Skip to content

Document that GHA workflows are moved to gha/v0 #455

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
vy wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Document that GHA workflows are moved to gha/v0 #455

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
c571b82
Exclude `.logging-parent-bom-activator` in RAT configuration
vy Apr 12, 2026
b286024
Group dependabot updates and make them monthly
vy Apr 12, 2026
040106b
Per apache/logging-log4j2#3989, disable commit signatures
vy Apr 12, 2026
40adc03
Document that GHA workflows are moved to `gha/v0`
vy Apr 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 18 additions & 3 deletions .asf.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
#

# `.asf.yaml` is a branch-specific YAML configuration file for Git repositories to control features such as notifications, GitHub settings, etc.
# See its documentation for details: https://cwiki.apache.org/confluence/display/INFRA/Git+-+.asf.yaml+features
# See its documentation for details: https://github.com/apache/infrastructure-asfyaml

# Bare minimum `notifications` to
#
Expand Down Expand Up @@ -63,9 +63,24 @@ github:

# Prevent force pushes to primary branches
protected_branches:

main:
# All commits must be signed
required_signatures: true
# All reviews must be addressed before merging
required_conversation_resolution: true
# Require checks to pass before merging
required_status_checks:
checks:
# The GitHub Actions app: 15368
- app_id: 15368
context: "build / build (ubuntu-latest)"
# The GitHub Advanced Security app: 57789
- app_id: 57789
context: "CodeQL"
# At least one positive review must be present
required_pull_request_reviews:
required_approving_review_count: 1

gha/v0:
# All reviews must be addressed before merging
required_conversation_resolution: true
# Require checks to pass before merging
Expand Down
43 changes: 30 additions & 13 deletions .github/dependabot.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,33 +17,50 @@

version: 2

# Add Maven Central explicitly to work around:
# https://github.com/dependabot/dependabot-core/issues/8329
registries:
maven-central:
type: maven-repository
url: https://repo.maven.apache.org/maven2

updates:

# region `main` updates

- package-ecosystem: maven
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
interval: monthly
groups:
dependencies:
patterns: [ "*" ]
target-branch: "main"
registries:
- maven-central

- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily
interval: monthly
Copy link
Copy Markdown
Contributor

@ppkarwasz ppkarwasz Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GitHub Actions might need to be updated more often than monthly, but I would apply the recommended cooldown period. In our case, the cooldown period allows the INFRA team to review and allow the new version of the action.

Suggested change
interval: monthly
interval: weekly
cooldown:
default-days: 7

groups:
dependencies:
patterns: [ "*" ]
target-branch: "main"

- package-ecosystem: npm
directory: "/"
schedule:
interval: monthly
groups:
all:
patterns:
- "*"
dependencies:
patterns: [ "*" ]
target-branch: "main"

# endregion

# region `gha/v0` updates

- package-ecosystem: github-actions
directory: "/"
schedule:
interval: monthly
Comment on lines +59 to +60
Copy link
Copy Markdown
Contributor

@ppkarwasz ppkarwasz Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above: weekly, but with a cooldown.

Suggested change
schedule:
interval: monthly
schedule:
interval: weekly
cooldown:
default-days: 7

groups:
dependencies:
patterns: [ "*" ]
target-branch: "gha/v0"

# endregion
214 changes: 0 additions & 214 deletions .github/workflows/build-reusable.yaml
View file
Open in desktop

This file was deleted.

11 changes: 3 additions & 8 deletions .github/workflows/build.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,9 @@ on:
- "main"
- "release/*"
paths-ignore:
- "**.adoc"
- "**.md"
- "**.txt"
pull_request:
paths-ignore:
- "**.adoc"
- "**.md"
- "**.txt"

# If the branch is `main`, run once per commit.
# If the branch is `release/*`, allow only one concurrent run.
Expand All @@ -46,14 +41,14 @@ jobs:

build:
if: github.actor != 'dependabot[bot]'
uses: ./.github/workflows/build-reusable.yaml
uses: apache/logging-parent/.github/workflows/build-reusable.yaml@gha/v0
with:
site-enabled: true

deploy-snapshot:
needs: build
if: github.repository == 'apache/logging-parent' && github.ref_name == 'main'
uses: ./.github/workflows/deploy-snapshot-reusable.yaml
uses: apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@gha/v0
# Secrets for deployments
secrets:
NEXUS_USERNAME: ${{ secrets.NEXUS_USER }}
Expand All @@ -62,7 +57,7 @@ jobs:
deploy-release:
needs: build
if: github.repository == 'apache/logging-parent' && startsWith(github.ref_name, 'release/')
uses: ./.github/workflows/deploy-release-reusable.yaml
uses: apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@gha/v0
# Secrets for deployments
secrets:
GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
Expand Down
Loading
Loading