* update copyright for new files only if not matching existing patterns
* scripts too
* scripts all use Besu copyright
Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com>
---------
Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com>
* don't try to import to an existing db
* deprecated task
* testutil subproject hit a sonar bug
---------
Signed-off-by: Justin Florentine <justin+github@florentine.us>
* Changes to release workflow
- Workflow environment variable changed to RELEASE_VERSION instead of RELEASE_NAME to make it more meaningful
- Workflows draft-release and docker-promote previously trigger workflow container-verify. This can result in trigger is successful but actual verification workflow fails. This will not be reflected in the draft-release and docker-promote workflows. Container verify code is embedded in the draft-release and docker-promote workflows to avoid this confusion
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
* PR comment improvements
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
* Match the only tags starting with word latest for latest check
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
---------
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Co-authored-by: Simon Dudley <simon.dudley@consensys.net>
Previously GitHub release will be created which triggers building and publishing the artifacts. Release engineers found workflow could fail after the GitHub release created. Community may subscribed to GitHub releases but if the workflow failed, artifacts for the release would not available.
Proposed solution requires release engineer to run a GitHub workflow manually by providing the Git tag which creates a draft GitHub release. During this workflow, release artifacts binary distribution, docker images (not latest), Artifactory jars created and published. Release engineer can update the release notes in draft release and publish the release. At the time when the release is published, release engineer is confident all the artifacts are ready. Upon publishing the release, another workflow is triggered to promote the release version of docker images to latest
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Co-authored-by: Simon Dudley <simon.dudley@consensys.net>
* Release checklist update
More details on homebrew and docs releases in release checklist issue template
Co-authored-by: Simon Dudley <simon.dudley@consensys.net>
Signed-off-by: Chaminda Divitotawela <cdivitotawela@users.noreply.github.com>
* Remove release creation for besu-docs from checklist
It has been agreed there is no value creating releases in the hyperledger/besu-docs repo. Remove the related instruction from checklist
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
---------
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Signed-off-by: Chaminda Divitotawela <cdivitotawela@users.noreply.github.com>
Co-authored-by: Simon Dudley <simon.dudley@consensys.net>
Container verification step in release process automated with the container verify GitHub workflow. New workflow is triggered at the end of the release workflow which will check the release container images starts successfully. Verification test only checks container starts and reach the Ethereum main loop
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Trivy scan result upload to GitHub fails due to permission issue. Added permission security-events=write to the workflow file as a fix. Since workflow permission explicitly defined, it requires contents=read explicity set as well
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Release workflow publish step was missing the depepndency of artifacts jobs. Due to this reason it could not collect the artifact hashes from the artifacts job. This was introduced in the release workflow consolidation
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Repository follow standard to use git hash to pin the GitHub actions. Updated the container security scan workflow actions with their git hashes
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Container security scanning workflow added. This runs on schedule everyday. Also possible to run on-demand for a given image tag
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
Co-authored-by: Justin Florentine <justin+github@florentine.us>
* build: Update jacoco version to 0.8.11
* build: Enforce Java 21 and above check for build
* CI: Use Java 21 in Github CI workflows
* CI: Use Java 21 in circleci workflows
* build: Update gradle verification metadata for jacoco 0.8.11
* refactor: Fix javadoc related warnings which are applicable to Java 21
* fix(test): BackwardSyncAlgSpec slightly increase timeout to pass it in CI
---------
Signed-off-by: Usman Saleem <usman@usmans.info>
DCO App not working and needed to be disabled the check.
Introducing DCO GitHub action workflow to validate the commit signatures.
Closes#7175
Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Signed-off-by: Ry Jones <ry@linux.com>
Now that the arm64 runners are re-created with the ubuntu 22.04 image,
docker and other tools are available.
See #7053 and #7171fixes#7026
Signed-off-by: Sean Young <sean@mess.org>
Co-authored-by: Simon Dudley <simon.dudley@consensys.net>
