Skip to content

Commit

Permalink
Permissions fixes (#183)
Browse files Browse the repository at this point in the history
* ci: Validate module

Added github actions file to enable validation of the module descriptor (ahead of trying to crank out the permission fixes

* ci: Update github action to latest versions

* build: Permissions changes

Proposed granular permissions changes to bring module up to scratch with Eureka's needs

* ci: Docker compose not docker-compose

* chore: Tweak to bring refdata in line with agreements branch

* style: Fix JSON styling
  • Loading branch information
EthanFreestone authored and Jack-Golding committed Nov 6, 2024
1 parent 61db713 commit 8d967e5
Show file tree
Hide file tree
Showing 3 changed files with 472 additions and 153 deletions.
16 changes: 8 additions & 8 deletions .github/workflows/gradle.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,26 +14,26 @@ jobs:
run:
working-directory: ./service
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v4

- name: Set up JDK 17
uses: actions/setup-java@v2
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'

- uses: actions/cache@v1
- uses: actions/cache@v4
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Start containers
run: |
cd ../tools/testing
docker-compose -f "docker-compose.yml" up -d
docker compose -f "docker-compose.yml" up -d
- name: Build with Gradle
run: |
Expand All @@ -43,11 +43,11 @@ jobs:
- name: Stop containers
run: |
cd ../tools/testing
docker-compose -f "docker-compose.yml" down -v
docker compose -f "docker-compose.yml" down -v
- name: Upload Unit Test Results
if: always()
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: Unit Test Results
path: |
Expand Down
71 changes: 71 additions & 0 deletions .github/workflows/validate-module.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
name: Validate module

on:
push:

jobs:
run:
name: Validate module descriptor
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get Pull Request Number
id: pr_number
run: echo "pull_request_number=$(gh pr view --json number -q .number || echo "")" >> $GITHUB_OUTPUT
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'temurin' # See 'Supported distributions' for available options
java-version: '17'
- name: Set up Maven
uses: stCarolas/setup-maven@v5
with:
maven-version: 3.8.2
- name: Set up settings file
uses: 1arp/[email protected]
with:
path: 'service'
file: 'settings.xml'
content:
<settings>
<profiles>
<profile>
<id>folioMavenProfile</id>
<pluginRepositories>
<pluginRepository>
<id>folio-nexus</id>
<name>FOLIO Maven repository</name>
<url>https://repository.folio.org/repository/maven-folio</url>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>folioMavenProfile</activeProfile>
</activeProfiles>
</settings>
- name: Run validator
run: mvn org.folio:folio-module-descriptor-validator:1.0.0:validate -DmoduleDescriptorFile=service/src/main/okapi/ModuleDescriptor-template.json -s service/settings.xml -l validate_module_descriptor_output.txt
- name: Upload validator result
uses: actions/upload-artifact@v4
if: always()
with:
name: validate_module_descriptor_output
path: |
validate_module_descriptor_output.txt
retention-days: 1
- name: Setup validate_module_descriptor_errors file
if: failure()
run: echo "$(cat validate_module_descriptor_output.txt)" | egrep "\[ERROR\]\s*(\"key\"|\"value\")" | sed 's/\[ERROR\]\(\s*\)//;s/\"value\"\(\s*\):\(\s*\)\(.*\)/\3\n/;s/"key\"\(\s*\):\(\s*\)\(.*\)/\3/' | tee validate_module_descriptor_errors.txt
- name: Comment failures on PR
if: failure()
run: |
# Use GitHub API to create a comment on the PR
PR_NUMBER=${{ steps.pr_number.outputs.pull_request_number }}
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
COMMENT_URL="https://api.github.com/repos/${{ github.repository }}/issues/${PR_NUMBER}/comments"
echo "SENDING TO: $COMMENT_URL"
curl -s -H "Authorization: token ${GITHUB_TOKEN}" -X POST $COMMENT_URL --data "{ \"body\": $(cat validate_module_descriptor_errors.txt | jq -Rs) }"
Loading

0 comments on commit 8d967e5

Please sign in to comment.