From c82e8b649d852ff28dc12c692f7045385bcb0cf5 Mon Sep 17 00:00:00 2001 From: vishesh92 Date: Mon, 9 Mar 2026 18:43:00 +0530 Subject: [PATCH 1/5] Refactor github actions --- .github/actions/install-nonoss/action.yml | 31 ++ .github/actions/setup-env/action.yml | 58 ++++ .github/workflows/build.yml | 37 +-- .github/workflows/ci.yml | 353 ++++++++-------------- .github/workflows/codecov.yml | 59 ---- .github/workflows/main-sonar-check.yml | 68 ----- .github/workflows/rat.yml | 23 +- .github/workflows/sonar-check.yml | 49 ++- 8 files changed, 248 insertions(+), 430 deletions(-) create mode 100644 .github/actions/install-nonoss/action.yml create mode 100644 .github/actions/setup-env/action.yml delete mode 100644 .github/workflows/codecov.yml delete mode 100644 .github/workflows/main-sonar-check.yml diff --git a/.github/actions/install-nonoss/action.yml b/.github/actions/install-nonoss/action.yml new file mode 100644 index 000000000000..39a03213c29d --- /dev/null +++ b/.github/actions/install-nonoss/action.yml @@ -0,0 +1,31 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +name: 'Install CloudStack Non-OSS' +description: 'Clones and installs the shapeblue/cloudstack-nonoss repository.' + +runs: + using: "composite" + steps: + - name: Install cloudstack-nonoss + shell: bash + run: | + git clone --depth 1 https://github.com/shapeblue/cloudstack-nonoss.git nonoss + cd nonoss + bash -x install-non-oss.sh + cd .. + rm -fr nonoss diff --git a/.github/actions/setup-env/action.yml b/.github/actions/setup-env/action.yml new file mode 100644 index 000000000000..c28d91d86c8c --- /dev/null +++ b/.github/actions/setup-env/action.yml @@ -0,0 +1,58 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +name: 'Setup CloudStack Environment' +description: 'Sets up JDK (with Maven cache), optionally Python, and optionally APT build dependencies for CloudStack.' + +inputs: + java-version: + description: 'The JDK version to use' + required: false + default: '17' + install-python: + description: 'Whether to install Python 3.10' + required: false + default: 'false' + install-apt-deps: + description: 'Whether to install CloudStack APT build dependencies' + required: false + default: 'false' + +runs: + using: "composite" + steps: + - name: Set up JDK ${{ inputs.java-version }} + uses: actions/setup-java@v4 + with: + java-version: ${{ inputs.java-version }} + distribution: 'temurin' + architecture: x64 + cache: 'maven' + + - name: Set up Python + if: ${{ inputs.install-python == 'true' }} + uses: actions/setup-python@v5 + with: + python-version: '3.10' + architecture: x64 + + - name: Install Build Dependencies + if: ${{ inputs.install-apt-deps == 'true' }} + shell: bash + run: | + sudo apt-get update + sudo apt-get install -y git uuid-runtime genisoimage netcat-openbsd ipmitool build-essential libgcrypt20 libgpg-error-dev libgpg-error0 libopenipmi0 libpython3-dev libssl-dev libffi-dev python3-openssl python3-dev python3-setuptools diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 84020f4a6b06..d479a6d6d405 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,40 +16,24 @@ # under the License. name: Build - -on: [push, pull_request] - +on: + - push + - pull_request concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} permissions: contents: read - jobs: build: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v5 - - - name: Set up JDK 17 - uses: actions/setup-java@v5 + - name: Setup Environment + uses: ./.github/actions/setup-env with: - distribution: 'temurin' - java-version: '17' - cache: 'maven' - - - name: Set up Python - uses: actions/setup-python@v6 - with: - python-version: '3.10' - architecture: 'x64' - - - name: Install Build Dependencies - run: | - sudo apt-get update - sudo apt-get install -y git uuid-runtime genisoimage netcat ipmitool build-essential libgcrypt20 libgpg-error-dev libgpg-error0 libopenipmi0 ipmitool libpython3-dev libssl-dev libffi-dev python3-openssl python3-dev python3-setuptools - + install-python: 'true' + install-apt-deps: 'true' - name: Env details run: | uname -a @@ -60,9 +44,8 @@ jobs: free -m nproc git status - + - name: Install Non-OSS + uses: ./.github/actions/install-nonoss - name: Noredist Build run: | - git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss && cd nonoss && bash -x install-non-oss.sh && cd .. - rm -fr nonoss mvn -B -P developer,systemvm -Dsimulator -Dnoredist clean install -T$(nproc) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4edd448067ae..874f5c2b9a76 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,228 +16,136 @@ # under the License. name: Simulator CI - -on: [push, pull_request] - +on: + - push + - pull_request concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} permissions: contents: read - jobs: build: if: github.repository == 'apache/cloudstack' runs-on: ubuntu-24.04 - + steps: + - uses: actions/checkout@v5 + with: + fetch-depth: 0 + - name: Setup Environment + uses: ./.github/actions/setup-env + with: + install-python: 'true' + install-apt-deps: 'true' + - name: Env details + run: | + uname -a + whoami + javac -version + mvn -v + python3 --version + free -m + nproc + git status + ipmitool -V + - name: Build with Maven + run: | + mvn -B -P developer,systemvm -Dsimulator clean install -DskipTests=true -T$(nproc) + - name: Archive artifacts + run: | + mkdir -p /tmp/artifacts + tar -czf /tmp/artifacts/targets.tar.gz $(find . -name "target" -type d) tools/marvin/dist + tar -czf /tmp/artifacts/m2-cloudstack.tar.gz -C ~/.m2/repository org/apache/cloudstack + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: build-artifacts + path: /tmp/artifacts/ + test: + needs: build + if: github.repository == 'apache/cloudstack' + runs-on: ubuntu-24.04 strategy: fail-fast: false matrix: - tests: [ "smoke/test_accounts - smoke/test_account_access - smoke/test_affinity_groups - smoke/test_affinity_groups_projects - smoke/test_annotations - smoke/test_async_job - smoke/test_attach_multiple_volumes - smoke/test_backup_recovery_dummy - smoke/test_certauthority_root - smoke/test_console_endpoint - smoke/test_create_list_domain_account_project - smoke/test_create_network - smoke/test_deploy_vgpu_enabled_vm - smoke/test_deploy_virtio_scsi_vm - smoke/test_deploy_vm_extra_config_data - smoke/test_deploy_vm_iso - smoke/test_deploy_vm_iso_uefi - smoke/test_deploy_vm_root_resize - smoke/test_deploy_vm_with_userdata - smoke/test_deploy_vms_in_parallel - smoke/test_deploy_vms_with_varied_deploymentplanners - smoke/test_restore_vm - smoke/test_diagnostics - smoke/test_direct_download - smoke/test_disk_offerings - smoke/test_disk_provisioning_types - smoke/test_domain_disk_offerings - smoke/test_domain_network_offerings - smoke/test_domain_service_offerings - smoke/test_domain_vpc_offerings", - "smoke/test_cluster_drs - smoke/test_dynamicroles - smoke/test_enable_account_settings_for_domain - smoke/test_enable_role_based_users_in_projects - smoke/test_events_resource - smoke/test_global_settings - smoke/test_guest_vlan_range - smoke/test_host_maintenance - smoke/test_hostha_kvm - smoke/test_hostha_simulator - smoke/test_internal_lb - smoke/test_ipv6_infra - smoke/test_iso - smoke/test_kubernetes_clusters - smoke/test_kubernetes_supported_versions - smoke/test_list_ids_parameter - smoke/test_loadbalance - smoke/test_login - smoke/test_2fa - smoke/test_metrics_api - smoke/test_migration - smoke/test_multipleips_per_nic - smoke/test_nested_virtualization - smoke/test_set_sourcenat - smoke/test_webhook_lifecycle - smoke/test_purge_expunged_vms - smoke/test_extension_lifecycle - smoke/test_extension_custom_action_lifecycle - smoke/test_extension_custom", - "smoke/test_network - smoke/test_network_acl - smoke/test_network_ipv6 - smoke/test_network_permissions - smoke/test_nic - smoke/test_nic_adapter_type - smoke/test_non_contigiousvlan - smoke/test_object_stores - smoke/test_outofbandmanagement - smoke/test_outofbandmanagement_nestedplugin - smoke/test_over_provisioning - smoke/test_password_server - smoke/test_persistent_network - smoke/test_portable_publicip - smoke/test_portforwardingrules - smoke/test_primary_storage - smoke/test_privategw_acl - smoke/test_privategw_acl_ovs_gre - smoke/test_projects - smoke/test_public_ip_range - smoke/test_pvlan - smoke/test_regions - smoke/test_register_userdata - smoke/test_reset_configuration_settings - smoke/test_reset_vm_on_reboot - smoke/test_resource_accounting - smoke/test_resource_detail - smoke/test_global_acls", - "smoke/test_router_dhcphosts - smoke/test_router_dns - smoke/test_router_dnsservice - smoke/test_routers - smoke/test_routers_iptables_default_policy - smoke/test_routers_network_ops - smoke/test_scale_vm - smoke/test_secondary_storage - smoke/test_service_offerings - smoke/test_snapshots - smoke/test_ssvm - smoke/test_staticroles - smoke/test_templates - smoke/test_update_security_group - smoke/test_usage - smoke/test_usage_events - smoke/test_vm_deployment_planner - smoke/test_vm_strict_host_tags - smoke/test_vm_schedule - smoke/test_deploy_vgpu_enabled_vm - smoke/test_vm_life_cycle - smoke/test_vm_lifecycle_unmanage_import - smoke/test_vm_snapshot_kvm - smoke/test_vm_snapshots - smoke/test_volumes - smoke/test_vpc_ipv6 - smoke/test_vpc_redundant - smoke/test_vpc_router_nics - smoke/test_vpc_vpn", - "component/find_hosts_for_migration - component/test_acl_isolatednetwork - component/test_acl_isolatednetwork_delete - component/test_acl_listsnapshot", - "component/test_acl_listvm - component/test_acl_listvolume", - "component/test_acl_sharednetwork - component/test_acl_sharednetwork_deployVM-impersonation - component/test_user_private_gateway - component/test_user_shared_network", - "component/test_affinity_groups_projects - component/test_allocation_states - component/test_assign_vm", - "component/test_concurrent_snapshots_limit - component/test_cpu_domain_limits - component/test_cpu_limits - component/test_cpu_max_limits - component/test_cpu_project_limits - component/test_deploy_vm_userdata_multi_nic - component/test_deploy_vm_lease", - "component/test_egress_fw_rules - component/test_invalid_gw_nm - component/test_ip_reservation", - "component/test_lb_secondary_ip - component/test_list_nics - component/test_list_pod - component/test_memory_limits", - "component/test_mm_domain_limits - component/test_mm_max_limits - component/test_mm_project_limits - component/test_network_offering - component/test_non_contiguous_vlan", - "component/test_persistent_networks - component/test_project_configs - component/test_project_limits - component/test_project_resources", - "component/test_project_usage - component/test_protocol_number_security_group - component/test_public_ip - component/test_resource_limits - component/test_resource_limit_tags", - "component/test_regions_accounts - component/test_routers - component/test_snapshots - component/test_stopped_vm - component/test_tags - component/test_templates - component/test_updateResourceCount - component/test_update_vm", - "component/test_volumes - component/test_vpc - component/test_vpc_distributed_routing_offering - component/test_vpc_network - component/test_vpc_offerings - component/test_vpc_routers - component/test_vpn_users - component/test_vpc_network_lbrules", - "smoke/test_list_accounts - smoke/test_list_disk_offerings - smoke/test_list_domains - smoke/test_list_hosts - smoke/test_list_service_offerings - smoke/test_list_storage_pools - smoke/test_list_volumes"] - + tests: + - smoke/test_accounts smoke/test_account_access smoke/test_affinity_groups + smoke/test_affinity_groups_projects smoke/test_annotations smoke/test_async_job + smoke/test_attach_multiple_volumes smoke/test_backup_recovery_dummy smoke/test_certauthority_root + smoke/test_console_endpoint smoke/test_create_list_domain_account_project + smoke/test_create_network smoke/test_deploy_vgpu_enabled_vm smoke/test_deploy_virtio_scsi_vm + smoke/test_deploy_vm_extra_config_data smoke/test_deploy_vm_iso smoke/test_deploy_vm_iso_uefi + smoke/test_deploy_vm_root_resize smoke/test_deploy_vm_with_userdata smoke/test_deploy_vms_in_parallel + smoke/test_deploy_vms_with_varied_deploymentplanners smoke/test_restore_vm + smoke/test_diagnostics smoke/test_direct_download smoke/test_disk_offerings + smoke/test_disk_provisioning_types smoke/test_domain_disk_offerings smoke/test_domain_network_offerings + smoke/test_domain_service_offerings smoke/test_domain_vpc_offerings + - smoke/test_cluster_drs smoke/test_dynamicroles smoke/test_enable_account_settings_for_domain + smoke/test_enable_role_based_users_in_projects smoke/test_events_resource + smoke/test_global_settings smoke/test_guest_vlan_range smoke/test_host_maintenance + smoke/test_hostha_kvm smoke/test_hostha_simulator smoke/test_internal_lb + smoke/test_ipv6_infra smoke/test_iso smoke/test_kubernetes_clusters smoke/test_kubernetes_supported_versions + smoke/test_list_ids_parameter smoke/test_loadbalance smoke/test_login + smoke/test_2fa smoke/test_metrics_api smoke/test_migration smoke/test_multipleips_per_nic + smoke/test_nested_virtualization smoke/test_set_sourcenat smoke/test_webhook_lifecycle + smoke/test_purge_expunged_vms smoke/test_extension_lifecycle smoke/test_extension_custom_action_lifecycle + smoke/test_extension_custom + - smoke/test_network smoke/test_network_acl smoke/test_network_ipv6 smoke/test_network_permissions + smoke/test_nic smoke/test_nic_adapter_type smoke/test_non_contigiousvlan + smoke/test_object_stores smoke/test_outofbandmanagement smoke/test_outofbandmanagement_nestedplugin + smoke/test_over_provisioning smoke/test_password_server smoke/test_persistent_network + smoke/test_portable_publicip smoke/test_portforwardingrules smoke/test_primary_storage + smoke/test_privategw_acl smoke/test_privategw_acl_ovs_gre smoke/test_projects + smoke/test_public_ip_range smoke/test_pvlan smoke/test_regions smoke/test_register_userdata + smoke/test_reset_configuration_settings smoke/test_reset_vm_on_reboot + smoke/test_resource_accounting smoke/test_resource_detail smoke/test_global_acls + - smoke/test_router_dhcphosts smoke/test_router_dns smoke/test_router_dnsservice + smoke/test_routers smoke/test_routers_iptables_default_policy smoke/test_routers_network_ops + smoke/test_scale_vm smoke/test_secondary_storage smoke/test_service_offerings + smoke/test_snapshots smoke/test_ssvm smoke/test_staticroles smoke/test_templates + smoke/test_update_security_group smoke/test_usage smoke/test_usage_events + smoke/test_vm_deployment_planner smoke/test_vm_strict_host_tags smoke/test_vm_schedule + smoke/test_deploy_vgpu_enabled_vm smoke/test_vm_life_cycle smoke/test_vm_lifecycle_unmanage_import + smoke/test_vm_snapshot_kvm smoke/test_vm_snapshots smoke/test_volumes + smoke/test_vpc_ipv6 smoke/test_vpc_redundant smoke/test_vpc_router_nics + smoke/test_vpc_vpn + - component/find_hosts_for_migration component/test_acl_isolatednetwork + component/test_acl_isolatednetwork_delete component/test_acl_listsnapshot + - component/test_acl_listvm component/test_acl_listvolume + - component/test_acl_sharednetwork component/test_acl_sharednetwork_deployVM-impersonation + component/test_user_private_gateway component/test_user_shared_network + - component/test_affinity_groups_projects component/test_allocation_states + component/test_assign_vm + - component/test_concurrent_snapshots_limit component/test_cpu_domain_limits + component/test_cpu_limits component/test_cpu_max_limits component/test_cpu_project_limits + component/test_deploy_vm_userdata_multi_nic component/test_deploy_vm_lease + - component/test_egress_fw_rules component/test_invalid_gw_nm component/test_ip_reservation + - component/test_lb_secondary_ip component/test_list_nics component/test_list_pod + component/test_memory_limits + - component/test_mm_domain_limits component/test_mm_max_limits component/test_mm_project_limits + component/test_network_offering component/test_non_contiguous_vlan + - component/test_persistent_networks component/test_project_configs component/test_project_limits + component/test_project_resources + - component/test_project_usage component/test_protocol_number_security_group + component/test_public_ip component/test_resource_limits component/test_resource_limit_tags + - component/test_regions_accounts component/test_routers component/test_snapshots + component/test_stopped_vm component/test_tags component/test_templates + component/test_updateResourceCount component/test_update_vm + - component/test_volumes component/test_vpc component/test_vpc_distributed_routing_offering + component/test_vpc_network component/test_vpc_offerings component/test_vpc_routers + component/test_vpn_users component/test_vpc_network_lbrules + - smoke/test_list_accounts smoke/test_list_disk_offerings smoke/test_list_domains + smoke/test_list_hosts smoke/test_list_service_offerings smoke/test_list_storage_pools + smoke/test_list_volumes steps: - uses: actions/checkout@v5 with: fetch-depth: 0 - - - name: Set up JDK 17 - uses: actions/setup-java@v5 + - name: Setup Environment + uses: ./.github/actions/setup-env with: - distribution: 'temurin' - java-version: '17' - cache: 'maven' - - - name: Set up Python - uses: actions/setup-python@v6 - with: - python-version: '3.10' - architecture: 'x64' - - - name: Install Build Dependencies - run: | - sudo apt-get update - sudo apt-get install -y git uuid-runtime genisoimage netcat-openbsd ipmitool build-essential libgcrypt20 libgpg-error-dev libgpg-error0 libopenipmi0 ipmitool libpython3-dev libssl-dev libffi-dev python3-openssl python3-dev python3-setuptools - + install-python: 'true' + install-apt-deps: 'true' - name: Setup IPMI Tool for CloudStack run: | # Create cloudstack-common directory if it doesn't exist @@ -255,28 +163,13 @@ jobs: /usr/share/cloudstack-common/ipmitool -C3 $@ EOF sudo chmod 755 /usr/bin/ipmitool - - name: Install Python dependencies run: | python3 -m pip install --user --upgrade urllib3 lxml paramiko nose texttable ipmisim pyopenssl pycryptodome mock flask netaddr pylint pycodestyle six astroid pynose - - name: Install jacoco dependencies run: | wget https://github.com/jacoco/jacoco/releases/download/v0.8.10/jacoco-0.8.10.zip unzip jacoco-0.8.10.zip -d jacoco - - - name: Env details - run: | - uname -a - whoami - javac -version - mvn -v - python3 --version - free -m - nproc - git status - ipmitool -V - - name: Setup MySQL Server run: | # https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2004-Readme.md#mysql @@ -285,25 +178,28 @@ jobs: sudo mysql -uroot -proot -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY ''; FLUSH PRIVILEGES;" sudo systemctl restart mysql sudo mysql -uroot -e "SELECT VERSION();" - - - name: Build with Maven + - name: Download artifacts + uses: actions/download-artifact@v4 + with: + name: build-artifacts + path: /tmp/artifacts/ + - name: Extract artifacts run: | - mvn -B -P developer,systemvm -Dsimulator clean install -DskipTests=true -T$(nproc) - + tar -xzf /tmp/artifacts/targets.tar.gz + mkdir -p ~/.m2/repository + tar -xzf /tmp/artifacts/m2-cloudstack.tar.gz -C ~/.m2/repository - name: Setup Simulator Prerequisites run: | sudo python3 -m pip install --upgrade netaddr mysql-connector-python python3 -m pip install --user --upgrade tools/marvin/dist/[mM]arvin-*.tar.gz mvn -q -Pdeveloper -pl developer -Ddeploydb mvn -q -Pdeveloper -pl developer -Ddeploydb-simulator - - name: Generate jacoco-coverage.sh run: | echo "java -jar jacoco/lib/jacococli.jar report jacoco-it.exec \\" > jacoco-report.sh find . | grep "target/classes" | sed 's/\/classes\//\/classes /g' | awk '{print "--classfiles", $1, "\\"}' | sort |uniq >> jacoco-report.sh find . | grep "src/main/java" | sed 's/\/java\//\/java /g' | awk '{print "--sourcefiles", $1, "\\"}' | sort | uniq >> jacoco-report.sh echo "--xml jacoco-coverage.xml" >> jacoco-report.sh - - name: Start CloudStack Management Server with Simulator run: | export MAVEN_OPTS="-Xmx4096m -XX:MaxMetaspaceSize=800m -Djava.security.egd=file:/dev/urandom -javaagent:jacoco/lib/jacocoagent.jar=address=*,port=36320,output=tcpserver --add-opens=java.base/java.lang=ALL-UNNAMED --add-exports=java.base/sun.security.x509=ALL-UNNAMED --add-opens=java.base/jdk.internal.reflect=ALL-UNNAMED" @@ -314,7 +210,6 @@ jobs: set -e echo -e "\nStarting Advanced Zone DataCenter deployment" python3 tools/marvin/marvin/deployDataCenter.py -i setup/dev/advdualzone.cfg 2>&1 || true - - name: Run Integration Tests with Simulator run: | mkdir -p integration-test-results/smoke/misc @@ -334,12 +229,10 @@ jobs: bash jacoco-report.sh mvn -Dsimulator -pl client jetty:stop 2>&1 find /tmp//MarvinLogs -type f -exec echo -e "Printing marvin logs {} :\n" \; -exec cat {} \; - - name: Integration Tests Result run: | echo -e "Simulator CI Test Results: (only failures listed)\n" python3 ./tools/marvin/xunit-reader.py integration-test-results/ - - uses: codecov/codecov-action@v4 with: files: jacoco-coverage.xml diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml deleted file mode 100644 index fbd944a758f9..000000000000 --- a/.github/workflows/codecov.yml +++ /dev/null @@ -1,59 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -name: Coverage Check - -on: [pull_request, push] - -permissions: - contents: read - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - build: - if: github.repository == 'apache/cloudstack' - name: codecov - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v5 - with: - fetch-depth: 0 - - - name: Set up JDK 17 - uses: actions/setup-java@v5 - with: - distribution: 'temurin' - java-version: '17' - cache: 'maven' - - - name: Build CloudStack with Quality Checks - run: | - git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss - cd nonoss && bash -x install-non-oss.sh && cd .. - mvn -P quality -Dsimulator -Dnoredist clean install -T$(nproc) - - - uses: codecov/codecov-action@v4 - with: - files: ./client/target/site/jacoco-aggregate/jacoco.xml - fail_ci_if_error: true - flags: unittests - verbose: true - name: codecov - token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/main-sonar-check.yml b/.github/workflows/main-sonar-check.yml deleted file mode 100644 index 224ea2cde801..000000000000 --- a/.github/workflows/main-sonar-check.yml +++ /dev/null @@ -1,68 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -name: Main Branch Sonar Quality Check - -on: - push: - branches: - - main - -permissions: - contents: read # to fetch code (actions/checkout) - pull-requests: write # for sonar to comment on pull-request - -jobs: - build: - if: github.repository == 'apache/cloudstack' - name: Main Sonar JaCoCo Build - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v5 - with: - fetch-depth: 0 - - - name: Set up JDK17 - uses: actions/setup-java@v5 - with: - distribution: 'temurin' - java-version: '17' - cache: 'maven' - - - name: Cache SonarCloud packages - uses: actions/cache@v5 - with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - - name: Cache local Maven repository - uses: actions/cache@v5 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-m2-${{ hashFiles('pom.xml', '*/pom.xml', '*/*/pom.xml', '*/*/*/pom.xml') }} - restore-keys: | - ${{ runner.os }}-m2 - - - name: Run Tests with Coverage - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: | - git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss - cd nonoss && bash -x install-non-oss.sh && cd .. - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack diff --git a/.github/workflows/rat.yml b/.github/workflows/rat.yml index d71f4b0852d8..64a137b7a1e5 100644 --- a/.github/workflows/rat.yml +++ b/.github/workflows/rat.yml @@ -16,32 +16,25 @@ # under the License. name: License Check - -on: [push, pull_request] - +on: + - push + - pull_request concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} permissions: contents: read - jobs: build: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v5 - - name: Set up JDK 17 - uses: actions/setup-java@v5 - with: - java-version: '17' - distribution: 'adopt' - architecture: x64 - cache: maven + - name: Setup Environment + uses: ./.github/actions/setup-env + - name: Install Non-OSS + uses: ./.github/actions/install-nonoss - name: RAT licence checks run: | - git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss && cd nonoss && bash -x install-non-oss.sh && cd .. - rm -fr nonoss mvn -P developer,systemvm -Dsimulator -Dnoredist -pl . org.apache.rat:apache-rat-plugin:0.12:check - name: Rat Report if: always() diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-check.yml index 31fb671cc58f..d7935d53db9c 100644 --- a/.github/workflows/sonar-check.yml +++ b/.github/workflows/sonar-check.yml @@ -16,58 +16,45 @@ # under the License. name: Sonar Quality Check - -on: [pull_request] - permissions: - contents: read # to fetch code (actions/checkout) - pull-requests: write # for sonar to comment on pull-request - + contents: read + pull-requests: write +on: + push: + branches: + - main + pull_request: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} jobs: build: - if: github.repository == 'apache/cloudstack' && github.event.pull_request.head.repo.full_name == github.repository + if: github.repository == 'apache/cloudstack' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) name: Sonar JaCoCo Coverage runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v5 with: - ref: "refs/pull/${{ github.event.number }}/merge" fetch-depth: 0 - - - name: Set up JDK17 - uses: actions/setup-java@v5 - with: - distribution: 'temurin' - java-version: '17' - cache: 'maven' - + - name: Setup Environment + uses: ./.github/actions/setup-env - name: Cache SonarCloud packages uses: actions/cache@v5 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - - - name: Cache local Maven repository - uses: actions/cache@v5 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-m2-${{ hashFiles('pom.xml', '*/pom.xml', '*/*/pom.xml', '*/*/*/pom.xml') }} - restore-keys: | - ${{ runner.os }}-m2 - + - name: Install Non-OSS + uses: ./.github/actions/install-nonoss - name: Run Build and Tests with Coverage - id: coverage env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} PR_ID: ${{ github.event.pull_request.number }} HEADREF: ${{ github.event.pull_request.head.ref }} run: | - git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss - cd nonoss && bash -x install-non-oss.sh && cd .. - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true + if [ "${{ github.event_name }}" == "pull_request" ]; then + mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true + else + mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack + fi From 146ec0622eaf9107d3749629e28c9b6bac4067de Mon Sep 17 00:00:00 2001 From: vishesh92 Date: Tue, 10 Mar 2026 11:46:02 +0530 Subject: [PATCH 2/5] Update to ubuntu 24.04 & update actions versions --- .github/actions/setup-env/action.yml | 4 +- .github/workflows/build.yml | 4 +- .github/workflows/ci.yml | 259 +++++++++++++----- .github/workflows/codeql-analysis.yml | 8 +- .../workflows/docker-cloudstack-simulator.yml | 6 +- .github/workflows/main-sonar-check.yml | 49 ++++ .github/workflows/merge-conflict-checker.yml | 22 +- .github/workflows/pre-commit.yml | 4 +- .github/workflows/rat.yml | 4 +- .github/workflows/sonar-check.yml | 15 +- .github/workflows/ui.yml | 8 +- 11 files changed, 268 insertions(+), 115 deletions(-) create mode 100644 .github/workflows/main-sonar-check.yml diff --git a/.github/actions/setup-env/action.yml b/.github/actions/setup-env/action.yml index c28d91d86c8c..7a5ed3416256 100644 --- a/.github/actions/setup-env/action.yml +++ b/.github/actions/setup-env/action.yml @@ -36,7 +36,7 @@ runs: using: "composite" steps: - name: Set up JDK ${{ inputs.java-version }} - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: java-version: ${{ inputs.java-version }} distribution: 'temurin' @@ -45,7 +45,7 @@ runs: - name: Set up Python if: ${{ inputs.install-python == 'true' }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.10' architecture: x64 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d479a6d6d405..e10863243b9f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,9 +26,9 @@ permissions: contents: read jobs: build: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Setup Environment uses: ./.github/actions/setup-env with: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 874f5c2b9a76..8a08119e8955 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,7 +29,7 @@ jobs: if: github.repository == 'apache/cloudstack' runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Setup Environment @@ -57,7 +57,7 @@ jobs: tar -czf /tmp/artifacts/targets.tar.gz $(find . -name "target" -type d) tools/marvin/dist tar -czf /tmp/artifacts/m2-cloudstack.tar.gz -C ~/.m2/repository org/apache/cloudstack - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: build-artifacts path: /tmp/artifacts/ @@ -68,77 +68,188 @@ jobs: strategy: fail-fast: false matrix: - tests: - - smoke/test_accounts smoke/test_account_access smoke/test_affinity_groups - smoke/test_affinity_groups_projects smoke/test_annotations smoke/test_async_job - smoke/test_attach_multiple_volumes smoke/test_backup_recovery_dummy smoke/test_certauthority_root - smoke/test_console_endpoint smoke/test_create_list_domain_account_project - smoke/test_create_network smoke/test_deploy_vgpu_enabled_vm smoke/test_deploy_virtio_scsi_vm - smoke/test_deploy_vm_extra_config_data smoke/test_deploy_vm_iso smoke/test_deploy_vm_iso_uefi - smoke/test_deploy_vm_root_resize smoke/test_deploy_vm_with_userdata smoke/test_deploy_vms_in_parallel - smoke/test_deploy_vms_with_varied_deploymentplanners smoke/test_restore_vm - smoke/test_diagnostics smoke/test_direct_download smoke/test_disk_offerings - smoke/test_disk_provisioning_types smoke/test_domain_disk_offerings smoke/test_domain_network_offerings - smoke/test_domain_service_offerings smoke/test_domain_vpc_offerings - - smoke/test_cluster_drs smoke/test_dynamicroles smoke/test_enable_account_settings_for_domain - smoke/test_enable_role_based_users_in_projects smoke/test_events_resource - smoke/test_global_settings smoke/test_guest_vlan_range smoke/test_host_maintenance - smoke/test_hostha_kvm smoke/test_hostha_simulator smoke/test_internal_lb - smoke/test_ipv6_infra smoke/test_iso smoke/test_kubernetes_clusters smoke/test_kubernetes_supported_versions - smoke/test_list_ids_parameter smoke/test_loadbalance smoke/test_login - smoke/test_2fa smoke/test_metrics_api smoke/test_migration smoke/test_multipleips_per_nic - smoke/test_nested_virtualization smoke/test_set_sourcenat smoke/test_webhook_lifecycle - smoke/test_purge_expunged_vms smoke/test_extension_lifecycle smoke/test_extension_custom_action_lifecycle - smoke/test_extension_custom - - smoke/test_network smoke/test_network_acl smoke/test_network_ipv6 smoke/test_network_permissions - smoke/test_nic smoke/test_nic_adapter_type smoke/test_non_contigiousvlan - smoke/test_object_stores smoke/test_outofbandmanagement smoke/test_outofbandmanagement_nestedplugin - smoke/test_over_provisioning smoke/test_password_server smoke/test_persistent_network - smoke/test_portable_publicip smoke/test_portforwardingrules smoke/test_primary_storage - smoke/test_privategw_acl smoke/test_privategw_acl_ovs_gre smoke/test_projects - smoke/test_public_ip_range smoke/test_pvlan smoke/test_regions smoke/test_register_userdata - smoke/test_reset_configuration_settings smoke/test_reset_vm_on_reboot - smoke/test_resource_accounting smoke/test_resource_detail smoke/test_global_acls - - smoke/test_router_dhcphosts smoke/test_router_dns smoke/test_router_dnsservice - smoke/test_routers smoke/test_routers_iptables_default_policy smoke/test_routers_network_ops - smoke/test_scale_vm smoke/test_secondary_storage smoke/test_service_offerings - smoke/test_snapshots smoke/test_ssvm smoke/test_staticroles smoke/test_templates - smoke/test_update_security_group smoke/test_usage smoke/test_usage_events - smoke/test_vm_deployment_planner smoke/test_vm_strict_host_tags smoke/test_vm_schedule - smoke/test_deploy_vgpu_enabled_vm smoke/test_vm_life_cycle smoke/test_vm_lifecycle_unmanage_import - smoke/test_vm_snapshot_kvm smoke/test_vm_snapshots smoke/test_volumes - smoke/test_vpc_ipv6 smoke/test_vpc_redundant smoke/test_vpc_router_nics - smoke/test_vpc_vpn - - component/find_hosts_for_migration component/test_acl_isolatednetwork - component/test_acl_isolatednetwork_delete component/test_acl_listsnapshot - - component/test_acl_listvm component/test_acl_listvolume - - component/test_acl_sharednetwork component/test_acl_sharednetwork_deployVM-impersonation - component/test_user_private_gateway component/test_user_shared_network - - component/test_affinity_groups_projects component/test_allocation_states - component/test_assign_vm - - component/test_concurrent_snapshots_limit component/test_cpu_domain_limits - component/test_cpu_limits component/test_cpu_max_limits component/test_cpu_project_limits - component/test_deploy_vm_userdata_multi_nic component/test_deploy_vm_lease - - component/test_egress_fw_rules component/test_invalid_gw_nm component/test_ip_reservation - - component/test_lb_secondary_ip component/test_list_nics component/test_list_pod - component/test_memory_limits - - component/test_mm_domain_limits component/test_mm_max_limits component/test_mm_project_limits - component/test_network_offering component/test_non_contiguous_vlan - - component/test_persistent_networks component/test_project_configs component/test_project_limits - component/test_project_resources - - component/test_project_usage component/test_protocol_number_security_group - component/test_public_ip component/test_resource_limits component/test_resource_limit_tags - - component/test_regions_accounts component/test_routers component/test_snapshots - component/test_stopped_vm component/test_tags component/test_templates - component/test_updateResourceCount component/test_update_vm - - component/test_volumes component/test_vpc component/test_vpc_distributed_routing_offering - component/test_vpc_network component/test_vpc_offerings component/test_vpc_routers - component/test_vpn_users component/test_vpc_network_lbrules - - smoke/test_list_accounts smoke/test_list_disk_offerings smoke/test_list_domains - smoke/test_list_hosts smoke/test_list_service_offerings smoke/test_list_storage_pools - smoke/test_list_volumes + tests: [ "smoke/test_accounts + smoke/test_account_access + smoke/test_affinity_groups + smoke/test_affinity_groups_projects + smoke/test_annotations + smoke/test_async_job + smoke/test_attach_multiple_volumes + smoke/test_backup_recovery_dummy + smoke/test_certauthority_root + smoke/test_console_endpoint + smoke/test_create_list_domain_account_project + smoke/test_create_network + smoke/test_deploy_vgpu_enabled_vm + smoke/test_deploy_virtio_scsi_vm + smoke/test_deploy_vm_extra_config_data + smoke/test_deploy_vm_iso + smoke/test_deploy_vm_iso_uefi + smoke/test_deploy_vm_root_resize + smoke/test_deploy_vm_with_userdata + smoke/test_deploy_vms_in_parallel + smoke/test_deploy_vms_with_varied_deploymentplanners + smoke/test_restore_vm + smoke/test_diagnostics + smoke/test_direct_download + smoke/test_disk_offerings + smoke/test_disk_provisioning_types + smoke/test_domain_disk_offerings + smoke/test_domain_network_offerings + smoke/test_domain_service_offerings + smoke/test_domain_vpc_offerings", + "smoke/test_cluster_drs + smoke/test_dynamicroles + smoke/test_enable_account_settings_for_domain + smoke/test_enable_role_based_users_in_projects + smoke/test_events_resource + smoke/test_global_settings + smoke/test_guest_vlan_range + smoke/test_host_maintenance + smoke/test_hostha_kvm + smoke/test_hostha_simulator + smoke/test_internal_lb + smoke/test_ipv6_infra + smoke/test_iso + smoke/test_kubernetes_clusters + smoke/test_kubernetes_supported_versions + smoke/test_list_ids_parameter + smoke/test_loadbalance + smoke/test_login + smoke/test_2fa + smoke/test_metrics_api + smoke/test_migration + smoke/test_multipleips_per_nic + smoke/test_nested_virtualization + smoke/test_set_sourcenat + smoke/test_webhook_lifecycle + smoke/test_purge_expunged_vms + smoke/test_extension_lifecycle + smoke/test_extension_custom_action_lifecycle + smoke/test_extension_custom", + "smoke/test_network + smoke/test_network_acl + smoke/test_network_ipv6 + smoke/test_network_permissions + smoke/test_nic + smoke/test_nic_adapter_type + smoke/test_non_contigiousvlan + smoke/test_object_stores + smoke/test_outofbandmanagement + smoke/test_outofbandmanagement_nestedplugin + smoke/test_over_provisioning + smoke/test_password_server + smoke/test_persistent_network + smoke/test_portable_publicip + smoke/test_portforwardingrules + smoke/test_primary_storage + smoke/test_privategw_acl + smoke/test_privategw_acl_ovs_gre + smoke/test_projects + smoke/test_public_ip_range + smoke/test_pvlan + smoke/test_regions + smoke/test_register_userdata + smoke/test_reset_configuration_settings + smoke/test_reset_vm_on_reboot + smoke/test_resource_accounting + smoke/test_resource_detail + smoke/test_global_acls", + "smoke/test_router_dhcphosts + smoke/test_router_dns + smoke/test_router_dnsservice + smoke/test_routers + smoke/test_routers_iptables_default_policy + smoke/test_routers_network_ops + smoke/test_scale_vm + smoke/test_secondary_storage + smoke/test_service_offerings + smoke/test_snapshots + smoke/test_ssvm + smoke/test_staticroles + smoke/test_templates + smoke/test_update_security_group + smoke/test_usage + smoke/test_usage_events + smoke/test_vm_deployment_planner + smoke/test_vm_strict_host_tags + smoke/test_vm_schedule + smoke/test_deploy_vgpu_enabled_vm + smoke/test_vm_life_cycle + smoke/test_vm_lifecycle_unmanage_import + smoke/test_vm_snapshot_kvm + smoke/test_vm_snapshots + smoke/test_volumes + smoke/test_vpc_ipv6 + smoke/test_vpc_redundant + smoke/test_vpc_router_nics + smoke/test_vpc_vpn", + "component/find_hosts_for_migration + component/test_acl_isolatednetwork + component/test_acl_isolatednetwork_delete + component/test_acl_listsnapshot", + "component/test_acl_listvm + component/test_acl_listvolume", + "component/test_acl_sharednetwork + component/test_acl_sharednetwork_deployVM-impersonation + component/test_user_private_gateway + component/test_user_shared_network", + "component/test_affinity_groups_projects + component/test_allocation_states + component/test_assign_vm", + "component/test_concurrent_snapshots_limit + component/test_cpu_domain_limits + component/test_cpu_limits + component/test_cpu_max_limits + component/test_cpu_project_limits + component/test_deploy_vm_userdata_multi_nic + component/test_deploy_vm_lease", + "component/test_egress_fw_rules + component/test_invalid_gw_nm + component/test_ip_reservation", + "component/test_lb_secondary_ip + component/test_list_nics + component/test_list_pod + component/test_memory_limits", + "component/test_mm_domain_limits + component/test_mm_max_limits + component/test_mm_project_limits + component/test_network_offering + component/test_non_contiguous_vlan", + "component/test_persistent_networks + component/test_project_configs + component/test_project_limits + component/test_project_resources", + "component/test_project_usage + component/test_protocol_number_security_group + component/test_public_ip + component/test_resource_limits + component/test_resource_limit_tags", + "component/test_regions_accounts + component/test_routers + component/test_snapshots + component/test_stopped_vm + component/test_tags + component/test_templates + component/test_updateResourceCount + component/test_update_vm", + "component/test_volumes + component/test_vpc + component/test_vpc_distributed_routing_offering + component/test_vpc_network + component/test_vpc_offerings + component/test_vpc_routers + component/test_vpn_users + component/test_vpc_network_lbrules", + "smoke/test_list_accounts + smoke/test_list_disk_offerings + smoke/test_list_domains + smoke/test_list_hosts + smoke/test_list_service_offerings + smoke/test_list_storage_pools + smoke/test_list_volumes"] steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Setup Environment @@ -179,7 +290,7 @@ jobs: sudo systemctl restart mysql sudo mysql -uroot -e "SELECT VERSION();" - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: build-artifacts path: /tmp/artifacts/ @@ -233,7 +344,7 @@ jobs: run: | echo -e "Simulator CI Test Results: (only failures listed)\n" python3 ./tools/marvin/xunit-reader.py integration-test-results/ - - uses: codecov/codecov-action@v4 + - uses: codecov/codecov-action@v5 with: files: jacoco-coverage.xml fail_ci_if_error: true diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 74e59aa821d1..cb1fa88a1023 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,14 +35,14 @@ jobs: language: ["actions"] steps: - name: Checkout repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "Security" diff --git a/.github/workflows/docker-cloudstack-simulator.yml b/.github/workflows/docker-cloudstack-simulator.yml index af6cbf49f5ef..4ef700fd2c35 100644 --- a/.github/workflows/docker-cloudstack-simulator.yml +++ b/.github/workflows/docker-cloudstack-simulator.yml @@ -35,10 +35,10 @@ concurrency: jobs: build: if: github.repository == 'apache/cloudstack' - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - name: Login to Docker Registry - uses: docker/login-action@v2 + uses: docker/login-action@v4 with: registry: ${{ secrets.DOCKER_REGISTRY }} username: ${{ secrets.DOCKERHUB_USER }} @@ -47,7 +47,7 @@ jobs: - name: Set Docker repository name run: echo "DOCKER_REPOSITORY=apache" >> $GITHUB_ENV - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set ACS version run: echo "ACS_VERSION=$(grep '' pom.xml | head -2 | tail -1 | cut -d'>' -f2 |cut -d'<' -f1)" >> $GITHUB_ENV diff --git a/.github/workflows/main-sonar-check.yml b/.github/workflows/main-sonar-check.yml new file mode 100644 index 000000000000..d353a65a4aa2 --- /dev/null +++ b/.github/workflows/main-sonar-check.yml @@ -0,0 +1,49 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +name: Sonar Quality Check (Main) +permissions: + contents: read +on: + push: + branches: + - main +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} +jobs: + build: + if: github.repository == 'apache/cloudstack' + name: Sonar JaCoCo Coverage + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v6 + with: + fetch-depth: 0 + - name: Setup Environment + uses: ./.github/actions/setup-env + - name: Cache SonarCloud packages + uses: actions/cache@v5 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Install Non-OSS + uses: ./.github/actions/install-nonoss + - name: Run Build and Tests with Coverage + run: | + mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack diff --git a/.github/workflows/merge-conflict-checker.yml b/.github/workflows/merge-conflict-checker.yml index a997cb94ccc0..0c4523968a03 100644 --- a/.github/workflows/merge-conflict-checker.yml +++ b/.github/workflows/merge-conflict-checker.yml @@ -21,7 +21,7 @@ on: pull_request: types: [opened, synchronize, reopened] -permissions: # added using https://github.com/step-security/secure-workflows +permissions: # added using https://github.com/step-security/secure-workflows contents: read concurrency: @@ -31,14 +31,14 @@ concurrency: jobs: triage: permissions: - pull-requests: write # for eps1lon/actions-label-merge-conflict to label PRs - runs-on: ubuntu-22.04 + pull-requests: write # for eps1lon/actions-label-merge-conflict to label PRs + runs-on: ubuntu-24.04 steps: - - name: Conflict Check - uses: eps1lon/actions-label-merge-conflict@v2.0.0 - with: - repoToken: "${{ secrets.GITHUB_TOKEN }}" - dirtyLabel: "status:has-conflicts" - removeOnDirtyLabel: "status:ready-for-review" - continueOnMissingPermissions: true - commentOnDirty: "This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch." + - name: Conflict Check + uses: eps1lon/actions-label-merge-conflict@v3 + with: + repoToken: "${{ secrets.GITHUB_TOKEN }}" + dirtyLabel: "status:has-conflicts" + removeOnDirtyLabel: "status:ready-for-review" + continueOnMissingPermissions: true + commentOnDirty: "This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch." diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 11fe5c068814..9b9be48db67c 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -29,10 +29,10 @@ concurrency: jobs: pre-commit: name: Run pre-commit - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - name: Check Out - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Install run: | python -m pip install --upgrade pip diff --git a/.github/workflows/rat.yml b/.github/workflows/rat.yml index 64a137b7a1e5..7308fcadeaf2 100644 --- a/.github/workflows/rat.yml +++ b/.github/workflows/rat.yml @@ -26,9 +26,9 @@ permissions: contents: read jobs: build: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Setup Environment uses: ./.github/actions/setup-env - name: Install Non-OSS diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-check.yml index d7935d53db9c..9bff68510495 100644 --- a/.github/workflows/sonar-check.yml +++ b/.github/workflows/sonar-check.yml @@ -20,20 +20,17 @@ permissions: contents: read pull-requests: write on: - push: - branches: - - main pull_request: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} jobs: build: - if: github.repository == 'apache/cloudstack' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) + if: github.repository == 'apache/cloudstack' && github.event.pull_request.head.repo.full_name == github.repository name: Sonar JaCoCo Coverage - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Setup Environment @@ -53,8 +50,4 @@ jobs: PR_ID: ${{ github.event.pull_request.number }} HEADREF: ${{ github.event.pull_request.head.ref }} run: | - if [ "${{ github.event_name }}" == "pull_request" ]; then - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true - else - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack - fi + mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true diff --git a/.github/workflows/ui.yml b/.github/workflows/ui.yml index 56b04a6f9c96..210a383b4f44 100644 --- a/.github/workflows/ui.yml +++ b/.github/workflows/ui.yml @@ -28,13 +28,13 @@ permissions: jobs: build: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Node - uses: actions/setup-node@v5 + uses: actions/setup-node@v6 with: node-version: 16 @@ -55,7 +55,7 @@ jobs: npm run lint npm run test:unit - - uses: codecov/codecov-action@v4 + - uses: codecov/codecov-action@v5 if: github.repository == 'apache/cloudstack' with: working-directory: ui From b82d5c464f5b0b78cf7629b0cb53eda35d1a1e6f Mon Sep 17 00:00:00 2001 From: vishesh92 Date: Tue, 10 Mar 2026 12:17:11 +0530 Subject: [PATCH 3/5] add missing unitttest coverage --- .github/workflows/main-sonar-check.yml | 8 ++++++++ .github/workflows/sonar-check.yml | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/.github/workflows/main-sonar-check.yml b/.github/workflows/main-sonar-check.yml index d353a65a4aa2..420ceab037bb 100644 --- a/.github/workflows/main-sonar-check.yml +++ b/.github/workflows/main-sonar-check.yml @@ -47,3 +47,11 @@ jobs: - name: Run Build and Tests with Coverage run: | mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack + - uses: codecov/codecov-action@v5 + with: + files: ./client/target/site/jacoco-aggregate/jacoco.xml + fail_ci_if_error: true + flags: unittests + verbose: true + name: codecov + token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-check.yml index 9bff68510495..8b9cb00e3a2f 100644 --- a/.github/workflows/sonar-check.yml +++ b/.github/workflows/sonar-check.yml @@ -51,3 +51,11 @@ jobs: HEADREF: ${{ github.event.pull_request.head.ref }} run: | mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true + - uses: codecov/codecov-action@v5 + with: + files: ./client/target/site/jacoco-aggregate/jacoco.xml + fail_ci_if_error: true + flags: unittests + verbose: true + name: codecov + token: ${{ secrets.CODECOV_TOKEN }} From 1b23bd934d7fa8f551ffa872cea03e9a02e87e86 Mon Sep 17 00:00:00 2001 From: vishesh92 Date: Tue, 10 Mar 2026 13:16:31 +0530 Subject: [PATCH 4/5] Add caching for npm & fix ci.yml --- .github/workflows/ci.yml | 2 +- .github/workflows/ui.yml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8a08119e8955..f7d15b83d3d6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,7 +54,7 @@ jobs: - name: Archive artifacts run: | mkdir -p /tmp/artifacts - tar -czf /tmp/artifacts/targets.tar.gz $(find . -name "target" -type d) tools/marvin/dist + tar -czf /tmp/artifacts/targets.tar.gz $(find . -name "target" -type d) tools/marvin/dist engine/schema/dist utils/conf tar -czf /tmp/artifacts/m2-cloudstack.tar.gz -C ~/.m2/repository org/apache/cloudstack - name: Upload artifacts uses: actions/upload-artifact@v7 diff --git a/.github/workflows/ui.yml b/.github/workflows/ui.yml index 210a383b4f44..f4b175cf5be0 100644 --- a/.github/workflows/ui.yml +++ b/.github/workflows/ui.yml @@ -37,6 +37,8 @@ jobs: uses: actions/setup-node@v6 with: node-version: 16 + cache: 'npm' + cache-dependency-path: 'ui/package-lock.json' - name: Env details run: | From 83be6d7d847312921ca04ae4d62836738d2b25b2 Mon Sep 17 00:00:00 2001 From: vishesh92 Date: Tue, 10 Mar 2026 15:16:31 +0530 Subject: [PATCH 5/5] fixups --- .github/workflows/main-sonar-check.yml | 13 ++++++++++--- .github/workflows/pre-commit.yml | 12 ++++++++---- .github/workflows/sonar-check.yml | 11 ++++++++--- 3 files changed, 26 insertions(+), 10 deletions(-) diff --git a/.github/workflows/main-sonar-check.yml b/.github/workflows/main-sonar-check.yml index 420ceab037bb..1dbea040f685 100644 --- a/.github/workflows/main-sonar-check.yml +++ b/.github/workflows/main-sonar-check.yml @@ -36,6 +36,9 @@ jobs: fetch-depth: 0 - name: Setup Environment uses: ./.github/actions/setup-env + with: + install-python: 'true' + install-apt-deps: 'true' - name: Cache SonarCloud packages uses: actions/cache@v5 with: @@ -45,9 +48,13 @@ jobs: - name: Install Non-OSS uses: ./.github/actions/install-nonoss - name: Run Build and Tests with Coverage - run: | - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack - - uses: codecov/codecov-action@v5 + run: mvn -B -T$(nproc) -P developer,systemvm,quality -Dsimulator -Dnoredist clean install + - name: Upload to SonarQube + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -B -P quality org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.branch.name=${{ github.ref_name }} + - uses: codecov/codecov-action@v4 with: files: ./client/target/site/jacoco-aggregate/jacoco.xml fail_ci_if_error: true diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 9b9be48db67c..b74e7cd8bfbf 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -33,13 +33,17 @@ jobs: steps: - name: Check Out uses: actions/checkout@v6 + - name: Set up Python + uses: actions/setup-python@v6 + with: + python-version: '3.11' + cache: 'pip' - name: Install - run: | - python -m pip install --upgrade pip - pip install pre-commit + run: pip install pre-commit - name: Set PY run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV - - uses: actions/cache@v5 + - name: Cache pre-commit environments + uses: actions/cache@v5 with: path: ~/.cache/pre-commit key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }} diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-check.yml index 8b9cb00e3a2f..1acb72be4e19 100644 --- a/.github/workflows/sonar-check.yml +++ b/.github/workflows/sonar-check.yml @@ -26,7 +26,6 @@ concurrency: cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} jobs: build: - if: github.repository == 'apache/cloudstack' && github.event.pull_request.head.repo.full_name == github.repository name: Sonar JaCoCo Coverage runs-on: ubuntu-24.04 steps: @@ -35,6 +34,9 @@ jobs: fetch-depth: 0 - name: Setup Environment uses: ./.github/actions/setup-env + with: + install-python: 'true' + install-apt-deps: 'true' - name: Cache SonarCloud packages uses: actions/cache@v5 with: @@ -44,14 +46,17 @@ jobs: - name: Install Non-OSS uses: ./.github/actions/install-nonoss - name: Run Build and Tests with Coverage + run: mvn -B -T$(nproc) -P developer,systemvm,quality -Dsimulator -Dnoredist clean install + - name: Upload to SonarQube + if: github.repository == 'apache/cloudstack' && github.event.pull_request.head.repo.full_name == github.repository env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} PR_ID: ${{ github.event.pull_request.number }} HEADREF: ${{ github.event.pull_request.head.ref }} run: | - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true - - uses: codecov/codecov-action@v5 + mvn -B -P quality org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true + - uses: codecov/codecov-action@v4 with: files: ./client/target/site/jacoco-aggregate/jacoco.xml fail_ci_if_error: true