feat(hub): add implementation for policy hub (#5)

* Implementation of the policy hub api * add release workflows * add helm chart * add quality checks for pull requests -------------- Reviewed-By: Evelyn Gurschler <[email protected]> Refs: CPLP-3362
eclipse-tractusx · Dec 11, 2023 · 0b5433a · 0b5433a
1 parent 054effe
commit 0b5433a
Show file tree

Hide file tree

Showing 136 changed files with 8,909 additions and 71 deletions.
diff --git a/.editorconfig b/.editorconfig
@@ -148,7 +148,7 @@ dotnet_diagnostic.RS2008.severity = none
 
 # IDE0073: File header
 dotnet_diagnostic.IDE0073.severity = warning
-#file_header_template = /********************************************************************************\n * Copyright (c) 2021,2022 BMW Group AG\n * Copyright (c) 2021,2022 Contributors to the CatenaX (ng) GitHub Organisation.\n *\n * \nSee the NOTICE file(s) distributed with this work for additional\n * information regarding copyright ownership.\n *\n * This program and the accompanying materials are made available under the\n * terms of the \nApache License, Version 2.0 which is available at\n * https://www.apache.org/licenses/LICENSE-2.0.\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License \nis distributed on an "AS IS" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the\n * License for the specific language governing permissions and limitations\n * under the \nLicense. *\n * SPDX-License-Identifier: Apache-2.0\n ********************************************************************************/\n
+#file_header_template = /********************************************************************************\n * Copyright (c) 2021,2022 Contributors to the CatenaX (ng) GitHub Organisation.\n *\n * \nSee the NOTICE file(s) distributed with this work for additional\n * information regarding copyright ownership.\n *\n * This program and the accompanying materials are made available under the\n * terms of the \nApache License, Version 2.0 which is available at\n * https://www.apache.org/licenses/LICENSE-2.0.\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License \nis distributed on an "AS IS" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the\n * License for the specific language governing permissions and limitations\n * under the \nLicense. *\n * SPDX-License-Identifier: Apache-2.0\n ********************************************************************************/\n
 
 # IDE0035: Remove unreachable code
 dotnet_diagnostic.IDE0035.severity = warning

diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -22,3 +22,4 @@ Please delete options that are not relevant.
 - [ ] I have added tests that prove my changes work
 - [ ] I have checked that new and existing tests pass locally with my changes
 - [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have added copyright and license headers, footers (for .md files) or files (for images)
diff --git a/.github/workflows/dependencies.yaml → .github/workflows/dependencies.yml b/.github/workflows/dependencies.yaml → .github/workflows/dependencies.yml
diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml
@@ -20,16 +20,16 @@
 name: "KICS"
 
 on:
-  # push:
-  #   branches: [main, dev]
+  push:
+    branches: [main, dev]
   # pull_request:
   # The branches below must be a subset of the branches above
   # branches: [main, dev]
   # paths-ignore:
   #   - "**/*.md"
   #   - "**/*.txt"
-  # schedule:
-  #   - cron: "0 0 * * *"
+  schedule:
+    - cron: "0 0 * * *"
   workflow_dispatch:
 
 jobs:

diff --git a/.github/workflows/lint-pull-request.yml b/.github/workflows/lint-pull-request.yml
@@ -0,0 +1,61 @@
+# #############################################################################
+# Copyright (c) 2023 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# #############################################################################
+
+name: "Lint PullRequest"
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - edited
+      - synchronize
+
+jobs:
+  main:
+    name: Validate PR title
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@v5
+        id: lint_pr_title
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: marocchino/sticky-pull-request-comment@v2
+        # When the previous steps fail, the workflow would stop. By adding this
+        # condition you can continue the execution with the populated error message.
+        if: always() && (steps.lint_pr_title.outputs.error_message != null)
+        with:
+          header: pr-title-lint-error
+          message: |
+            Hey there and thank you for opening this pull request! 👋🏼
+            
+            We require pull request titles to follow the [Conventional Commits specification](https://www.conventionalcommits.org/en/v1.0.0/) and it looks like your proposed title needs to be adjusted.
+
+            Details:
+            
+            ```
+            ${{ steps.lint_pr_title.outputs.error_message }}
+            ```
+
+      # Delete a previous comment when the issue has been resolved
+      - if: ${{ steps.lint_pr_title.outputs.error_message == null }}
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          header: pr-title-lint-error
+          delete: true
diff --git a/.github/workflows/policy-hub-chart-test.yml b/.github/workflows/policy-hub-chart-test.yml
@@ -0,0 +1,119 @@
+###############################################################
+# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+name: PolicyHub Lint and Test Chart
+
+on:
+  push:
+    paths:
+      - 'charts/policy-hub/**'
+    branches: [main, dev, release-candidate]
+  pull_request:
+    paths:
+      - 'charts/policy-hub/**'
+  workflow_dispatch:
+    inputs:
+      node_image:
+        description: 'kindest/node image for k8s kind cluster'
+        # k8s version from 3.1 release as default
+        default: 'kindest/node:v1.27.3'
+        required: false
+        type: string
+      upgrade_from:
+        description: 'policyhub chart version to upgrade from'
+        # tbd
+        default: '0.1.0'
+        required: false
+        type: string
+
+jobs:
+
+  lint-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Kubernetes KinD Cluster
+        uses: container-tools/kind-action@v1
+        with:
+          # upgrade version, default (v0.17.0) uses node image v1.21.1 and doesn't work with more recent node image versions
+          version: v0.20.0
+          # default value for event_name != workflow_dispatch
+          node_image: ${{ github.event.inputs.node_image || 'kindest/node:v1.27.3' }}
+
+      - name: Build migration image
+        id: build-migration-image
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          file: docker/Dockerfile-policy-hub-migrations
+          push: true
+          tags: kind-registry:5000/policy-hub-migrations:testing
+
+      - name: Build service image
+        id: build-service-image
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          file: docker/Dockerfile-policy-hub-service
+          push: true
+          tags: kind-registry:5000/policy-hub-service:testing
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v3
+        with:
+          version: v3.9.3
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: '3.9'
+          check-latest: true
+
+      - name: Set up chart-testing
+        uses: helm/[email protected]
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
+          if [[ -n "$changed" ]]; then
+            echo "changed=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Run chart-testing (lint)
+        run: ct lint --validate-maintainers=false --target-branch ${{ github.event.repository.default_branch }}
+
+      - name: Run service chart-testing (install)
+        run: ct install --charts charts/policy-hub --config charts/chart-testing-config.yaml --helm-extra-set-args "--set=policyhub.image=kind-registry:5000/policy-hub-service:testing --set=policyhubmigrations.image=kind-registry:5000/policy-hub-migrations:testing"
+        if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
+
+        # currently the update is commented out, at the moment we're working for the initial version, after that the update will be enabled
+        # Upgrade the released chart version with the locally available chart
+        # default value for event_name != workflow_dispatch
+        # - name: Run helm upgrade
+        #   run: |
+        #     helm repo add bitnami https://charts.bitnami.com/bitnami
+        #     helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
+        #     helm install policy-hub-service tractusx-dev/policy-hub-service --version ${{ github.event.inputs.upgrade_from || '1.0.0' }} 
+        #     helm dependency update charts/policy-hub-service
+        #     helm upgrade policy-hub-service charts/policy-hub-service
+        #   if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
diff --git a/.github/workflows/policy-hub-migrations.yml b/.github/workflows/policy-hub-migrations.yml
@@ -17,21 +17,21 @@
 # SPDX-License-Identifier: Apache-2.0
 ###############################################################
 
-name: Portal-Migrations
+name: PolicyHub-Migrations
 
 on: 
-  # push:
-  #   paths:
-  #     # service and transitive paths
-  #     - 'src/database/PolicyHub.Migrations/**'
-  #     - 'src/database/PolicyHub.PortalEntities/**'
-  #     # workflow file
-  #     - '.github/workflows/policy-hub-migrations.yml'
-  #     # dockerfile
-  #     - 'docker/Dockerfile-policy-hub-migrations'
+  push:
+    paths:
+      # service and transitive paths
+      - 'src/database/PolicyHub.Migrations/**'
+      - 'src/database/PolicyHub.Entities/**'
+      # workflow file
+      - '.github/workflows/policy-hub-migrations.yml'
+      # dockerfile
+      - 'docker/Dockerfile-policy-hub-migrations'
 
-  #   branches:
-  #     - 'dev'
+    branches:
+      - 'dev'
   workflow_dispatch:
 
 env:
@@ -90,5 +90,3 @@ jobs:
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
           repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
           readme-filepath: "./docker/notice-policy-hub-migrations.md"
-
-  # build chart
diff --git a/.github/workflows/policy-hub-service.yml b/.github/workflows/policy-hub-service.yml
@@ -17,20 +17,20 @@
 # SPDX-License-Identifier: Apache-2.0
 ###############################################################
 
-name: Administration-Service
+name: PolicyHub-Service
 
 on:
-  # push:
-  #   paths:
-  #     # service and transitive paths
-  #     - 'src/**'
-  #     # workflow file
-  #     - '.github/workflows/policy_hub-service.yml'
-  #     # dockerfile
-  #     - 'docker/Dockerfile-policy-hub-service'
+  push:
+    paths:
+      # service and transitive paths
+      - 'src/**'
+      # workflow file
+      - '.github/workflows/policy-hub-service.yml'
+      # dockerfile
+      - 'docker/Dockerfile-policy-hub-service'
 
-  #   branches:
-  #     - 'dev'
+    branches:
+      - 'dev'
   workflow_dispatch:
 
 env:
@@ -89,5 +89,3 @@ jobs:
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
           repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
           readme-filepath: "./docker/notice-policy-hub-service.md"
-
-      # build chart