input-sha }}"
}'
3 changes: 2 additions & 1 deletion .github/workflows/node-flow-deploy-preview.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
prerelease: ${{ steps.tag.outputs.prerelease }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit

Expand Down Expand Up @@ -79,6 +79,7 @@ jobs:
with:
version-policy: specified
new-version: ${{ needs.prepare-deploy-preview.outputs.version }}
dry-run-enabled: ${{ github.event.inputs.dry-run-enabled == 'true' }}
secrets:
access-token: ${{ secrets.GITHUB_TOKEN }}
bucket-name: ${{ secrets.RELEASE_ARTIFACT_BUCKET_NAME }}
Expand Down
Loading

0 comments on commit 768919c

Please sign in to comment.