This is an automated email from the ASF dual-hosted git repository. sruehl pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/plc4x-extras.git
The following commit(s) were added to refs/heads/main by this push: new 6945457 chore: add actions 6945457 is described below commit 69454572b3bcc9ee35abf6956fc583b462871a5a Author: Sebastian RΓΌhl <sru...@apache.org> AuthorDate: Mon Apr 8 09:13:33 2024 +0200 chore: add actions --- .github/ISSUE_TEMPLATE/bug.yml | 78 +++++++++ .github/ISSUE_TEMPLATE/feature.yml | 66 ++++++++ .github/dependabot.yml | 33 ++++ .github/release-drafter.yml | 49 ++++++ .github/workflows/c-platform.yml | 132 +++++++++++++++ .github/workflows/changelog.yml | 35 ++++ .github/workflows/codeql-analysis.yml | 76 +++++++++ .github/workflows/dependency-review.yml | 42 +++++ .github/workflows/go-platform-test-report.yml | 45 ++++++ .github/workflows/go-platform.yml | 207 ++++++++++++++++++++++++ .github/workflows/java-platform-test-report.yml | 46 ++++++ .github/workflows/java-platform.yml | 160 ++++++++++++++++++ .github/workflows/python-platform.yml | 153 ++++++++++++++++++ .github/workflows/release-drafter.yml | 61 +++++++ .github/workflows/sast.yaml | 52 ++++++ 15 files changed, 1235 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml new file mode 100644 index 0000000..9de28a8 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug.yml @@ -0,0 +1,78 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +name: Bug Report +description: File a bug report +title: "[Bug]: " +labels: ["bug", "awaiting triage"] +assignees: + - octocat +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! Once you've created an issue, you can self-assign by commenting `.take-issue` and you can close by commenting `.close-issue`. + Anyone can reopen a closed issue by commenting `.reopen-issue`. + You can also add/remove labels by commenting `.add-labels label1,label2,'label 3 with spaces'` or `.remove-labels label1,label2,'label 3 with spaces'`, + or with `.set-labels label1,label2,'label 3 with spaces'` (which removes any labels not in that set). + - type: textarea + id: what-happened + attributes: + label: What happened? + description: Please describe your issue, including the PLC model or tools being used. + placeholder: | + Please include steps to reproduce your issue. + + If this isn't a bug and you have a question or support request, please email iss...@plc4x.apache.org with a description of the problem instead of opening this issue. + validations: + required: true + - type: input + id: version + attributes: + label: Version + description: "Which version are you using?" + placeholder: "v0.10.0" + validations: + required: true + - type: checkboxes + id: programming-language + attributes: + label: Programming Languages + description: Which languages are related to your report? (check all that apply) + options: + - label: "plc4j" + - label: "plc4go" + - label: "plc4c" + - label: "plc4net" + - type: checkboxes + id: protocols + attributes: + label: Protocols + description: Which protocols are related to your report? (check all that apply) + options: + - label: "AB-Ethernet" + - label: "ADS /AMS" + - label: "BACnet/IP" + - label: "CANopen" + - label: "DeltaV" + - label: "DF1" + - label: "EtherNet/IP" + - label: "Firmata" + - label: "KNXnet/IP" + - label: "Modbus" + - label: "OPC-UA" + - label: "S7" diff --git a/.github/ISSUE_TEMPLATE/feature.yml b/.github/ISSUE_TEMPLATE/feature.yml new file mode 100644 index 0000000..e05bf45 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature.yml @@ -0,0 +1,66 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +name: Feature Request +description: File a feature request +title: "[Feature Request]: " +labels: ["new feature", "awaiting triage"] +assignees: + - octocat +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this feature request! Once you've created an issue, you can self-assign by commenting `.take-issue` and you can close by commenting `.close-issue`. + Anyone can reopen a closed issue by commenting `.reopen-issue`. + You can also add/remove labels by commenting `.add-labels label1,label2,'label 3 with spaces'` or `.remove-labels label1,label2,'label 3 with spaces'`, + or with `.set-labels label1,label2,'label 3 with spaces'` (which removes any labels not in that set). + - type: textarea + id: what-happened + attributes: + label: What would you like to happen? + description: Please describe your issue + validations: + required: true + - type: checkboxes + id: programming-language + attributes: + label: Programming Languages + description: Which languages are related to your report? (check all that apply) + options: + - label: "plc4j" + - label: "plc4go" + - label: "plc4c" + - label: "plc4net" + - type: checkboxes + id: protocols + attributes: + label: Protocols + description: Which protocols are related to your report? (check all that apply) + options: + - label: "AB-Ethernet" + - label: "ADS /AMS" + - label: "BACnet/IP" + - label: "CANopen" + - label: "DeltaV" + - label: "DF1" + - label: "EtherNet/IP" + - label: "Firmata" + - label: "KNXnet/IP" + - label: "Modbus" + - label: "OPC-UA" + - label: "S7" \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..bc41d6c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,33 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- + +version: 2 +updates: +- package-ecosystem: maven + directory: / + schedule: + interval: daily +- package-ecosystem: github-actions + directory: / + schedule: + interval: daily +- package-ecosystem: gomod + directory: plc4go + schedule: + interval: daily diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml new file mode 100644 index 0000000..6c1890a --- /dev/null +++ b/.github/release-drafter.yml @@ -0,0 +1,49 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name-template: 'v$RESOLVED_VERSION π' +tag-template: 'v$RESOLVED_VERSION' +categories: + - title: 'π Features' + labels: + - 'feature' + - 'enhancement' + - title: 'π Bug Fixes' + labels: + - 'fix' + - 'bugfix' + - 'bug' + - title: 'π§° Maintenance' + label: 'chore' +change-template: '- $TITLE @$AUTHOR (#$NUMBER)' +change-title-escapes: '\<*_&' # You can add # and @ to disable mentions, and add ` to disable code blocks. +version-resolver: + major: + labels: + - 'major' + minor: + labels: + - 'minor' + patch: + labels: + - 'patch' + default: patch +template: | + ## Changes + + $CHANGES diff --git a/.github/workflows/c-platform.yml b/.github/workflows/c-platform.yml new file mode 100644 index 0000000..5d09a12 --- /dev/null +++ b/.github/workflows/c-platform.yml @@ -0,0 +1,132 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: "C Platform compatibility" + +on: + push: + branches: [ "develop", "plc4c" ] + paths: + - code-generation/** + - protocols/** + - plc4c** + pull_request: + paths: + - code-generation/** + - protocols/** + - plc4c** + workflow_dispatch: + inputs: + forceUpdates: + description: "Forces a snapshot update" + required: false + default: 'false' + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + test: + strategy: + matrix: + # 8 not anymore supported for building + java: [ 17 ] + os: [ ubuntu-latest, macos-latest, windows-latest ] + fail-fast: false + runs-on: ${{ matrix.os }} + steps: + - name: Install libpcap for Linux + if: matrix.os == 'ubuntu-latest' + run: sudo apt-get install libpcap-dev + + - name: Install libpcap for macos + if: matrix.os == 'macos-latest' + run: brew install libpcap + + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Java + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-package: jdk + java-version: ${{ matrix.java }} + + - name: Cache local Maven repository + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + + - name: Set Platform options + id: platform_opts + uses: actions/github-script@v7.0.1 + env: + OS: ${{ matrix.os }} + with: + script: | + const { OS } = process.env + if (OS.includes("windows")) { + core.setOutput('platform_opts', ``) + } else if (OS.includes("macos")) { + core.setOutput('platform_opts', `-Djna.library.path="$(find /usr/local/Cellar/libpcap/ -name lib)"`) + } else if (OS.includes("ubuntu")) { + core.setOutput('platform_opts', ``) + } else { + core.setOutput('platform_opts', ``) + } + + - name: Calculate platform suffix + id: platform_suffix + uses: actions/github-script@v7.0.1 + env: + OS: ${{ matrix.os }} + with: + script: | + const { OS } = process.env + if (OS.includes("windows")) { + core.setOutput('platform_suffix', `.cmd`) + } else { + core.setOutput('platform_suffix', ``) + } + + - name: Set extra options + id: extra_options + uses: actions/github-script@v7.0.1 + env: + FORCE_UPDATE: ${{ github.event.inputs.forceUpdates }} + with: + script: | + const { FORCE_UPDATE } = process.env + if (FORCE_UPDATE.includes("true")) { + core.setOutput('extra_options', `-U`) + } else { + core.setOutput('extra_options', ``) + } + + # Note: due to github has no concept of recovering from a fail even if we have our fallback below we append a second un-parallel run behind this to be sure that it works with all checks. Only if that fails too we are ok with a "red" (which should be yellow) cross indicating a problem + - name: Run mvnw + run: | + ./mvnw${{ steps.platform_suffix.outputs.platform_suffix }} ${{ steps.extra_options.outputs.extra_options }} -B -P'with-c,enable-all-checks,update-generated-code' -pl :plc4c -am ${{ steps.platform_opts.outputs.platform_opts }} install + + - name: Run mvnv without BacNet regression tests + if: ${{ failure() }} + run: ./mvnw${{ steps.platform_suffix.outputs.platform_suffix }} ${{ steps.extra_options.outputs.extra_options }} -B -P'with-c,skip-bacnet-regression-test,update-generated-code' -pl :plc4c -am ${{ steps.platform_opts.outputs.platform_opts }} install diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml new file mode 100644 index 0000000..64ea2bd --- /dev/null +++ b/.github/workflows/changelog.yml @@ -0,0 +1,35 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: 'Generate changelog' +on: + release: + types: [created, edited] + +jobs: + generate-changelog: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: BobAnkh/auto-generate-changelog@v1.2.5 + with: + ACCESS_TOKEN: ${{secrets.GITHUB_TOKEN}} + TYPE: 'feat:Feature,fix:Bug Fixes,docs:Documentation,refactor:Refactor,perf:Performance Improvements' + PATH: 'CHANGELOG.md' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..afc5904 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,76 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: "CodeQL" + +on: + schedule: + - cron: '17 19 * * 3' + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] + ## cpp and csharp not ready yet + #language: [ 'cpp', 'csharp', 'go', 'java', 'python' ] + language: [ 'go', 'java', 'python' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + # βΉοΈ Command-line programs to run using the OS shell. + # π https://git.io/JvXDl + + # βοΈ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 0000000..63e1ec9 --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,42 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- + +# Dependency Review Action +# +# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging. +# +# Source repository: https://github.com/actions/dependency-review-action +# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement +name: 'Dependency Review' +on: [pull_request] + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +permissions: + contents: read + +jobs: + dependency-review: + runs-on: ubuntu-latest + steps: + - name: 'Checkout Repository' + uses: actions/checkout@v4 + - name: 'Dependency Review' + uses: actions/dependency-review-action@v4 diff --git a/.github/workflows/go-platform-test-report.yml b/.github/workflows/go-platform-test-report.yml new file mode 100644 index 0000000..cb69ad8 --- /dev/null +++ b/.github/workflows/go-platform-test-report.yml @@ -0,0 +1,45 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: 'Go Platform Test Report' + +on: + workflow_run: + workflows: [ 'Go Platform compatibility' ] + types: + - completed + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + report: + strategy: + matrix: + # 8 not anymore supported for building + java: [ 17 ] + os: [ ubuntu-latest, macos-latest, windows-latest ] + fail-fast: false + runs-on: ${{ matrix.os }} + steps: + - uses: dorny/test-reporter@v1 + with: + artifact: "golang-test-report-${{ matrix.os }}" + name: "Golang Tests (OS: ${{ matrix.os }})" + path: '**/*.xml' + reporter: java-junit \ No newline at end of file diff --git a/.github/workflows/go-platform.yml b/.github/workflows/go-platform.yml new file mode 100644 index 0000000..2795d84 --- /dev/null +++ b/.github/workflows/go-platform.yml @@ -0,0 +1,207 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: "Go Platform compatibility" + +on: + push: + branches: [ "develop", "plc4go" ] + paths: + - code-generation/** + - protocols/** + - plc4go** + pull_request: + paths: + - code-generation/** + - protocols/** + - plc4go** + workflow_dispatch: + inputs: + forceUpdates: + description: "Forces a snapshot update" + required: false + default: 'false' + highLogPrecision: + description: "sets the logs to nano resolution" + required: false + default: 'false' + passLoggerToModel: + description: "passes the logger to the model" + required: false + default: 'false' + receiveTimeout: + description: "sets the receive timeout to milliseconds" + required: false + default: '600000' + traceTransactionManagerWorkers: + description: "sets tracing for transaction manager workers" + required: false + default: 'false' + traceTransactionManagerTransactions: + description: "sets tracing for transaction manager transactions" + required: false + default: 'false' + traceDefaultMessageCodecWorker: + description: "sets tracing for the default message codec worker" + required: false + default: 'false' + traceExecutorWorkers: + description: "sets tracing for executor workers" + required: false + default: 'false' + traceTestTransportInstance: + description: "sets tracing for test transport instance" + required: false + default: 'false' + +env: + PLC4X_TEST_HIGH_TEST_LOG_PRECISION: ${{ github.event.inputs.highLogPrecision }} + PLC4X_TEST_PASS_LOGGER_TO_MODEL: ${{ github.event.inputs.passLoggerToModel }} + PLC4X_TEST_RECEIVE_TIMEOUT_MS: ${{ github.event.inputs.receiveTimeout }} + PLC4X_TEST_TRACE_TRANSACTION_MANAGER_WORKERS: ${{ github.event.inputs.traceTransactionManagerWorkers }} + PLC4X_TEST_TRACE_TRANSACTION_MANAGER_TRANSACTIONS: ${{ github.event.inputs.traceTransactionManagerTransactions }} + PLC4X_TEST_TRACE_DEFAULT_MESSAGE_CODEC_WORKER: ${{ github.event.inputs.traceDefaultMessageCodecWorker }} + PLC4X_TEST_TRACE_EXECUTOR_WORKERS: ${{ github.event.inputs.traceExecutorWorkers }} + PLC4X_TEST_TEST_TRANSPORT_INSTANCE: ${{ github.event.inputs.traceTestTransportInstance }} + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + test: + strategy: + matrix: + # 8 not anymore supported for building + java: [ 17 ] + os: [ ubuntu-latest, macos-latest, windows-latest ] + fail-fast: false + runs-on: ${{ matrix.os }} + steps: + - name: Install libpcap for Linux + if: matrix.os == 'ubuntu-latest' + run: sudo apt-get install libpcap-dev + + - name: Install libpcap for macos + if: matrix.os == 'macos-latest' + run: brew install libpcap + + - name: Install libpcap for windows + if: matrix.os == 'windows-latest' + run: choco install -y nmap + + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Java + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-package: jdk + java-version: ${{ matrix.java }} + + - name: Cache local Maven repository + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + + - name: Set Platform options + id: platform_opts + uses: actions/github-script@v7.0.1 + env: + OS: ${{ matrix.os }} + with: + script: | + const { OS } = process.env + if (OS.includes("windows")) { + core.setOutput('platform_opts', ``) + } else if (OS.includes("macos")) { + core.setOutput('platform_opts', `-Djna.library.path="$(find /usr/local/Cellar/libpcap/ -name lib)"`) + } else if (OS.includes("ubuntu")) { + core.setOutput('platform_opts', ``) + } else { + core.setOutput('platform_opts', ``) + } + + - name: Calculate platform suffix + id: platform_suffix + uses: actions/github-script@v7.0.1 + env: + OS: ${{ matrix.os }} + with: + script: | + const { OS } = process.env + if (OS.includes("windows")) { + core.setOutput('platform_suffix', `.cmd`) + } else { + core.setOutput('platform_suffix', ``) + } + + - name: Set extra options + id: extra_options + uses: actions/github-script@v7.0.1 + env: + FORCE_UPDATE: ${{ github.event.inputs.forceUpdates }} + with: + script: | + const { FORCE_UPDATE } = process.env + if (FORCE_UPDATE.includes("true")) { + core.setOutput('extra_options', `-U`) + } else { + core.setOutput('extra_options', ``) + } + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: go + + - name: Check LongPathsEnabled on Windows + if: matrix.os == 'windows-latest' + run: | + (Get-ItemProperty "HKLM:System\CurrentControlSet\Control\FileSystem").LongPathsEnabled + + # Note: due to github has no concept of recovering from a fail even if we have our fallback below we append a second un-parallel run behind this to be sure that it works with all checks. Only if that fails too we are ok with a "red" (which should be yellow) cross indicating a problem + - name: Run mvnw + run: | + ./mvnw${{ steps.platform_suffix.outputs.platform_suffix }} ${{ steps.extra_options.outputs.extra_options }} -B -P'with-go,enable-all-checks,update-generated-code' -pl :plc4go -am ${{ steps.platform_opts.outputs.platform_opts }} install + + - name: Upload Test Report (first failure) + uses: actions/upload-artifact@v4 + if: failure() + with: + name: "golang-test-report-first-failure-${{ matrix.os }}" + path: | + **/surefire-reports/go-junit-report.xml + **/reports/test-out-verbose.log + + - name: Run mvnv without BacNet regression tests + if: ${{ failure() }} + run: ./mvnw${{ steps.platform_suffix.outputs.platform_suffix }} ${{ steps.extra_options.outputs.extra_options }} -B -P'with-go,skip-bacnet-regression-test,update-generated-code' -pl :plc4go -am ${{ steps.platform_opts.outputs.platform_opts }} install + + - name: Upload Test Report + uses: actions/upload-artifact@v4 + if: success() || failure() + with: + name: "golang-test-report-${{ matrix.os }}" + path: | + **/surefire-reports/go-junit-report.xml + **/reports/test-out-verbose.log + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/java-platform-test-report.yml b/.github/workflows/java-platform-test-report.yml new file mode 100644 index 0000000..72962a7 --- /dev/null +++ b/.github/workflows/java-platform-test-report.yml @@ -0,0 +1,46 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: 'Java Platform Test Report' + +on: + workflow_run: + workflows: [ 'Java Platform compatibility' ] + types: + - completed + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + report: + strategy: + matrix: + java: [ 11, 17, 21 ] + # TODO: only works on windows due to https://github.com/dorny/test-reporter/issues/249 + #os: [ ubuntu-latest, macos-latest, windows-latest ] + os: [ windows-latest ] + fail-fast: false + runs-on: ${{ matrix.os }} + steps: + - uses: dorny/test-reporter@v1 + with: + artifact: "java-test-report-${{ matrix.os }}-java-${{ matrix.java }}" + name: "Java Tests (OS: ${{ matrix.os }}, Java: ${{ matrix.java }})" + path: '**/*.xml' + reporter: java-junit \ No newline at end of file diff --git a/.github/workflows/java-platform.yml b/.github/workflows/java-platform.yml new file mode 100644 index 0000000..77a9a9e --- /dev/null +++ b/.github/workflows/java-platform.yml @@ -0,0 +1,160 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: "Java Platform compatibility" + +on: + push: + branches: [ "develop", "plc4j" ] + paths: + - code-generation/** + - protocols/** + - plc4j** + - pom.xml + pull_request: + paths: + - code-generation/** + - protocols/** + - plc4j** + - pom.xml + workflow_dispatch: + inputs: + forceUpdates: + description: "Forces a snapshot update" + required: false + default: 'false' + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + test: + strategy: + matrix: + # 8 not anymore supported for building + java: [ 11, 17, 21 ] + os: [ ubuntu-latest, macos-latest, windows-latest ] + fail-fast: false + runs-on: ${{ matrix.os }} + steps: + - name: Install libpcap for Linux + if: matrix.os == 'ubuntu-latest' + run: sudo apt-get install libpcap-dev + + - name: Install libpcap for macos + if: matrix.os == 'macos-latest' + run: brew install libpcap + + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Java + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-package: jdk + java-version: ${{ matrix.java }} + + - name: Cache local Maven repository + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + + - name: Set Platform options + id: platform_opts + uses: actions/github-script@v7.0.1 + env: + OS: ${{ matrix.os }} + with: + script: | + const { OS } = process.env + if (OS.includes("windows")) { + core.setOutput('platform_opts', ``) + } else if (OS.includes("macos")) { + core.setOutput('platform_opts', `-Djna.library.path="$(find /usr/local/Cellar/libpcap/ -name lib)"`) + } else if (OS.includes("ubuntu")) { + core.setOutput('platform_opts', ``) + } else { + core.setOutput('platform_opts', ``) + } + + - name: Calculate platform suffix + id: platform_suffix + uses: actions/github-script@v7.0.1 + env: + OS: ${{ matrix.os }} + with: + script: | + const { OS } = process.env + if (OS.includes("windows")) { + core.setOutput('platform_suffix', `.cmd`) + } else { + core.setOutput('platform_suffix', ``) + } + + - name: Set extra options + id: extra_options + uses: actions/github-script@v7.0.1 + env: + FORCE_UPDATE: ${{ github.event.inputs.forceUpdates }} + with: + script: | + const { FORCE_UPDATE } = process.env + if (FORCE_UPDATE.includes("true")) { + core.setOutput('extra_options', `-U`) + } else { + core.setOutput('extra_options', ``) + } + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: java + + # Note: due to github has no concept of recovering from a fail even if we have our fallback below we append a second un-parallel run behind this to be sure that it works with all checks. Only if that fails too we are ok with a "red" (which should be yellow) cross indicating a problem + - name: Run mvnw + run: | + ./mvnw${{ steps.platform_suffix.outputs.platform_suffix }} ${{ steps.extra_options.outputs.extra_options }} -B -P'with-java,enable-all-checks,update-generated-code' ${{ steps.platform_opts.outputs.platform_opts }} install + + - name: Upload Test Report (first failure) + uses: actions/upload-artifact@v4 + if: failure() + with: + name: "java-test-report-first-failure-${{ matrix.os }}-java-${{ matrix.java }}" + path: | + **/surefire-reports/TEST-*.xml + **/failsafe-reports/TEST-*.xml + + - name: Run mvnv without BacNet regression tests + if: ${{ failure() }} + run: ./mvnw${{ steps.platform_suffix.outputs.platform_suffix }} ${{ steps.extra_options.outputs.extra_options }} -B -P'with-java,skip-bacnet-regression-test,update-generated-code' ${{ steps.platform_opts.outputs.platform_opts }} install + + - name: Upload Test Report + uses: actions/upload-artifact@v4 + if: success() || failure() + with: + name: "java-test-report-${{ matrix.os }}-java-${{ matrix.java }}" + path: | + **/surefire-reports/TEST-*.xml + **/failsafe-reports/TEST-*.xml + +# - name: Perform CodeQL Analysis +# uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/python-platform.yml b/.github/workflows/python-platform.yml new file mode 100644 index 0000000..54e7463 --- /dev/null +++ b/.github/workflows/python-platform.yml @@ -0,0 +1,153 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: "Python Platform Compatibility" + +on: + push: + branches: [ "develop", "plc4py" ] + paths: + - code-generation/** + - protocols/** + - plc4py** + pull_request: + branches: [ "develop", "plc4py" ] + paths: + - code-generation/** + - protocols/** + - plc4py** + workflow_dispatch: + inputs: + forceUpdates: + description: "Forces a snapshot update" + required: false + default: 'false' + +permissions: + contents: read + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + test: + strategy: + matrix: + python-version: [ '3.7', '3.8', '3.9', '3.10', '3.11' ] + os: [ ubuntu-latest, macos-latest, windows-latest ] + fail-fast: false + runs-on: ${{ matrix.os }} + steps: + - name: Install libpcap for Linux + if: matrix.os == 'ubuntu-latest' + run: sudo apt-get install libpcap-dev + + - name: Install libpcap for macos + if: matrix.os == 'macos-latest' + run: brew install libpcap + + - uses: actions/checkout@v4 + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '${{ matrix.python-version }}' + + - name: Setup Java + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-package: jdk + java-version: 17 + + - name: Set Platform options + id: platform_opts + uses: actions/github-script@v7.0.1 + env: + OS: ${{ matrix.os }} + with: + script: | + const { OS } = process.env + if (OS.includes("windows")) { + core.setOutput('platform_opts', ``) + } else if (OS.includes("macos")) { + core.setOutput('platform_opts', `-Djna.library.path="$(find /usr/local/Cellar/libpcap/ -name lib)"`) + } else if (OS.includes("ubuntu")) { + core.setOutput('platform_opts', ``) + } else { + core.setOutput('platform_opts', ``) + } + + - name: Calculate platform suffix + id: platform_suffix + uses: actions/github-script@v7.0.1 + env: + OS: ${{ matrix.os }} + with: + script: | + const { OS } = process.env + if (OS.includes("windows")) { + core.setOutput('platform_suffix', `.cmd`) + } else { + core.setOutput('platform_suffix', ``) + } + + - name: Set extra options + id: extra_options + uses: actions/github-script@v7.0.1 + env: + FORCE_UPDATE: ${{ github.event.inputs.forceUpdates }} + with: + script: | + const { FORCE_UPDATE } = process.env + if (FORCE_UPDATE.includes("true")) { + core.setOutput('extra_options', `-U`) + } else { + core.setOutput('extra_options', ``) + } + + - name: Cache local Maven repository + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install flake8 pytest + +# - name: Lint with flake8 +# run: | +# # stop the build if there are Python syntax errors or undefined names +# flake8 ./plc4py --count --select=E9,F63,F7,F82 --show-source --statistics +# # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide +# flake8 ./plc4py --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics + +# - name: Initialize CodeQL +# uses: github/codeql-action/init@v2 +# with: +# languages: python + + - name: Run mvnw + run: | + ./mvnw${{ steps.platform_suffix.outputs.platform_suffix }} ${{ steps.extra_options.outputs.extra_options }} -B -P'with-python,enable-all-checks,update-generated-code' -pl :plc4py -am ${{ steps.platform_opts.outputs.platform_opts }} install + +# - name: Perform CodeQL Analysis +# uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml new file mode 100644 index 0000000..7d4b7c0 --- /dev/null +++ b/.github/workflows/release-drafter.yml @@ -0,0 +1,61 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: Release Drafter + +on: + push: + branches: + - develop + # pull_request event is required only for autolabeler + pull_request: + # Only following types are handled by the action, but one can default to all as well + types: [opened, reopened, synchronize] + # pull_request_target event is required for autolabeler to support PRs from forks + # pull_request_target: + # types: [opened, reopened, synchronize] + +permissions: + contents: read + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + update_release_draft: + permissions: + # write permission is required to create a github release + contents: write + # write permission is required for autolabeler + # otherwise, read permission is required at least + pull-requests: write + runs-on: ubuntu-latest + steps: + # (Optional) GitHub Enterprise requires GHE_HOST variable set + #- name: Set GHE_HOST + # run: | + # echo "GHE_HOST=${GITHUB_SERVER_URL##https:\/\/}" >> $GITHUB_ENV + + # Drafts your next Release notes as Pull Requests are merged into "master" + - uses: release-drafter/release-drafter@v6 + # (Optional) specify config name to use, relative to .github/. Default: release-drafter.yml + # with: + # config-name: my-config.yml + # disable-autolabeler: true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/sast.yaml b/.github/workflows/sast.yaml new file mode 100644 index 0000000..153522b --- /dev/null +++ b/.github/workflows/sast.yaml @@ -0,0 +1,52 @@ +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- +name: Static Application Security Testing + +on: + push: + branches: + - develop + pull_request: + +env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} + +jobs: + build: + name: Trivy Scan + runs-on: ubuntu-latest + # Disabling this, as it keeps on randomly failing the build without providing any information helping to fix it. + if: false + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Run Trivy vulnerability scanner in repo mode + uses: aquasecurity/trivy-action@master + with: + scan-type: 'fs' + ignore-unfixed: true + format: 'sarif' + output: 'trivy-results.sarif' + severity: 'CRITICAL' + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif'