Merge remote-tracking branch 'origin/main' into VAS-834-feat-add-noti…

…ce-generation # Conflicts: # .github/workflows/code_review.yml # .github/workflows/deploy_with_github_runner.yml
pagopa · May 10, 2024 · f067a74 · f067a74
2 parents 6985e08 + e20eb36
commit f067a74
Show file tree

Hide file tree

Showing 10 changed files with 72 additions and 150 deletions.
diff --git a/.github/release.yml b/.github/release.yml
@@ -11,9 +11,15 @@ changelog:
     - title: Breaking Changes 🛠
       labels:
         - breaking-change
+        - major
     - title: Exciting New Features 🎉
       labels:
         - enhancement
+        - minor
+    - title: Bug Fixing 🔥
+      labels:
+        - bug
+        - patch
     - title: Other Changes
       labels:
         - "*"
diff --git a/.github/workflows/check_pr.yml b/.github/workflows/check_pr.yml
@@ -28,35 +28,26 @@ jobs:
         with:
           configuration-path: '.github/auto_assign.yml'
 
-  check_format:
-    name: Check Format
+  check_labels:
+    name: Check Required Labels
+    # The type of runner that the job will run on
     runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Formatting
-        id: format
-        continue-on-error: true
-        uses: findologic/intellij-format-action@main
-        with:
-          path: .
-          fail-on-changes: false
 
-      - uses: actions/[email protected]
-        if: steps.format.outcome != 'success'
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      - name: Verify PR Labels
+        if: ${{ !contains(github.event.pull_request.labels.*.name, 'major') && !contains(github.event.pull_request.labels.*.name, 'minor') && !contains(github.event.pull_request.labels.*.name, 'patch') && !contains(github.event.pull_request.labels.*.name, 'patch') && !contains(github.event.pull_request.labels.*.name, 'skip') }}
+        uses: actions/[email protected]
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
-            console.log(context);
             var comments = await github.rest.issues.listComments({
                 issue_number: context.issue.number,
                 owner: context.repo.owner,
                 repo: context.repo.repo
             });
             for (const comment of comments.data) {
-              console.log(comment);
-              if (comment.body.includes('Comment this PR with')){
+              if (comment.body.includes('This pull request does not contain a valid label')){
                 github.rest.issues.deleteComment({
                   issue_number: context.issue.number,
                   owner: context.repo.owner,
@@ -66,12 +57,12 @@ jobs:
               }
             }
             github.rest.issues.createComment({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                body: 'Comment this PR with *update_code* to update `openapi.json` and format the code. Consider to use pre-commit to format the code.'
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: 'This pull request does not contain a valid label. Please add one of the following labels: `[major, minor, patch, patch, skip]`'
             })
-            core.setFailed('Format your code.')
+            core.setFailed('Missing required labels')
 
   check_size:
     runs-on: ubuntu-latest
@@ -84,7 +75,8 @@ jobs:
       - name: Check Size
         uses: actions/[email protected]
         env:
-          IGNORED_FILES: openapi.json, openapi-node.json
+          IGNORED_FILES: openapi.json
+          BRANCH_NAME: ${{ github.head_ref}}
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
@@ -93,15 +85,15 @@ jobs:
             var changes = additions + deletions
             console.log('additions: '+additions+' + deletions: '+deletions+ ' = total changes: ' + changes);
 
-            const { IGNORED_FILES } = process.env
+            const { IGNORED_FILES, BRANCH_NAME } = process.env
             const ignored_files = IGNORED_FILES.trim().split(',').filter(word => word.length > 0);
             if (ignored_files.length > 0){
               var ignored = 0
               const execSync = require('child_process').execSync;
               for (const file of IGNORED_FILES.trim().split(',')) {
             
-                const ignored_additions_str = execSync('git --no-pager  diff --numstat origin/main..origin/${{ github.head_ref}} | grep ' + file + ' | cut -f 1', { encoding: 'utf-8' })
-                const ignored_deletions_str = execSync('git --no-pager  diff --numstat origin/main..origin/${{ github.head_ref}} | grep ' + file + ' | cut -f 2', { encoding: 'utf-8' })
+                const ignored_additions_str = execSync('git --no-pager  diff --numstat origin/main..origin/'+BRANCH_NAME+' | grep ' + file + ' | cut -f 1', { encoding: 'utf-8' })
+                const ignored_deletions_str = execSync('git --no-pager  diff --numstat origin/main..origin/'+BRANCH_NAME+' | grep ' + file + ' | cut -f 2', { encoding: 'utf-8' })
             
                 const ignored_additions = ignored_additions_str.split('\n').map(elem=> parseInt(elem || 0)).reduce(
                 (accumulator, currentValue) => accumulator + currentValue,
@@ -122,21 +114,26 @@ jobs:
               repo: context.repo.repo
             });
 
-            if (labels.data.find(label => label.name == 'size/large')){
-              github.rest.issues.removeLabel({
-                  issue_number: context.issue.number,
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  name: 'size/large'
-              })
-            }
-            if (labels.data.find(label => label.name == 'size/small')){
+            if (changes <= 400){
+              if (labels.data.find(label => label.name == 'size/large')){
                 github.rest.issues.removeLabel({
                     issue_number: context.issue.number,
                     owner: context.repo.owner,
                     repo: context.repo.repo,
-                    name: 'size/small'
+                    name: 'size/large'
                 })
+              }
+            }
+            
+            if (changes >= 200){
+              if (labels.data.find(label => label.name == 'size/small')){
+                  github.rest.issues.removeLabel({
+                      issue_number: context.issue.number,
+                      owner: context.repo.owner,
+                      repo: context.repo.repo,
+                      name: 'size/small'
+                  })
+              }
             }
             
             var comments = await github.rest.issues.listComments({

diff --git a/.github/workflows/code_review.yml b/.github/workflows/code_review.yml
@@ -41,7 +41,7 @@ jobs:
           sonar_token: ${{ secrets.SONAR_TOKEN }}
           project_key: ${{env.PROJECT_KEY}}
           coverage_exclusions: "**/config/*,**/*Mock*,**/model/**,**/entity/*,**/exception/*"
-          cpd_exclusions: "**/model/**,**/entity/*"
+          cpd_exclusions: "**/models/**,**/entity/*"
           java_version: 17
 
 

diff --git a/.github/workflows/deploy_with_github_runner.yml b/.github/workflows/deploy_with_github_runner.yml
@@ -9,7 +9,7 @@ on:
         type: string
 
 env:
-  APP_NAME: pagopa-print-payment-notice-generator
+  APP_NAME: print-payment-notice-generator
 
 
 permissions:
@@ -36,6 +36,7 @@ jobs:
           container_app_environment_name: ${{ vars.CONTAINER_APP_ENVIRONMENT_NAME }}
           resource_group_name: ${{ vars.CONTAINER_APP_ENVIRONMENT_RESOURCE_GROUP_NAME }} # RG of the runner
           pat_token: ${{ secrets.BOT_TOKEN_GITHUB }}
+          self_hosted_runner_image_tag: "v3.0.0"
 
   deploy:
     needs: [ create_runner ]

diff --git a/.github/workflows/release_deploy.yml b/.github/workflows/release_deploy.yml
@@ -2,6 +2,8 @@ name: Release And Deploy
 
 # Controls when the workflow will run
 on:
+  merge_group:
+    branches: [ main ]
   pull_request:
     types: [ closed ]
 
@@ -21,7 +23,7 @@ on:
         type: choice
         description: Select the version
         options:
-          - ''
+          - patch
           - skip_or_promote
           - new_release
           - breaking_change
@@ -59,7 +61,16 @@ jobs:
       # Set Semvar
       - run: echo "SEMVER=patch" >> $GITHUB_ENV
 
-      - if: ${{ (github.event.pull_request.merged && contains(github.event.pull_request.labels.*.name, 'breaking-change')) }}
+      - if: ${{ (github.event.pull_request.merged && contains(github.event.pull_request.labels.*.name, 'skip')) }}
+        run: echo "SEMVER=skip" >> $GITHUB_ENV
+
+      - if: ${{ (github.event.pull_request.merged && contains(github.event.pull_request.labels.*.name, 'patch')) }}
+        run: echo "SEMVER=patch" >> $GITHUB_ENV
+
+      - if: ${{ (github.event.pull_request.merged && contains(github.event.pull_request.labels.*.name, 'minor')) }}
+        run: echo "SEMVER=minor" >> $GITHUB_ENV
+
+      - if: ${{ (github.event.pull_request.merged && contains(github.event.pull_request.labels.*.name, 'major')) }}
         run: echo "SEMVER=major" >> $GITHUB_ENV
 
       # force semver if dev, !=main or skip release
@@ -99,11 +110,12 @@ jobs:
     steps:
       - name: Make Release
         id: release
-        uses: pagopa/github-actions-template/maven-release@v1.6.8
+        uses: pagopa/github-actions-template/maven-release@v1.12.0
         with:
           semver: ${{ needs.setup.outputs.semver }}
           github_token: ${{ secrets.BOT_TOKEN_GITHUB }}
           beta: ${{ inputs.beta }}
+          prerelease: ${{ inputs.environment != 'prod' }}
           skip_ci: false
 
   image:
@@ -128,7 +140,6 @@ jobs:
       environment: ${{ needs.setup.outputs.environment }}
     secrets: inherit
 
-
   notify:
     needs: [ setup, release, deploy_aks ]
     runs-on: ubuntu-latest

diff --git a/.github/workflows/update_gha.py b/.github/workflows/update_gha.py
@@ -1,19 +1,17 @@
-import requests
 import json
 
+import requests
 
-url = 'https://github.com/pagopa/template-java-spring-microservice/tree/main/.github/workflows'
+url = 'https://api.github.com/repos/pagopa/template-java-spring-microservice/contents/.github/workflows'
 url_raw = 'https://raw.githubusercontent.com/pagopa/template-java-spring-microservice/main/'
 
 response = requests.get(url)
 
-for item in json.loads(response.text)["payload"]["tree"]["items"]:
+for item in json.loads(response.text):
     path = item["path"]
     name = item["name"]
     print(name)
-    response = requests.get(url_raw+path)
+    response = requests.get(url_raw + path)
     fo = open(name, "w")
     fo.write(response.text)
     fo.close()
-
-
diff --git a/.identity/00_data.tf b/.identity/00_data.tf
@@ -1,4 +1,4 @@
-data "azurerm_storage_account" "tf_storage_account"{
+data "azurerm_storage_account" "tf_storage_account" {
   name                = "pagopainfraterraform${var.env}"
   resource_group_name = "io-infra-rg"
 }
@@ -17,14 +17,19 @@ data "github_organization_teams" "all" {
   summary_only    = true
 }
 
+data "azurerm_user_assigned_identity" "identity_cd_01" {
+  name                = "${local.prefix}-${var.env_short}-${local.domain}-01-github-cd-identity"
+  resource_group_name = "${local.prefix}-${var.env_short}-identity-rg"
+}
+
 data "azurerm_key_vault" "key_vault" {
   name                = "pagopa-${var.env_short}-kv"
   resource_group_name = "pagopa-${var.env_short}-sec-rg"
 }
 
 data "azurerm_key_vault" "domain_key_vault" {
-  name                = "pagopa-${var.env_short}-${local.domain}-kv"
-  resource_group_name = "pagopa-${var.env_short}-${local.domain}-sec-rg"
+  name                = "pagopa-${var.env_short}-itn-${local.domain}-kv"
+  resource_group_name = "pagopa-${var.env_short}-itn-${local.domain}-sec-rg"
 }
 
 data "azurerm_resource_group" "apim_resource_group" {

diff --git a/.identity/03_github_environment.tf → .identity/01_github_environment.tf b/.identity/03_github_environment.tf → .identity/01_github_environment.tf
@@ -21,7 +21,7 @@ resource "github_repository_environment" "github_repository_environment" {
 
 locals {
   env_secrets = {
-    "CLIENT_ID" : module.github_runner_app.application_id,
+    "CLIENT_ID" : data.azurerm_user_assigned_identity.identity_cd_01.client_id,
     "TENANT_ID" : data.azurerm_client_config.current.tenant_id,
     "SUBSCRIPTION_ID" : data.azurerm_subscription.current.subscription_id,
     "SUBKEY" : data.azurerm_key_vault_secret.key_vault_integration_test_subkey.value,

diff --git a/.identity/02_application_action.tf b/.identity/02_application_action.tf
diff --git a/.identity/99_variables.tf b/.identity/99_variables.tf
@@ -35,7 +35,7 @@ variable "prefix" {
   default = "pagopa"
   validation {
     condition = (
-      length(var.prefix) <= 6
+    length(var.prefix) <= 6
     )
     error_message = "Max length is 6 chars."
   }