This lists and describes the repository GitHub actions.
add-milestone-to-pull-requests 🔗
Trigger: When a PR targeting master or a patch release (release/vM.N.x) branch is closed.
Action: Attach the corresponding milestone to the closed pull request (if not set).
Recovery: Attach the milestone by hand to the PR.
add-release-to-cloudfoundry 🔗
Trigger: When a release is published.
Action: Append the new release to the Cloud Foundry repository.
Recovery: Manually edit and push the index.yml file from the cloudfoundry branch.
create-next-milestone 🔗
Trigger: When closing a milestone.
Action: Create a new milestone by incrementing minor version.
Comment: Already done when closing a tag. To delete?
draft-release-notes-on-tag 🔗
Trigger: When creating a tag, or manually (providing a tag)
Actions:
- Fetch merged pull requests from the related tag milestone,
- Generate changelog draft,
- Create a new draft release for given tag with the generated changelog.
Recovery: Manually trigger the action again on the relevant tag.
increment-milestones-on-tag 🔗
Trigger: When creating a tag. Release Candidate tags containing "-RC" or "-rc" will skip this.
Actions:
- Close the milestone related to the tag,
- Create a new milestone by incrementing minor version.
Recovery: Manually close the related milestone and create a new one.
Notes: This actions will handle minor releases only. As there is no milestone for patch releases, it won't close and create patch releated milestone.
update-download-releases 🔗
Trigger: When a release is published.
Action: Update the download releases with the latest release artifact.
Recovery: Download artifacts and upload them manually to the related download release.
Notes: Download releases are special GitHub releases with fixed URL and tags, but rolling artifacts to provided stable download links (ex latest and latest-v1).
update-issues-on-release 🔗
Trigger: When a release is published. Releases of type prereleased should skip this.
Action:
- Find all issues related to the release by checking the related milestone,
- Add a comment to let know the issue was addressed by the newly published release,
- Close all those issues.
Recovery: Check at the milestone for the related issues and update them manually.
ci-static-analysis 🔗
Trigger: When pushing commits to master or any pull request to master.
Actions: Run DataDog Static Analysis and upload result to DataDog Code Analysis.
comment-on-submodule-update 🔗
Trigger: When creating a PR commits to master or a release/* branch with a Git Submodule update.
Action: Notify the PR author through comments that about the Git Submodule update.
codeql-analysis 🔗
Trigger: When pushing commits to master.
Action: Run GitHub CodeQL action, upload result to GitHub security tab and DataDog Code Analysis.
update-gradle-dependencies 🔗
Trigger: Every week or manually.
Action: Create a PR updating the Grade dependencies and their locking files.
Recovery: Manually trigger the action again.
trivy-analysis 🔗
Trigger: When pushing commits to master or any pull request to master.
Action: Run Trivy security scanner on built artifacts and upload result to GitHub security tab.
gradle-wrapper-validation 🔗
DISABLED - GitHub provides a way to disable actions rather than changing their extensions.
Comment: To delete?
lib-injection-prune-registry 🔗
Trigger: Every week or manually.
Action: Clean up old lib-injection Docker images from GHCR.
Recovery: Manually trigger the action again.