From 47b81c785c9ceb1dfa1d5eeadac93bcc077d78e5 Mon Sep 17 00:00:00 2001 From: Timo Gasda <2446349+timogasda@users.noreply.github.com> Date: Wed, 20 Jul 2022 10:07:51 +0200 Subject: [PATCH 01/53] chore: Add common build and test workflow (#2) Also adds a CODEOWNERS file --- CODEOWNERS | 1 + workflows/build-lint-test.yml | 30 ++++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 CODEOWNERS create mode 100644 workflows/build-lint-test.yml diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 00000000..c001ec89 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1 @@ +* @cloudscape-design/cloudscape-dev diff --git a/workflows/build-lint-test.yml b/workflows/build-lint-test.yml new file mode 100644 index 00000000..967e6fe5 --- /dev/null +++ b/workflows/build-lint-test.yml @@ -0,0 +1,30 @@ +name: Build, lint and test + +on: + workflow_dispatch: + pull_request: + branches: + - main + +permissions: + contents: read + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Use Node.js 14.x + uses: actions/setup-node@v2 + with: + node-version: 14.x + - run: npm i + - run: npm run lint + - run: npm run build + - run: npm run test + if: {{ github.repository != 'cloudscape-design/components' }} + - run: npm run test:unit + if: {{ github.repository == 'cloudscape-design/components' }} + - name: Codecov + uses: codecov/codecov-action@v1.5.2 From 112f72f5d9adb8706c8355f7f793f99a94c6d11e Mon Sep 17 00:00:00 2001 From: Timo Gasda <2446349+timogasda@users.noreply.github.com> Date: Wed, 20 Jul 2022 16:10:18 +0200 Subject: [PATCH 02/53] chore: Move common workflows to .github folder (#3) --- {workflows => .github/workflows}/build-lint-test.yml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) rename {workflows => .github/workflows}/build-lint-test.yml (62%) diff --git a/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml similarity index 62% rename from workflows/build-lint-test.yml rename to .github/workflows/build-lint-test.yml index 967e6fe5..55e2725c 100644 --- a/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -1,10 +1,7 @@ name: Build, lint and test on: - workflow_dispatch: - pull_request: - branches: - - main + workflow_call: permissions: contents: read @@ -23,8 +20,8 @@ jobs: - run: npm run lint - run: npm run build - run: npm run test - if: {{ github.repository != 'cloudscape-design/components' }} + if: ${{ github.repository != 'cloudscape-design/components' }} - run: npm run test:unit - if: {{ github.repository == 'cloudscape-design/components' }} + if: ${{ github.repository == 'cloudscape-design/components' }} - name: Codecov - uses: codecov/codecov-action@v1.5.2 + uses: codecov/codecov-action@v3 From 9516b945027d211474fad8e23d0e0d94c1da5774 Mon Sep 17 00:00:00 2001 From: Timo Gasda <2446349+timogasda@users.noreply.github.com> Date: Thu, 21 Jul 2022 10:32:22 +0200 Subject: [PATCH 03/53] Move remaining workflows and actions to this repository (#4) --- .github/actions/build-package/action.yml | 113 ++++++++++++++ .../patch-local-dependencies/action.yml | 23 +++ .../patch-local-dependencies/local.mjs | 5 + .../actions/patch-local-dependencies/next.mjs | 3 + .../patch-local-dependencies/utils.mjs | 106 +++++++++++++ .github/actions/release-package/action.yml | 17 ++ .github/actions/release-package/index.mjs | 67 ++++++++ .github/workflows/dry-run.yml | 146 ++++++++++++++++++ .github/workflows/release.yml | 48 ++++++ 9 files changed, 528 insertions(+) create mode 100644 .github/actions/build-package/action.yml create mode 100644 .github/actions/patch-local-dependencies/action.yml create mode 100644 .github/actions/patch-local-dependencies/local.mjs create mode 100644 .github/actions/patch-local-dependencies/next.mjs create mode 100644 .github/actions/patch-local-dependencies/utils.mjs create mode 100644 .github/actions/release-package/action.yml create mode 100644 .github/actions/release-package/index.mjs create mode 100644 .github/workflows/dry-run.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml new file mode 100644 index 00000000..c4ca94fc --- /dev/null +++ b/.github/actions/build-package/action.yml @@ -0,0 +1,113 @@ +name: "Build dependency package locally" +description: "Checks out a dependency package locally and updates all references to it" +inputs: + package: + description: "Name of the package" + required: true + download_dependencies: + description: "Whether to download dependencies" + default: "false" + skip_build: + description: "Whether to skip the build" + default: "false" + skip_tests: + description: "Whether to skip the tests" + default: "false" + target_artifact: + description: "Name of the artifact that will be uploaded" + default: "dependencies" + artifact_path: + description: "Path or pattern for the artifact files that should be uploaded" + +runs: + using: "composite" + steps: + - name: Clone + uses: actions/checkout@v2 + with: + repository: cloudscape-design/${{ inputs.package }} + path: ${{ inputs.package }} + - name: Use Node.js 14.x + uses: actions/setup-node@v2 + with: + node-version: 14.x + + - name: Download artifacts + if: ${{ inputs.download_dependencies == 'true' }} + uses: actions/download-artifact@v2 + with: + name: dependencies + + - run: cd ${{ inputs.package }} + shell: bash + + - uses: cloudscape-design/.github/.github/actions/patch-local-dependencies@main + with: + path: ${{ github.workspace }}/${{ inputs.package }} + type: local + + - name: npm install + shell: bash + run: npm i + working-directory: ${{ inputs.package }} + - name: Build + if: ${{ inputs.skip_build != 'true' }} + shell: bash + run: npm run build + working-directory: ${{ inputs.package }} + - name: Test + if: ${{ inputs.skip_tests != 'true' }} + shell: bash + run: npm test + working-directory: ${{ inputs.package }} + - name: Pack artifacts + if: ${{ inputs.package != 'components' && inputs.package != 'test-utils' && inputs.package != 'theming-core' }} + shell: bash + working-directory: ${{ inputs.package }} + run: | + npm pack + cp *-${{ inputs.package }}-*.tgz $GITHUB_WORKSPACE/${{ inputs.package }}.tgz + + - name: Pack test-utils artifacts + if: ${{ inputs.package == 'test-utils' }} + shell: bash + working-directory: ${{ inputs.package }} + run: | + cd packages/core + npm pack + cp *-test-utils-core-*.tgz $GITHUB_WORKSPACE + cd ../converter + npm pack + echo $GITHUB_WORKSPACE + cp *-test-utils-converter-*.tgz $GITHUB_WORKSPACE + cd $GITHUB_WORKSPACE + mv *-test-utils-converter-*.tgz test-utils-converter.tgz + mv *-test-utils-core-*.tgz test-utils-core.tgz + + - name: Pack theming-core artifacts + if: ${{ inputs.package == 'theming-core' }} + shell: bash + working-directory: ${{ inputs.package }} + run: | + cd lib/browser + npm pack + cp *-theming-runtime-*.tgz $GITHUB_WORKSPACE + cd ../node + npm pack + echo $GITHUB_WORKSPACE + cp *-theming-build-*.tgz $GITHUB_WORKSPACE + cd $GITHUB_WORKSPACE + mv *-theming-build-*.tgz theming-build.tgz + mv *-theming-runtime-*.tgz theming-runtime.tgz + + - name: Package component files + if: ${{ inputs.package == 'components' }} + shell: bash + working-directory: ${{ inputs.package }} + run: tar -czf ../components.tgz --strip-components=1 . + + - name: Upload artifacts + uses: actions/upload-artifact@v2 + with: + name: ${{ inputs.target_artifact }} + path: ${{ inputs.artifact_path || format('{0}*.tgz', inputs.package) }} diff --git a/.github/actions/patch-local-dependencies/action.yml b/.github/actions/patch-local-dependencies/action.yml new file mode 100644 index 00000000..a369f1bf --- /dev/null +++ b/.github/actions/patch-local-dependencies/action.yml @@ -0,0 +1,23 @@ +name: "Patch package.json with local dependencies" +description: "Modifies the current package.json to point to local repositories instead" +inputs: + path: + description: "Root directory of the package that should be updated" + required: true + type: + description: 'How the dependencies should change. Possible values: "local" (to consume local tarballs), and "next" (to consume from pre-release CodeArtifact)' + default: "local" + required: false +runs: + using: "composite" + steps: + - name: Use Node.js 14.x + uses: actions/setup-node@v2 + with: + node-version: 14.x + - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/local.mjs + if: ${{ inputs.type == 'local' }} + shell: bash + - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/next.mjs + if: ${{ inputs.type == 'next' }} + shell: bash diff --git a/.github/actions/patch-local-dependencies/local.mjs b/.github/actions/patch-local-dependencies/local.mjs new file mode 100644 index 00000000..23026a81 --- /dev/null +++ b/.github/actions/patch-local-dependencies/local.mjs @@ -0,0 +1,5 @@ +import { updatePackageJsons } from './utils.mjs'; + +updatePackageJsons( + (packageName) => `file:${process.env.GITHUB_WORKSPACE}/${packageName.replace('@cloudscape-design/', '')}.tgz` +); diff --git a/.github/actions/patch-local-dependencies/next.mjs b/.github/actions/patch-local-dependencies/next.mjs new file mode 100644 index 00000000..8f7e67a8 --- /dev/null +++ b/.github/actions/patch-local-dependencies/next.mjs @@ -0,0 +1,3 @@ +import { updatePackageJsons } from './utils.mjs'; + +updatePackageJsons(() => 'next'); diff --git a/.github/actions/patch-local-dependencies/utils.mjs b/.github/actions/patch-local-dependencies/utils.mjs new file mode 100644 index 00000000..7d6a0723 --- /dev/null +++ b/.github/actions/patch-local-dependencies/utils.mjs @@ -0,0 +1,106 @@ +import path from 'path'; +import fs from 'fs'; + +const inputs = { + path: process.env.INPUT_PATH, +}; + +function findPackageFiles(directory) { + const files = []; + + if (!fs.existsSync(directory)) { + return []; + } + + ['package.json', 'package-lock.json'].forEach(fileName => { + const packageJson = path.join(directory, fileName); + if (fs.existsSync(packageJson)) { + files.push(packageJson); + } + }); + + return files; +} + +function findAllPackageJsons() { + const files = []; + + if (!inputs.path || !fs.existsSync(inputs.path)) { + console.error(`Invalid input path: ${inputs.path}`); + process.exit(1); + } + + const mainPackageJsons = findPackageFiles(inputs.path); + if (mainPackageJsons.length) { + files.push(...mainPackageJsons); + } + + const subPackagesPath = path.join(inputs.path, 'packages'); + if (fs.existsSync(subPackagesPath)) { + fs.readdirSync(subPackagesPath).forEach(fileName => { + const filePath = path.join(subPackagesPath, fileName); + if (fs.statSync(filePath).isDirectory()) { + const packageJsons = findPackageFiles(filePath); + if (packageJsons) { + files.push(...packageJsons); + } + } + }); + } + + return files; +} + +function updateDependencyVersions(dependencies, newVersion, sourcePackageName) { + if (!dependencies) { + return; + } + + const updatedDependencies = {}; + + Object.keys(dependencies) + .filter(packageName => packageName.startsWith('@cloudscape-design/')) + .forEach(packageName => { + const isPackageLock = typeof dependencies[packageName] !== 'string'; + const previousVersion = isPackageLock ? dependencies[packageName].version : dependencies[packageName]; + + // Skip local file dependencies + if (previousVersion.startsWith('file:')) { + return; + } + + // Don't touch this local lerna dependency in test-utils-converter + if (sourcePackageName === '@cloudscape-design/test-utils-converter' && packageName === '@cloudscape-design/test-utils-core') { + return; + } + + const nextVersion = typeof newVersion === 'function' ? newVersion(packageName) : newVersion; + + if (isPackageLock) { + updatedDependencies[packageName] = { ...dependencies[packageName], version: nextVersion }; + + // Remove some additional keys for package-lock.json files + delete updatedDependencies[packageName].resolved; + delete updatedDependencies[packageName].integrity; + } else { + updatedDependencies[packageName] = nextVersion; + } + }); + + return { ...dependencies, ...updatedDependencies }; +} + +export function updatePackageJsons(newVersion) { + const packageJsons = findAllPackageJsons(); + packageJsons.forEach(filePath => { + const packageJson = JSON.parse(fs.readFileSync(filePath)); + const packageName = packageJson.name; + + ['dependencies', 'devDependencies'].forEach(dependencyKey => { + const newDeps = updateDependencyVersions(packageJson[dependencyKey], newVersion, packageName); + packageJson[dependencyKey] = newDeps; + }); + + fs.writeFileSync(filePath, JSON.stringify(packageJson, null, 2)); + }); +} diff --git a/.github/actions/release-package/action.yml b/.github/actions/release-package/action.yml new file mode 100644 index 00000000..3b0f9c4d --- /dev/null +++ b/.github/actions/release-package/action.yml @@ -0,0 +1,17 @@ +name: "Publish package to internal CodeArtifact" +description: "Publishes the current package to an internal CodeArtifact on a pre-release tag" +runs: + using: "composite" + steps: + - name: Use Node.js 14.x + uses: actions/setup-node@v2 + with: + node-version: 14.x + + - name: Define new version suffix + id: vars + run: echo "::set-output name=version_suffix::-next-build.$(git rev-parse --short HEAD)" + shell: bash + + - run: INPUT_PATH=${{ github.workspace }} INPUT_SUFFIX=${{ steps.vars.outputs.version_suffix }} node ${{ github.action_path }}/index.mjs + shell: bash diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs new file mode 100644 index 00000000..c548ae34 --- /dev/null +++ b/.github/actions/release-package/index.mjs @@ -0,0 +1,67 @@ +import path from 'path'; +import { execSync } from 'child_process'; +import { existsSync, readFileSync, writeFileSync } from 'fs'; + +const inputs = { + path: process.env.INPUT_PATH, + suffix: process.env.INPUT_SUFFIX, +}; + +// The main packags should publish to next, and dev forks to next-dev +const branchName = process.env.GITHUB_REF_TYPE === 'branch' ? process.env.GITHUB_REF_NAME : ''; +const publishTag = branchName.startsWith('dev-v3-') ? branchName : 'next'; + +const subPackages = { + 'components': [ + 'lib/components', + 'lib/style-dictionary', + 'lib/components-themeable', + 'lib/dev-pages', + 'lib/components-definitions', + ], + 'theming-core': ['lib/node', 'lib/browser'], + 'test-utils': ['packages/core', 'packages/converter'], +}; + +function releasePackage(packagePath) { + const packageJsonPath = path.join(packagePath, 'package.json'); + + // Update version in the package.json file + const packageJson = JSON.parse(readFileSync(packageJsonPath)); + packageJson.version += inputs.suffix; + writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2)); + + // Publish to CodeArtifact + console.info(`Publishing package ${packageJson.name} version ${packageJson.version} to dist-tag ${publishTag}`); + + try { + execSync(`npm publish --tag ${publishTag}`, { stdio: 'inherit', cwd: packagePath }); + } catch (e) { + console.error('Error while publishing:', e.stderr.toString()); + } +} + +function main() { + const basePath = inputs.path; + + if (!basePath && !existsSync(basePath)) { + console.error(`Invalid path: ${basePath}`); + process.exit(1); + } + + if (!inputs.suffix) { + console.error('No version suffix provided.'); + process.exit(1); + } + + const repositoryName = path.basename(basePath); + if (subPackages[repositoryName]) { + subPackages[repositoryName].forEach(subpath => { + releasePackage(path.join(basePath, subpath)); + }); + } else { + releasePackage(basePath); + } +} + +main(); diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml new file mode 100644 index 00000000..187c3d9d --- /dev/null +++ b/.github/workflows/dry-run.yml @@ -0,0 +1,146 @@ +# This workflow executes a full dry-run test, which means that all we build and test all @cloudscape-design packages in GitHub. +# This ensures that the changes in the current package do not cause any regressions for its consumers. +name: dry-run + +on: + workflow_call: + +permissions: + contents: read + +defaults: + run: + shell: bash + +jobs: + buildJestPreset: + name: Build jest-preset + runs-on: ubuntu-latest + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: jest-preset + skip_build: "true" + buildGlobalStyles: + name: Build global-styles + runs-on: ubuntu-latest + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: global-styles + buildCollectionHooks: + name: Build collection-hooks + runs-on: ubuntu-latest + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: collection-hooks + buildBrowserTestTools: + name: Build browser-test-tools + runs-on: ubuntu-latest + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: browser-test-tools + buildDocumenter: + name: Build documenter + runs-on: ubuntu-latest + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: documenter + buildTestUtils: + name: Build test-utils + runs-on: ubuntu-latest + needs: buildDocumenter + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: test-utils + download_dependencies: "true" + buildThemingCore: + name: Build theming-core + runs-on: ubuntu-latest + needs: + - buildBrowserTestTools + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: theming-core + artifact_path: theming-*.tgz + download_dependencies: true + buildComponents: + name: Build components + runs-on: ubuntu-latest + needs: + - buildJestPreset + - buildGlobalStyles + - buildCollectionHooks + - buildBrowserTestTools + - buildDocumenter + - buildTestUtils + - buildThemingCore + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: components + target_artifact: components-package + skip_tests: true + download_dependencies: true + + unitTest: + name: Components unit tests + runs-on: ubuntu-latest + needs: + - buildComponents + steps: + - name: Use Node.js 14.x + uses: actions/setup-node@v2 + with: + node-version: 14.x + - name: Download component artifacts + uses: actions/download-artifact@v2 + with: + name: components-package + - name: Unpack components artifacts + run: tar -xzf components.tgz + - name: Unit tests + run: npm run test:unit + + integTest: + name: Components integration tests + runs-on: ubuntu-latest + needs: + - buildComponents + steps: + - name: Use Node.js 14.x + uses: actions/setup-node@v2 + with: + node-version: 14.x + - name: Download component artifacts + uses: actions/download-artifact@v2 + with: + name: components-package + - name: Unpack components artifacts + run: tar -xzf components.tgz + - name: Integration tests + run: npm run test:integ + + a11yTest: + name: Components accessibility tests + runs-on: ubuntu-latest + needs: + - buildComponents + steps: + - name: Use Node.js 14.x + uses: actions/setup-node@v2 + with: + node-version: 14.x + - name: Download component artifacts + uses: actions/download-artifact@v2 + with: + name: components-package + - name: Unpack components artifacts + run: tar -xzf components.tgz + - name: Accessibility tests + run: npm run test:a11y diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..cb43a5f0 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,48 @@ +# This workflow releases the current package to a dedicated private CodeArtifact repository. +# One repository may publish more than one package. For more details refer to the release-package Action. +name: release + +on: + workflow_call: + +permissions: + id-token: write + contents: read + +jobs: + release: + concurrency: release-${{ github.ref }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Use Node.js 14.x + uses: actions/setup-node@v2 + with: + node-version: 14.x + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.AWS_CODEARTIFACT_ROLE }} + aws-region: us-west-2 + - name: Login and configure codeartifact + env: + CODE_ARTIFACT_REPO: ${{ startsWith(github.ref_name, 'dev-v3-') && format('AwsUI-Artifacts-{0}', github.ref_name) || 'github-artifacts' }} + run: | + echo Logging into repository $CODE_ARTIFACT_REPO + aws codeartifact login --tool npm --repository $CODE_ARTIFACT_REPO --domain awsui --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --region us-west-2 --namespace @cloudscape-design + + - name: Make sure to use pre-release versions of our dependencies + uses: cloudscape-design/.github/.github/actions/patch-local-dependencies@main + with: + path: ${{ github.workspace }} + type: next + + - run: npm install + + - name: Restore locally modified files + run: git restore . + + - run: npm run test + + - name: Release package to private CodeArtifact + uses: cloudscape-design/.github/.github/actions/release-package@main From fb2a72fc2fb10376280ba8fda3c54c8f2d6605b8 Mon Sep 17 00:00:00 2001 From: Timo Gasda <2446349+timogasda@users.noreply.github.com> Date: Fri, 22 Jul 2022 12:43:48 +0200 Subject: [PATCH 04/53] chore: Add codeql job to build workflow (#5) --- .github/workflows/build-lint-test.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 55e2725c..15aeb7ff 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -4,12 +4,13 @@ on: workflow_call: permissions: + actions: read contents: read + security-events: write jobs: build: runs-on: ubuntu-latest - steps: - uses: actions/checkout@v2 - name: Use Node.js 14.x @@ -25,3 +26,14 @@ jobs: if: ${{ github.repository == 'cloudscape-design/components' }} - name: Codecov uses: codecov/codecov-action@v3 + + codeql: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: javascript + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 From dfb159af38ea49f2bb4bd1bc36b5c92ec3930759 Mon Sep 17 00:00:00 2001 From: Timo Gasda <2446349+timogasda@users.noreply.github.com> Date: Mon, 25 Jul 2022 12:03:15 +0200 Subject: [PATCH 05/53] fix: Make sure to build packages in the release workflow (#6) --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cb43a5f0..2d254bb6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -42,6 +42,7 @@ jobs: - name: Restore locally modified files run: git restore . + - run: npm run build - run: npm run test - name: Release package to private CodeArtifact From ad215862096d1b28f4a6fd99caf61806870c33d0 Mon Sep 17 00:00:00 2001 From: Boris Serdiuk Date: Thu, 1 Sep 2022 19:20:17 +0200 Subject: [PATCH 06/53] make codeql step configurable (#8) --- .github/workflows/build-lint-test.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 15aeb7ff..68a5c104 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -2,6 +2,12 @@ name: Build, lint and test on: workflow_call: + inputs: + skip-codeql: + type: boolean + description: "Skip CodeQL checks" + required: false + default: false permissions: actions: read @@ -28,6 +34,7 @@ jobs: uses: codecov/codecov-action@v3 codeql: + if: ${{ inputs.skip-codeql == false }} runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -36,4 +43,4 @@ jobs: with: languages: javascript - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v2 From 09b6dc80c5dbe6486149226da6bf6922c7ef3a13 Mon Sep 17 00:00:00 2001 From: Boris Serdiuk Date: Fri, 2 Sep 2022 13:00:00 +0200 Subject: [PATCH 07/53] add configurable publish paths (#7) --- .github/actions/release-package/action.yml | 12 +++++++++++- .github/actions/release-package/index.mjs | 15 +++++++-------- .github/workflows/release.yml | 7 +++++++ 3 files changed, 25 insertions(+), 9 deletions(-) diff --git a/.github/actions/release-package/action.yml b/.github/actions/release-package/action.yml index 3b0f9c4d..3d37bed7 100644 --- a/.github/actions/release-package/action.yml +++ b/.github/actions/release-package/action.yml @@ -1,5 +1,11 @@ name: "Publish package to internal CodeArtifact" description: "Publishes the current package to an internal CodeArtifact on a pre-release tag" +inputs: + publish-packages: + # Arrays are not supported: https://github.com/community/community/discussions/11692 + description: "Comma-separated list of sub-folders to publish" + required: false + runs: using: "composite" steps: @@ -13,5 +19,9 @@ runs: run: echo "::set-output name=version_suffix::-next-build.$(git rev-parse --short HEAD)" shell: bash - - run: INPUT_PATH=${{ github.workspace }} INPUT_SUFFIX=${{ steps.vars.outputs.version_suffix }} node ${{ github.action_path }}/index.mjs + - run: node ${{ github.action_path }}/index.mjs shell: bash + env: + INPUT_PATH: ${{ github.workspace }} + INPUT_SUFFIX: ${{ steps.vars.outputs.version_suffix }} + PUBLISH_PACKAGES: ${{ inputs.publish-packages }} diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs index c548ae34..82ee4b68 100644 --- a/.github/actions/release-package/index.mjs +++ b/.github/actions/release-package/index.mjs @@ -5,14 +5,15 @@ import { existsSync, readFileSync, writeFileSync } from 'fs'; const inputs = { path: process.env.INPUT_PATH, suffix: process.env.INPUT_SUFFIX, + publishPackages: process.env.PUBLISH_PACKAGES?.split(',').map((pkg) => pkg.trim()), }; -// The main packags should publish to next, and dev forks to next-dev +// The main branch should publish to next, and dev forks to next-dev const branchName = process.env.GITHUB_REF_TYPE === 'branch' ? process.env.GITHUB_REF_NAME : ''; const publishTag = branchName.startsWith('dev-v3-') ? branchName : 'next'; const subPackages = { - 'components': [ + components: [ 'lib/components', 'lib/style-dictionary', 'lib/components-themeable', @@ -55,12 +56,10 @@ function main() { } const repositoryName = path.basename(basePath); - if (subPackages[repositoryName]) { - subPackages[repositoryName].forEach(subpath => { - releasePackage(path.join(basePath, subpath)); - }); - } else { - releasePackage(basePath); + const packagesToPublish = inputs.publishPackages ?? subPackages[repositoryName] ?? ['.']; + + for (const pkg of packagesToPublish) { + releasePackage(path.join(basePath, pkg)); } } diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2d254bb6..d7ded862 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,6 +4,11 @@ name: release on: workflow_call: + inputs: + publish-packages: + description: "Comma-separated list of sub-folders to publish" + type: string + required: false permissions: id-token: write @@ -47,3 +52,5 @@ jobs: - name: Release package to private CodeArtifact uses: cloudscape-design/.github/.github/actions/release-package@main + with: + publish-packages: ${{ inputs.publish-packages }} From 5850ba02a8bd991e90e926eb403b57514313cfe9 Mon Sep 17 00:00:00 2001 From: Boris Serdiuk Date: Mon, 5 Sep 2022 11:54:17 +0200 Subject: [PATCH 08/53] Handle empty configuration parameter properly (#10) --- .github/actions/release-package/index.mjs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs index 82ee4b68..cfb8b05e 100644 --- a/.github/actions/release-package/index.mjs +++ b/.github/actions/release-package/index.mjs @@ -5,9 +5,14 @@ import { existsSync, readFileSync, writeFileSync } from 'fs'; const inputs = { path: process.env.INPUT_PATH, suffix: process.env.INPUT_SUFFIX, - publishPackages: process.env.PUBLISH_PACKAGES?.split(',').map((pkg) => pkg.trim()), + publishPackages: process.env.PUBLISH_PACKAGES + ? process.env.PUBLISH_PACKAGES.split(',').map((pkg) => pkg.trim()) + : null, }; +console.log('Inputs:'); +console.log(JSON.stringify(inputs, null, 2)); + // The main branch should publish to next, and dev forks to next-dev const branchName = process.env.GITHUB_REF_TYPE === 'branch' ? process.env.GITHUB_REF_NAME : ''; const publishTag = branchName.startsWith('dev-v3-') ? branchName : 'next'; From dc93aee1e1beafa6eea72ba3d3672df9504eb203 Mon Sep 17 00:00:00 2001 From: Boris Serdiuk Date: Mon, 5 Sep 2022 14:05:00 +0200 Subject: [PATCH 09/53] remove hard-coded publish configs (#9) --- .github/actions/release-package/index.mjs | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs index cfb8b05e..feb08f1f 100644 --- a/.github/actions/release-package/index.mjs +++ b/.github/actions/release-package/index.mjs @@ -17,18 +17,6 @@ console.log(JSON.stringify(inputs, null, 2)); const branchName = process.env.GITHUB_REF_TYPE === 'branch' ? process.env.GITHUB_REF_NAME : ''; const publishTag = branchName.startsWith('dev-v3-') ? branchName : 'next'; -const subPackages = { - components: [ - 'lib/components', - 'lib/style-dictionary', - 'lib/components-themeable', - 'lib/dev-pages', - 'lib/components-definitions', - ], - 'theming-core': ['lib/node', 'lib/browser'], - 'test-utils': ['packages/core', 'packages/converter'], -}; - function releasePackage(packagePath) { const packageJsonPath = path.join(packagePath, 'package.json'); @@ -60,8 +48,7 @@ function main() { process.exit(1); } - const repositoryName = path.basename(basePath); - const packagesToPublish = inputs.publishPackages ?? subPackages[repositoryName] ?? ['.']; + const packagesToPublish = inputs.publishPackages ?? ['.']; for (const pkg of packagesToPublish) { releasePackage(path.join(basePath, pkg)); From 3418edb27c47c6b720990ddd675db9c0ebf1c766 Mon Sep 17 00:00:00 2001 From: Florian Dreschner Date: Mon, 26 Sep 2022 12:45:56 +0200 Subject: [PATCH 10/53] chore: Cache global package data for NPM (#11) --- .github/workflows/build-lint-test.yml | 1 + .github/workflows/dry-run.yml | 3 +++ .github/workflows/release.yml | 1 + 3 files changed, 5 insertions(+) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 68a5c104..916e1f18 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -23,6 +23,7 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x + cache: 'npm' - run: npm i - run: npm run lint - run: npm run build diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 187c3d9d..66b3da17 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -98,6 +98,7 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x + cache: 'npm' - name: Download component artifacts uses: actions/download-artifact@v2 with: @@ -117,6 +118,7 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x + cache: 'npm' - name: Download component artifacts uses: actions/download-artifact@v2 with: @@ -136,6 +138,7 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x + cache: 'npm' - name: Download component artifacts uses: actions/download-artifact@v2 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d7ded862..355184ed 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,6 +24,7 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x + cache: 'npm' - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 with: From 95511d2dc0cb8877792579e6e8a7021d96de1dd3 Mon Sep 17 00:00:00 2001 From: Florian Dreschner Date: Mon, 26 Sep 2022 12:46:07 +0200 Subject: [PATCH 11/53] fix: Log publishing error to console (#12) --- .github/actions/release-package/index.mjs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs index feb08f1f..11379e08 100644 --- a/.github/actions/release-package/index.mjs +++ b/.github/actions/release-package/index.mjs @@ -31,7 +31,7 @@ function releasePackage(packagePath) { try { execSync(`npm publish --tag ${publishTag}`, { stdio: 'inherit', cwd: packagePath }); } catch (e) { - console.error('Error while publishing:', e.stderr.toString()); + console.error(`Publishing failed with ${e.status}: ${e.message}. ${e.stderr ? 'Full error: ' + e.stderr.toString() : ''}`); } } From 04c0d34e87642b780e6977434fa84c715f7d005c Mon Sep 17 00:00:00 2001 From: Fahad Hossain Date: Mon, 26 Sep 2022 16:44:38 +0200 Subject: [PATCH 12/53] Revert "chore: Cache global package data for NPM (#11)" (#13) This reverts commit 3418edb27c47c6b720990ddd675db9c0ebf1c766. --- .github/workflows/build-lint-test.yml | 1 - .github/workflows/dry-run.yml | 3 --- .github/workflows/release.yml | 1 - 3 files changed, 5 deletions(-) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 916e1f18..68a5c104 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -23,7 +23,6 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x - cache: 'npm' - run: npm i - run: npm run lint - run: npm run build diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 66b3da17..187c3d9d 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -98,7 +98,6 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x - cache: 'npm' - name: Download component artifacts uses: actions/download-artifact@v2 with: @@ -118,7 +117,6 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x - cache: 'npm' - name: Download component artifacts uses: actions/download-artifact@v2 with: @@ -138,7 +136,6 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x - cache: 'npm' - name: Download component artifacts uses: actions/download-artifact@v2 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 355184ed..d7ded862 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,6 @@ jobs: uses: actions/setup-node@v2 with: node-version: 14.x - cache: 'npm' - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 with: From 614ead567398eb52aa83479511b03ae8340f3039 Mon Sep 17 00:00:00 2001 From: Gethin Webster Date: Thu, 3 Nov 2022 11:39:55 +0100 Subject: [PATCH 13/53] chore: Add `demos` to dry run (#19) --- .github/actions/build-package/action.yml | 7 ++++-- .github/workflows/dry-run.yml | 31 +++++++++++++++++++++--- 2 files changed, 33 insertions(+), 5 deletions(-) diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml index c4ca94fc..7a03a9d8 100644 --- a/.github/actions/build-package/action.yml +++ b/.github/actions/build-package/action.yml @@ -61,7 +61,7 @@ runs: run: npm test working-directory: ${{ inputs.package }} - name: Pack artifacts - if: ${{ inputs.package != 'components' && inputs.package != 'test-utils' && inputs.package != 'theming-core' }} + if: ${{ inputs.package != 'components' && inputs.package != 'test-utils' && inputs.package != 'theming-core' && inputs.package != 'demos' }} shell: bash working-directory: ${{ inputs.package }} run: | @@ -104,7 +104,10 @@ runs: if: ${{ inputs.package == 'components' }} shell: bash working-directory: ${{ inputs.package }} - run: tar -czf ../components.tgz --strip-components=1 . + run: | + tar -czf ../components-full.tgz . + tar -czf ../components.tgz --directory=lib/components . + tar -czf ../design-tokens.tgz --directory=lib/design-tokens . - name: Upload artifacts uses: actions/upload-artifact@v2 diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 187c3d9d..f47b5701 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -3,6 +3,9 @@ name: dry-run on: + pull_request: + branches: + - main workflow_call: permissions: @@ -85,6 +88,7 @@ jobs: with: package: components target_artifact: components-package + artifact_path: ./*.tgz skip_tests: true download_dependencies: true @@ -103,7 +107,7 @@ jobs: with: name: components-package - name: Unpack components artifacts - run: tar -xzf components.tgz + run: tar -xzf components-full.tgz - name: Unit tests run: npm run test:unit @@ -122,7 +126,7 @@ jobs: with: name: components-package - name: Unpack components artifacts - run: tar -xzf components.tgz + run: tar -xzf components-full.tgz - name: Integration tests run: npm run test:integ @@ -141,6 +145,27 @@ jobs: with: name: components-package - name: Unpack components artifacts - run: tar -xzf components.tgz + run: tar -xzf components-full.tgz - name: Accessibility tests run: npm run test:a11y + + demosTest: + name: Demos tests + runs-on: ubuntu-latest + needs: + - buildComponents + - buildBrowserTestTools + - buildCollectionHooks + - buildTestUtils + - buildGlobalStyles + - buildThemingCore + steps: + - name: Download component artifacts + uses: actions/download-artifact@v2 + with: + name: components-package + - name: Build + uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: demos + download_dependencies: true From 5cb0cc384f0a3c45faf9ce8ef56f4a69bdb2b79e Mon Sep 17 00:00:00 2001 From: Abdallah AlHalees Date: Thu, 3 Nov 2022 12:52:29 +0100 Subject: [PATCH 14/53] feat: create manifest file on release (#16) --- .github/workflows/release.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d7ded862..0b722e85 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -48,8 +48,11 @@ jobs: run: git restore . - run: npm run build - - run: npm run test + - name: Save commit in manifest file + run: echo '{"commit":"${{ github.sha }}"}' > manifest.json + + - run: npm run test - name: Release package to private CodeArtifact uses: cloudscape-design/.github/.github/actions/release-package@main with: From c8b428ecc6a85b31db7f63f7fc865ea5f162aaa5 Mon Sep 17 00:00:00 2001 From: Abdallah AlHalees Date: Fri, 4 Nov 2022 15:31:12 +0100 Subject: [PATCH 15/53] chore: Add validate PR title workflow (#20) --- .github/workflows/lint-pr.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/workflows/lint-pr.yml diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml new file mode 100644 index 00000000..76c39f1e --- /dev/null +++ b/.github/workflows/lint-pr.yml @@ -0,0 +1,27 @@ +name: "Lint PR" + +on: + pull_request_target: + types: + - opened + - edited + - synchronize + +jobs: + main: + name: Validate PR title + runs-on: ubuntu-latest + steps: + - uses: amannn/action-semantic-pull-request@v5 + with: + types: | + fix + feat + test + refactor + chore + requireScope: false + scopes: | + scope-not-allowed + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 2f4de0146d1bdbe630e5fd7f26f1679ecf4aca84 Mon Sep 17 00:00:00 2001 From: Abdallah AlHalees Date: Thu, 10 Nov 2022 11:08:33 +0100 Subject: [PATCH 16/53] chore: add manifest file to packages (#22) chore: add manifest file to packages --- .github/actions/release-package/action.yml | 1 + .github/actions/release-package/index.mjs | 12 +++++++++++- .github/workflows/release.yml | 3 --- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/actions/release-package/action.yml b/.github/actions/release-package/action.yml index 3d37bed7..d6240f86 100644 --- a/.github/actions/release-package/action.yml +++ b/.github/actions/release-package/action.yml @@ -25,3 +25,4 @@ runs: INPUT_PATH: ${{ github.workspace }} INPUT_SUFFIX: ${{ steps.vars.outputs.version_suffix }} PUBLISH_PACKAGES: ${{ inputs.publish-packages }} + COMMIT_SHA: ${{ github.sha }} diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs index 11379e08..6bd1c8bb 100644 --- a/.github/actions/release-package/index.mjs +++ b/.github/actions/release-package/index.mjs @@ -8,6 +8,7 @@ const inputs = { publishPackages: process.env.PUBLISH_PACKAGES ? process.env.PUBLISH_PACKAGES.split(',').map((pkg) => pkg.trim()) : null, + commitSha: process.env.COMMIT_SHA, }; console.log('Inputs:'); @@ -33,6 +34,13 @@ function releasePackage(packagePath) { } catch (e) { console.error(`Publishing failed with ${e.status}: ${e.message}. ${e.stderr ? 'Full error: ' + e.stderr.toString() : ''}`); } +} + +function addManifest(data, packagePath) { + writeFileSync( + path.join(packagePath, 'manifest.json'), + JSON.stringify(data, null, 2) + ); } function main() { @@ -51,7 +59,9 @@ function main() { const packagesToPublish = inputs.publishPackages ?? ['.']; for (const pkg of packagesToPublish) { - releasePackage(path.join(basePath, pkg)); + const packagePath = path.join(basePath, pkg); + addManifest({ commit: inputs.commitSha }, packagePath); + releasePackage(packagePath); } } diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0b722e85..27ae2cfe 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -49,9 +49,6 @@ jobs: - run: npm run build - - name: Save commit in manifest file - run: echo '{"commit":"${{ github.sha }}"}' > manifest.json - - run: npm run test - name: Release package to private CodeArtifact uses: cloudscape-design/.github/.github/actions/release-package@main From 172d0ded788c8727df6e455e806035961d0039f2 Mon Sep 17 00:00:00 2001 From: Abdallah AlHalees Date: Thu, 10 Nov 2022 13:44:34 +0100 Subject: [PATCH 17/53] fix: Replace semantic pr action with custom implementation (#23) --- .github/workflows/lint-pr.yml | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index 76c39f1e..a599b21d 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -12,16 +12,12 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v5 - with: - types: | - fix - feat - test - refactor - chore - requireScope: false - scopes: | - scope-not-allowed - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - run: | + if [[ "${{ github.event.pull_request.title }}" =~ (^(chore|feat|fix|refactor|test){1}?: ([[:alnum:]])+([[:space:][:print:]]*)) ]]; then + echo "Valid PR title" + else + echo 'PR title does not follow the convention "type: subject"' + echo 'type must be one of the following: feat|fix|chore|refactor|test' + exit 1 + fi + shell: bash From 392ad403b96a82b6f0ca67583f766a37e0eeebd5 Mon Sep 17 00:00:00 2001 From: Abdallah AlHalees Date: Fri, 11 Nov 2022 12:35:49 +0100 Subject: [PATCH 18/53] fix: Move manifest file to internal folder (#24) --- .github/actions/release-package/index.mjs | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs index 6bd1c8bb..ae6ae337 100644 --- a/.github/actions/release-package/index.mjs +++ b/.github/actions/release-package/index.mjs @@ -1,6 +1,6 @@ import path from 'path'; import { execSync } from 'child_process'; -import { existsSync, readFileSync, writeFileSync } from 'fs'; +import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'fs'; const inputs = { path: process.env.INPUT_PATH, @@ -24,6 +24,12 @@ function releasePackage(packagePath) { // Update version in the package.json file const packageJson = JSON.parse(readFileSync(packageJsonPath)); packageJson.version += inputs.suffix; + + // Add internal folder to files in package.json + if(packageJson.files) { + packageJson.files.push(internalFolderName) + } + writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2)); // Publish to CodeArtifact @@ -37,8 +43,10 @@ function releasePackage(packagePath) { } function addManifest(data, packagePath) { + const internalFolderName = 'internal' + mkdirSync(path.join(packagePath, internalFolderName), { recursive: true }) writeFileSync( - path.join(packagePath, 'manifest.json'), + path.join(packagePath, internalFolderName, 'manifest.json'), JSON.stringify(data, null, 2) ); } From 9ab3e3a3680b0abd2f233c04c3212a2cc16725e7 Mon Sep 17 00:00:00 2001 From: Abdallah AlHalees Date: Fri, 11 Nov 2022 14:53:53 +0100 Subject: [PATCH 19/53] feat: Add release notes workflow and action (#21) --- .github/workflows/release-gh-notes.yml | 48 ++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 .github/workflows/release-gh-notes.yml diff --git a/.github/workflows/release-gh-notes.yml b/.github/workflows/release-gh-notes.yml new file mode 100644 index 00000000..85525f39 --- /dev/null +++ b/.github/workflows/release-gh-notes.yml @@ -0,0 +1,48 @@ +name: release-gh-notes + +on: + workflow_call: + inputs: + version: + required: true + description: "Specify the version for this release" + type: string + npm_package: + required: true + description: "npm package of the release" + type: string + +jobs: + release: + runs-on: ubuntu-latest + + steps: + - name: install npm package + run: npm install ${{ github.event.inputs.npm_package }}@${{ github.event.inputs.version }} + shell: bash + - name: Get manifest file + id: manifest + run: echo ::set-output name=manifest::$(cat node_modules/${{ github.event.inputs.npm_package }}/internal/manifest.json) + shell: bash + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ fromJson(steps.manifest.outputs.manifest).commit }} + fetch-depth: 0 + - name: Replace version in package.json + run: | + package_json="$(jq '.version = "${{ github.event.inputs.version }}"' package.json)" && \ + echo -E "${package_json}" > package.json + - name: Generate changelog + run: npx conventional-changelog-cli@2 -i CHANGELOG.md -s -p conventionalcommits + - name: Get number of lines in CHANGELOG.md + id: changelog + run: echo ::set-output name=changelog_lines::$(wc -l < "CHANGELOG.md") + shell: bash + - name: Add empty release note + run: echo "No customer visible changes in this release" >> CHANGELOG.md + if: ${{ steps.changelog.outputs.changelog_lines <= 2 }} + - name: Create Release + run: gh release create ${{ github.event.inputs.version }} -F CHANGELOG.md --target ${{ fromJson(steps.manifest.outputs.manifest).commit }} --title "Release ${{ github.event.inputs.version }}" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From a2ed29ffd9f50bb0b079053de7b5181941de17ae Mon Sep 17 00:00:00 2001 From: Abdallah AlHalees Date: Fri, 11 Nov 2022 17:35:46 +0100 Subject: [PATCH 20/53] fix: trigger lint-pr workflow on workflow call (#25) --- .github/workflows/lint-pr.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index a599b21d..d07b8d37 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -1,11 +1,7 @@ name: "Lint PR" on: - pull_request_target: - types: - - opened - - edited - - synchronize + workflow_call: jobs: main: From c0dba2efac24ea3c9109aeea81581e0ed0f70df7 Mon Sep 17 00:00:00 2001 From: Abdallah AlHalees Date: Mon, 14 Nov 2022 10:31:17 +0100 Subject: [PATCH 21/53] fix: Add missing variable (#26) --- .github/actions/release-package/index.mjs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs index ae6ae337..105bf7bd 100644 --- a/.github/actions/release-package/index.mjs +++ b/.github/actions/release-package/index.mjs @@ -14,6 +14,8 @@ const inputs = { console.log('Inputs:'); console.log(JSON.stringify(inputs, null, 2)); +const internalFolderName = 'internal' + // The main branch should publish to next, and dev forks to next-dev const branchName = process.env.GITHUB_REF_TYPE === 'branch' ? process.env.GITHUB_REF_NAME : ''; const publishTag = branchName.startsWith('dev-v3-') ? branchName : 'next'; @@ -43,7 +45,6 @@ function releasePackage(packagePath) { } function addManifest(data, packagePath) { - const internalFolderName = 'internal' mkdirSync(path.join(packagePath, internalFolderName), { recursive: true }) writeFileSync( path.join(packagePath, internalFolderName, 'manifest.json'), From 1d54bccec1c096987acbb6c4e4f73c2b27c0b832 Mon Sep 17 00:00:00 2001 From: Yueying Lu <98534165+YueyingLu@users.noreply.github.com> Date: Tue, 22 Nov 2022 16:00:11 +0100 Subject: [PATCH 22/53] chore: Allow revert type of pr title (#27) --- .github/workflows/lint-pr.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index d07b8d37..6f30b582 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -9,11 +9,11 @@ jobs: runs-on: ubuntu-latest steps: - run: | - if [[ "${{ github.event.pull_request.title }}" =~ (^(chore|feat|fix|refactor|test){1}?: ([[:alnum:]])+([[:space:][:print:]]*)) ]]; then + if [[ "${{ github.event.pull_request.title }}" =~ (^(chore|feat|fix|refactor|test|revert){1}?: ([[:alnum:]])+([[:space:][:print:]]*)) ]]; then echo "Valid PR title" else echo 'PR title does not follow the convention "type: subject"' - echo 'type must be one of the following: feat|fix|chore|refactor|test' + echo 'type must be one of the following: feat|fix|chore|refactor|test|revert' exit 1 fi shell: bash From 5fb25da5288f8c3858424afcd76543b2799c5aac Mon Sep 17 00:00:00 2001 From: Connor Lanigan Date: Mon, 28 Nov 2022 12:36:07 +0100 Subject: [PATCH 23/53] Skip PR title linting (#28) --- .github/workflows/lint-pr.yml | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index 6f30b582..de3e1323 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -1,4 +1,4 @@ -name: "Lint PR" +name: 'Lint PR' on: workflow_call: @@ -9,11 +9,6 @@ jobs: runs-on: ubuntu-latest steps: - run: | - if [[ "${{ github.event.pull_request.title }}" =~ (^(chore|feat|fix|refactor|test|revert){1}?: ([[:alnum:]])+([[:space:][:print:]]*)) ]]; then - echo "Valid PR title" - else - echo 'PR title does not follow the convention "type: subject"' - echo 'type must be one of the following: feat|fix|chore|refactor|test|revert' - exit 1 - fi + echo "Skipped" + exit 1 shell: bash From 2921d2d1420fef5b849d5aecbcfb9138ac6b9dcc Mon Sep 17 00:00:00 2001 From: Avinash Dwarapu Date: Mon, 28 Nov 2022 15:04:04 +0100 Subject: [PATCH 24/53] fix: Use environment variables and remove permissions in Lint PR workflow (#29) --- .github/workflows/lint-pr.yml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index de3e1323..68a42a0d 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -1,14 +1,23 @@ -name: 'Lint PR' +name: Lint PR on: workflow_call: +permissions: {} + jobs: main: name: Validate PR title runs-on: ubuntu-latest + env: + TITLE: ${{ github.event.pull_request.title }} steps: - run: | - echo "Skipped" - exit 1 + if [[ "$TITLE" =~ (^(chore|feat|fix|refactor|test|revert){1}?: ([[:alnum:]])+([[:space:][:print:]]*)) ]]; then + echo "Valid PR title" + else + echo 'PR title does not follow the convention "type: subject"' + echo 'type must be one of the following: feat|fix|chore|refactor|test|revert' + exit 1 + fi shell: bash From f0ba5463f95de8ca3c5e06918f491da7fe19b731 Mon Sep 17 00:00:00 2001 From: Michael Dowse Date: Tue, 20 Dec 2022 10:23:14 +0000 Subject: [PATCH 25/53] chore: Upgrade to Node16 - Update all workflows to use v16 --- .github/actions/build-package/action.yml | 10 +++++----- .../patch-local-dependencies/action.yml | 6 +++--- .github/actions/release-package/action.yml | 6 +++--- .github/workflows/build-lint-test.yml | 12 +++++------ .github/workflows/dry-run.yml | 20 +++++++++---------- .github/workflows/release.yml | 10 +++++----- 6 files changed, 32 insertions(+), 32 deletions(-) diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml index 7a03a9d8..9d4868db 100644 --- a/.github/actions/build-package/action.yml +++ b/.github/actions/build-package/action.yml @@ -23,14 +23,14 @@ runs: using: "composite" steps: - name: Clone - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: repository: cloudscape-design/${{ inputs.package }} path: ${{ inputs.package }} - - name: Use Node.js 14.x - uses: actions/setup-node@v2 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: 14.x + node-version: 16 - name: Download artifacts if: ${{ inputs.download_dependencies == 'true' }} @@ -48,7 +48,7 @@ runs: - name: npm install shell: bash - run: npm i + run: npm i --force working-directory: ${{ inputs.package }} - name: Build if: ${{ inputs.skip_build != 'true' }} diff --git a/.github/actions/patch-local-dependencies/action.yml b/.github/actions/patch-local-dependencies/action.yml index a369f1bf..5cfbde71 100644 --- a/.github/actions/patch-local-dependencies/action.yml +++ b/.github/actions/patch-local-dependencies/action.yml @@ -11,10 +11,10 @@ inputs: runs: using: "composite" steps: - - name: Use Node.js 14.x - uses: actions/setup-node@v2 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: 14.x + node-version: 16 - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/local.mjs if: ${{ inputs.type == 'local' }} shell: bash diff --git a/.github/actions/release-package/action.yml b/.github/actions/release-package/action.yml index d6240f86..6955f3c2 100644 --- a/.github/actions/release-package/action.yml +++ b/.github/actions/release-package/action.yml @@ -9,10 +9,10 @@ inputs: runs: using: "composite" steps: - - name: Use Node.js 14.x - uses: actions/setup-node@v2 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: 14.x + node-version: 16 - name: Define new version suffix id: vars diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 68a5c104..d4f409a3 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -18,12 +18,12 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Use Node.js 14.x - uses: actions/setup-node@v2 + - uses: actions/checkout@v3 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: 14.x - - run: npm i + node-version: 16 + - run: npm i --force - run: npm run lint - run: npm run build - run: npm run test @@ -37,7 +37,7 @@ jobs: if: ${{ inputs.skip-codeql == false }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index f47b5701..0de78950 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -98,10 +98,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 14.x - uses: actions/setup-node@v2 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: 14.x + node-version: 16 - name: Download component artifacts uses: actions/download-artifact@v2 with: @@ -117,10 +117,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 14.x - uses: actions/setup-node@v2 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: 14.x + node-version: 16 - name: Download component artifacts uses: actions/download-artifact@v2 with: @@ -136,10 +136,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 14.x - uses: actions/setup-node@v2 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: 14.x + node-version: 16 - name: Download component artifacts uses: actions/download-artifact@v2 with: @@ -148,7 +148,7 @@ jobs: run: tar -xzf components-full.tgz - name: Accessibility tests run: npm run test:a11y - + demosTest: name: Demos tests runs-on: ubuntu-latest diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 27ae2cfe..451583bf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,11 +19,11 @@ jobs: concurrency: release-${{ github.ref }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Use Node.js 14.x - uses: actions/setup-node@v2 + - uses: actions/checkout@v3 + - name: Use Node.js 16 + uses: actions/setup-node@v3 with: - node-version: 14.x + node-version: 16 - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 with: @@ -42,7 +42,7 @@ jobs: path: ${{ github.workspace }} type: next - - run: npm install + - run: npm install --force - name: Restore locally modified files run: git restore . From 36bd4ccac13e1eb9b6ca3ad503a42e27696d0505 Mon Sep 17 00:00:00 2001 From: Timo Gasda <2446349+timogasda@users.noreply.github.com> Date: Tue, 10 Jan 2023 14:18:06 +0100 Subject: [PATCH 26/53] chore: Allow release workflow to skip tests (#33) --- .github/workflows/release.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 451583bf..4bbb1dca 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,6 +9,11 @@ on: description: "Comma-separated list of sub-folders to publish" type: string required: false + skip-test: + type: boolean + description: "Skip tests" + required: false + default: false permissions: id-token: write @@ -50,6 +55,8 @@ jobs: - run: npm run build - run: npm run test + if: ${{ inputs.skip-test == false }} + - name: Release package to private CodeArtifact uses: cloudscape-design/.github/.github/actions/release-package@main with: From bfd3c110603c8f93acbe30688a851a33e1f3d3ea Mon Sep 17 00:00:00 2001 From: Michael Dowse Date: Fri, 3 Feb 2023 15:41:19 +0000 Subject: [PATCH 27/53] chore: Upload artifacts if provided --- .github/actions/upload-artifact/action.yml | 24 ++++++++++++++++++++++ .github/workflows/build-lint-test.yml | 13 ++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 .github/actions/upload-artifact/action.yml diff --git a/.github/actions/upload-artifact/action.yml b/.github/actions/upload-artifact/action.yml new file mode 100644 index 00000000..266ddbea --- /dev/null +++ b/.github/actions/upload-artifact/action.yml @@ -0,0 +1,24 @@ +name: "Upload artifact to GitHub Artifacts" +description: "Compress and uploaded a given folder as an artifact to GitHub Artifacts" +inputs: + path: + type: string + description: "A file, directory or wildcard pattern that describes what to upload" + required: true + name: + type: string + description: "Artifact name" + required: true + +runs: + using: "composite" + steps: + - name: Create artifact + run: | + tar -zcvf ${{ inputs.name }}.tar.gz ${{ inputs.path }} + shell: bash + - name: Upload artifact + uses: actions/upload-artifact@v3 + with: + name: ${{ inputs.name }} + path: ${{ inputs.name }}.tar.gz diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index d4f409a3..907be97c 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -8,6 +8,13 @@ on: description: "Skip CodeQL checks" required: false default: false + artifact-path: + type: string + description: "An optional file, directory or wildcard pattern that describes what to upload" + artifact-name: + type: string + description: "An optional artifact name" + default: "artifact" permissions: actions: read @@ -30,6 +37,12 @@ jobs: if: ${{ github.repository != 'cloudscape-design/components' }} - run: npm run test:unit if: ${{ github.repository == 'cloudscape-design/components' }} + - name: Upload Artifacts + if: ${{ inputs.artifact-path != '' }} + uses: cloudscape-design/.github/.github/actions/upload-artifact@main + with: + path: ${{ inputs.artifact-path }} + name: ${{ inputs.artifact-name }} - name: Codecov uses: codecov/codecov-action@v3 From 0f50cdef8362635a4666ce4e3514b5ee9cbfd5a5 Mon Sep 17 00:00:00 2001 From: Michael Dowse Date: Fri, 3 Feb 2023 12:04:00 +0000 Subject: [PATCH 28/53] chore: Unlock package-lock deps during build phase --- .../actions/unlock-dependencies/action.yml | 12 ++++++++ .github/actions/unlock-dependencies/index.js | 29 +++++++++++++++++++ .github/workflows/build-lint-test.yml | 2 ++ 3 files changed, 43 insertions(+) create mode 100644 .github/actions/unlock-dependencies/action.yml create mode 100644 .github/actions/unlock-dependencies/index.js diff --git a/.github/actions/unlock-dependencies/action.yml b/.github/actions/unlock-dependencies/action.yml new file mode 100644 index 00000000..d501ec2e --- /dev/null +++ b/.github/actions/unlock-dependencies/action.yml @@ -0,0 +1,12 @@ +name: "Unlock Cloudscape dependencies in package-lock" +description: "Removes all @cloudscape-design dependencies from package-lock file" + +runs: + using: "composite" + steps: + - name: Use Node.js 16 + uses: actions/setup-node@v3 + with: + node-version: 16 + - run: node ${{ github.action_path }}/index.js + shell: bash diff --git a/.github/actions/unlock-dependencies/index.js b/.github/actions/unlock-dependencies/index.js new file mode 100644 index 00000000..372dc52c --- /dev/null +++ b/.github/actions/unlock-dependencies/index.js @@ -0,0 +1,29 @@ +#!/usr/bin/env node +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +const fs = require("fs"); +const path = require("path"); + +/** + * Remove specific @cloudscape-design/* packages where we should always use the latest minor release. + */ +const filename = path.resolve(process.env.GITHUB_WORKSPACE, "package-lock.json"); +const packageLock = JSON.parse(fs.readFileSync(filename)); + +function removeDependencies(dependencyName, packages) { + if (dependencyName.includes("@cloudscape-design/")) { + delete packages[dependencyName]; + } +} + +Object.keys(packageLock.packages).forEach((dependencyName) => { + removeDependencies(dependencyName, packageLock.packages); +}); + +Object.keys(packageLock.dependencies).forEach((dependencyName) => { + removeDependencies(dependencyName, packageLock.dependencies); +}); + +fs.writeFileSync(filename, JSON.stringify(packageLock, null, 2) + "\n"); +console.log("Removed @cloudscape-design/ dependencies from package-lock file"); diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 907be97c..8fb1d4fd 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -30,6 +30,8 @@ jobs: uses: actions/setup-node@v3 with: node-version: 16 + - name: Unlock dependencies + uses: cloudscape-design/.github/.github/actions/unlock-dependencies@main - run: npm i --force - run: npm run lint - run: npm run build From a4a3baa187dbd396cf13b737fd54739ceb08c1e2 Mon Sep 17 00:00:00 2001 From: Andrei Zhaleznichenka Date: Wed, 8 Feb 2023 11:30:23 +0100 Subject: [PATCH 29/53] chore: Update dry run config with component-toolkit build step (#38) * chore: Update dry run config with component-toolkit build step * Fix copy-paste mistake --- .github/workflows/dry-run.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 0de78950..b151a84d 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -72,6 +72,16 @@ jobs: package: theming-core artifact_path: theming-*.tgz download_dependencies: true + buildComponentToolkit: + name: Build component-toolkit + runs-on: ubuntu-latest + needs: + - buildBrowserTestTools + steps: + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: component-toolkit + download_dependencies: true buildComponents: name: Build components runs-on: ubuntu-latest @@ -83,6 +93,7 @@ jobs: - buildDocumenter - buildTestUtils - buildThemingCore + - buildComponentToolkit steps: - uses: cloudscape-design/.github/.github/actions/build-package@main with: From 29f0e8eeb0a546a4e925affd535bd29dd23e505d Mon Sep 17 00:00:00 2001 From: Michael Dowse Date: Mon, 6 Feb 2023 13:42:01 +0000 Subject: [PATCH 30/53] chore: Add deployment of static assets action --- .github/actions/download-artifact/action.yml | 24 +++++++++++ .github/workflows/deploy.yml | 42 ++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 .github/actions/download-artifact/action.yml create mode 100644 .github/workflows/deploy.yml diff --git a/.github/actions/download-artifact/action.yml b/.github/actions/download-artifact/action.yml new file mode 100644 index 00000000..40a4038a --- /dev/null +++ b/.github/actions/download-artifact/action.yml @@ -0,0 +1,24 @@ +name: "Download artifact" +description: "Downloads and extracts an artifact from GitHub artifacts" +inputs: + path: + type: string + description: "A directory path for the extracted artifact" + required: true + name: + type: string + description: "Artifact name" + required: true + +runs: + using: "composite" + steps: + - uses: actions/download-artifact@v3 + with: + name: ${{ inputs.name }} + path: ${{ inputs.path }} + - name: Deploy + run: | + cd ${{ inputs.path }} + tar -xf *.tar.gz + shell: bash diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 00000000..184a1a5c --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,42 @@ +name: Deploy + +on: + workflow_call: + inputs: + artifact-name: + type: string + description: "Name of artifact to deploy" + required: true + deployment-path: + type: string + description: "Directory of assets to upload" + default: "." + +permissions: + id-token: write + contents: read + deployments: write + +jobs: + deploy: + if: github.event_name == 'pull_request' + runs-on: ubuntu-latest + environment: + name: preview + url: https://d21d5uik3ws71m.cloudfront.net/${{ github.event.repository.name }}/${{ github.event.pull_request.head.sha }}/index.html + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.AWS_PREVIEW_ROLE_ARN }} + aws-region: us-west-2 + - name: Download artifact + uses: cloudscape-design/.github/.github/actions/download-artifact@main + with: + name: ${{ inputs.artifact-name }} + path: build + - name: Deploy + id: deploy + run: | + aws s3 cp ${{ inputs.deployment-path }} s3://${{ secrets.AWS_PREVIEW_BUCKET_NAME }}/${{ github.event.repository.name }}/${{ github.event.pull_request.head.sha }} --recursive + working-directory: build From 16787a1cc69d52409b59c96fa84d96f4badb3f29 Mon Sep 17 00:00:00 2001 From: Michael Date: Thu, 9 Feb 2023 13:47:08 +0100 Subject: [PATCH 31/53] chore: Do not fail workflow if deploy action fails (#39) --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 184a1a5c..38566ef7 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -21,6 +21,7 @@ jobs: deploy: if: github.event_name == 'pull_request' runs-on: ubuntu-latest + continue-on-error: true environment: name: preview url: https://d21d5uik3ws71m.cloudfront.net/${{ github.event.repository.name }}/${{ github.event.pull_request.head.sha }}/index.html From b10d7178cfcfa5f59487786321d929e0dd2cfb49 Mon Sep 17 00:00:00 2001 From: Boris Serdiuk Date: Wed, 15 Feb 2023 15:52:11 +0100 Subject: [PATCH 32/53] allow release script to fail the workflow (#40) --- .github/actions/release-package/index.mjs | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs index 105bf7bd..55fc0758 100644 --- a/.github/actions/release-package/index.mjs +++ b/.github/actions/release-package/index.mjs @@ -31,18 +31,14 @@ function releasePackage(packagePath) { if(packageJson.files) { packageJson.files.push(internalFolderName) } - + writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2)); // Publish to CodeArtifact console.info(`Publishing package ${packageJson.name} version ${packageJson.version} to dist-tag ${publishTag}`); - try { - execSync(`npm publish --tag ${publishTag}`, { stdio: 'inherit', cwd: packagePath }); - } catch (e) { - console.error(`Publishing failed with ${e.status}: ${e.message}. ${e.stderr ? 'Full error: ' + e.stderr.toString() : ''}`); - } -} + execSync(`npm publish --tag ${publishTag}`, { stdio: 'inherit', cwd: packagePath }); +} function addManifest(data, packagePath) { mkdirSync(path.join(packagePath, internalFolderName), { recursive: true }) From 0d2f03a96754747172e7c07decf3b1c46af81b20 Mon Sep 17 00:00:00 2001 From: Connor Lanigan Date: Tue, 21 Feb 2023 12:42:54 +0100 Subject: [PATCH 33/53] chore: Migrate linting script to JavaScript (#45) --- .github/workflows/lint-pr.yml | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index 68a42a0d..001f042b 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -9,15 +9,18 @@ jobs: main: name: Validate PR title runs-on: ubuntu-latest - env: - TITLE: ${{ github.event.pull_request.title }} steps: - - run: | - if [[ "$TITLE" =~ (^(chore|feat|fix|refactor|test|revert){1}?: ([[:alnum:]])+([[:space:][:print:]]*)) ]]; then - echo "Valid PR title" - else - echo 'PR title does not follow the convention "type: subject"' - echo 'type must be one of the following: feat|fix|chore|refactor|test|revert' - exit 1 - fi - shell: bash + - uses: actions/github-script@v6 + with: + script: | + const title = context.payload.pull_request.title; + + const allowedTypes = ["chore", "feat", "fix", "refactor", "test", "revert"]; + + const matchesType = allowedTypes.some( type => title.startsWith(type + ":") ); + + if(!matchesType) { + console.log(`This PR's title does not follow the convention "type: subject". Allowed types are:`, allowedTypes.join(", ")) + console.log(`This PR's title is:`, title) + process.exitCode = 1; + } From 66fd14962963386400b5ee5ce2b1dd927688a60f Mon Sep 17 00:00:00 2001 From: Timo <2446349+timogasda@users.noreply.github.com> Date: Tue, 28 Feb 2023 13:18:01 +0100 Subject: [PATCH 34/53] Fail checks if codecov fails (#46) Sometimes the codecov upload silently fails, which leaves our Actions hanging. This change makes codecov upload errors fail the Action so it can be restarted more easily. --- .github/workflows/build-lint-test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 8fb1d4fd..8af90ebe 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -47,6 +47,8 @@ jobs: name: ${{ inputs.artifact-name }} - name: Codecov uses: codecov/codecov-action@v3 + with: + fail_ci_if_error: true codeql: if: ${{ inputs.skip-codeql == false }} From 5416749c83987dd087ef790e1bc07098480bedf0 Mon Sep 17 00:00:00 2001 From: Andrei Zhaleznichenka Date: Wed, 1 Mar 2023 19:03:51 +0100 Subject: [PATCH 35/53] chore: Add skip-codecov flag (#47) --- .github/workflows/build-lint-test.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 8af90ebe..8bb13f38 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -8,6 +8,11 @@ on: description: "Skip CodeQL checks" required: false default: false + skip-codecov: + type: boolean + description: "Skip code coverage step" + required: false + default: false artifact-path: type: string description: "An optional file, directory or wildcard pattern that describes what to upload" @@ -46,6 +51,7 @@ jobs: path: ${{ inputs.artifact-path }} name: ${{ inputs.artifact-name }} - name: Codecov + if: ${{ inputs.skip-codecov == false }} uses: codecov/codecov-action@v3 with: fail_ci_if_error: true From 8c9da6349f0d5304f058614973ee58d02b3cd79d Mon Sep 17 00:00:00 2001 From: Timo <2446349+timogasda@users.noreply.github.com> Date: Tue, 14 Mar 2023 09:19:05 +0100 Subject: [PATCH 36/53] chore: Use optional codecov upload token (#48) --- .github/workflows/build-lint-test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 8bb13f38..73d6608e 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -54,6 +54,7 @@ jobs: if: ${{ inputs.skip-codecov == false }} uses: codecov/codecov-action@v3 with: + token: ${{ secrets.CODECOV_TOKEN }} fail_ci_if_error: true codeql: From 81e7aaf3ad976e48dca747c3d5eef799ade7e596 Mon Sep 17 00:00:00 2001 From: Boris Serdiuk Date: Tue, 28 Mar 2023 10:39:51 +0200 Subject: [PATCH 37/53] add board components to the dry-run workflow (#49) --- .github/actions/build-package/action.yml | 11 ++++++++++- .github/workflows/dry-run.yml | 21 +++++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml index 9d4868db..e3576174 100644 --- a/.github/actions/build-package/action.yml +++ b/.github/actions/build-package/action.yml @@ -61,7 +61,7 @@ runs: run: npm test working-directory: ${{ inputs.package }} - name: Pack artifacts - if: ${{ inputs.package != 'components' && inputs.package != 'test-utils' && inputs.package != 'theming-core' && inputs.package != 'demos' }} + if: ${{ inputs.package != 'components' && inputs.package != 'test-utils' && inputs.package != 'theming-core' && inputs.package != 'board-components' && inputs.package != 'demos' }} shell: bash working-directory: ${{ inputs.package }} run: | @@ -100,6 +100,15 @@ runs: mv *-theming-build-*.tgz theming-build.tgz mv *-theming-runtime-*.tgz theming-runtime.tgz + - name: Package board components files + if: ${{ inputs.package == 'board-components' }} + shell: bash + working-directory: ${{ inputs.package }} + run: | + cd lib/components + npm pack + cp *-${{ inputs.package }}-*.tgz $GITHUB_WORKSPACE/${{ inputs.package }}.tgz + - name: Package component files if: ${{ inputs.package == 'components' }} shell: bash diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index b151a84d..ad20b7e1 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -103,6 +103,26 @@ jobs: skip_tests: true download_dependencies: true + buildBoardComponents: + name: Build board components + runs-on: ubuntu-latest + needs: + - buildGlobalStyles + - buildBrowserTestTools + - buildDocumenter + - buildTestUtils + - buildComponentToolkit + - buildComponents + steps: + - name: Download component artifacts + uses: actions/download-artifact@v2 + with: + name: components-package + - uses: cloudscape-design/.github/.github/actions/build-package@main + with: + package: board-components + download_dependencies: true + unitTest: name: Components unit tests runs-on: ubuntu-latest @@ -165,6 +185,7 @@ jobs: runs-on: ubuntu-latest needs: - buildComponents + - buildBoardComponents - buildBrowserTestTools - buildCollectionHooks - buildTestUtils From 49db6ef32100b565578efdf322cd3d95755270cd Mon Sep 17 00:00:00 2001 From: Boris Serdiuk Date: Fri, 31 Mar 2023 13:29:31 +0200 Subject: [PATCH 38/53] chore: Stop using next tags overrides for builds (#37) --- .github/actions/build-package/action.yml | 1 - .../patch-local-dependencies/action.yml | 4 ---- .../actions/patch-local-dependencies/next.mjs | 3 --- .github/workflows/release.yml | 24 +++++++------------ 4 files changed, 8 insertions(+), 24 deletions(-) delete mode 100644 .github/actions/patch-local-dependencies/next.mjs diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml index e3576174..9fd84796 100644 --- a/.github/actions/build-package/action.yml +++ b/.github/actions/build-package/action.yml @@ -44,7 +44,6 @@ runs: - uses: cloudscape-design/.github/.github/actions/patch-local-dependencies@main with: path: ${{ github.workspace }}/${{ inputs.package }} - type: local - name: npm install shell: bash diff --git a/.github/actions/patch-local-dependencies/action.yml b/.github/actions/patch-local-dependencies/action.yml index 5cfbde71..3cd433be 100644 --- a/.github/actions/patch-local-dependencies/action.yml +++ b/.github/actions/patch-local-dependencies/action.yml @@ -16,8 +16,4 @@ runs: with: node-version: 16 - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/local.mjs - if: ${{ inputs.type == 'local' }} - shell: bash - - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/next.mjs - if: ${{ inputs.type == 'next' }} shell: bash diff --git a/.github/actions/patch-local-dependencies/next.mjs b/.github/actions/patch-local-dependencies/next.mjs deleted file mode 100644 index 8f7e67a8..00000000 --- a/.github/actions/patch-local-dependencies/next.mjs +++ /dev/null @@ -1,3 +0,0 @@ -import { updatePackageJsons } from './utils.mjs'; - -updatePackageJsons(() => 'next'); diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4bbb1dca..a0fc2950 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,6 +29,14 @@ jobs: uses: actions/setup-node@v3 with: node-version: 16 + + - run: npm install --force + + - run: npm run build + + - run: npm run test + if: ${{ inputs.skip-test == false }} + - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 with: @@ -41,22 +49,6 @@ jobs: echo Logging into repository $CODE_ARTIFACT_REPO aws codeartifact login --tool npm --repository $CODE_ARTIFACT_REPO --domain awsui --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --region us-west-2 --namespace @cloudscape-design - - name: Make sure to use pre-release versions of our dependencies - uses: cloudscape-design/.github/.github/actions/patch-local-dependencies@main - with: - path: ${{ github.workspace }} - type: next - - - run: npm install --force - - - name: Restore locally modified files - run: git restore . - - - run: npm run build - - - run: npm run test - if: ${{ inputs.skip-test == false }} - - name: Release package to private CodeArtifact uses: cloudscape-design/.github/.github/actions/release-package@main with: From 65a24f017c51c9d77f34444212fa1cbfaa30d9ad Mon Sep 17 00:00:00 2001 From: Timo <2446349+timogasda@users.noreply.github.com> Date: Wed, 5 Apr 2023 15:44:18 +0200 Subject: [PATCH 39/53] chore: Upgrade download/upload artifact actions (#51) --- .github/actions/build-package/action.yml | 4 ++-- .github/workflows/dry-run.yml | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml index 9fd84796..d6ff9a64 100644 --- a/.github/actions/build-package/action.yml +++ b/.github/actions/build-package/action.yml @@ -34,7 +34,7 @@ runs: - name: Download artifacts if: ${{ inputs.download_dependencies == 'true' }} - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 with: name: dependencies @@ -118,7 +118,7 @@ runs: tar -czf ../design-tokens.tgz --directory=lib/design-tokens . - name: Upload artifacts - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: ${{ inputs.target_artifact }} path: ${{ inputs.artifact_path || format('{0}*.tgz', inputs.package) }} diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index ad20b7e1..1bec6ca7 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -115,7 +115,7 @@ jobs: - buildComponents steps: - name: Download component artifacts - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 with: name: components-package - uses: cloudscape-design/.github/.github/actions/build-package@main @@ -134,7 +134,7 @@ jobs: with: node-version: 16 - name: Download component artifacts - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 with: name: components-package - name: Unpack components artifacts @@ -153,7 +153,7 @@ jobs: with: node-version: 16 - name: Download component artifacts - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 with: name: components-package - name: Unpack components artifacts @@ -172,7 +172,7 @@ jobs: with: node-version: 16 - name: Download component artifacts - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 with: name: components-package - name: Unpack components artifacts @@ -193,7 +193,7 @@ jobs: - buildThemingCore steps: - name: Download component artifacts - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 with: name: components-package - name: Build From 168263dc97522720d7903ffd753fb742031cc8f3 Mon Sep 17 00:00:00 2001 From: Michael Dowse Date: Wed, 21 Jun 2023 09:28:12 +0000 Subject: [PATCH 40/53] chore: Update configure-aws-credential --- .github/workflows/deploy.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 38566ef7..3b5783ef 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -27,7 +27,7 @@ jobs: url: https://d21d5uik3ws71m.cloudfront.net/${{ github.event.repository.name }}/${{ github.event.pull_request.head.sha }}/index.html steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v2 with: role-to-assume: ${{ secrets.AWS_PREVIEW_ROLE_ARN }} aws-region: us-west-2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a0fc2950..ab725444 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -38,7 +38,7 @@ jobs: if: ${{ inputs.skip-test == false }} - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v2 with: role-to-assume: ${{ secrets.AWS_CODEARTIFACT_ROLE }} aws-region: us-west-2 From 6cd666a95648760315978b3ca9770cdcfd092f31 Mon Sep 17 00:00:00 2001 From: Boris Serdiuk Date: Tue, 1 Aug 2023 14:34:13 +0200 Subject: [PATCH 41/53] Run codecov step regardless the build status (#54) --- .github/workflows/build-lint-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index 73d6608e..f27e0b4f 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -51,7 +51,7 @@ jobs: path: ${{ inputs.artifact-path }} name: ${{ inputs.artifact-name }} - name: Codecov - if: ${{ inputs.skip-codecov == false }} + if: ${{ inputs.skip-codecov == false && always() }} uses: codecov/codecov-action@v3 with: token: ${{ secrets.CODECOV_TOKEN }} From d818775d86237c900ae3c663df55b91bf5a4fb37 Mon Sep 17 00:00:00 2001 From: Connor Lanigan Date: Thu, 17 Aug 2023 16:28:51 +0200 Subject: [PATCH 42/53] chore: Lint only after building (#56) --- .github/workflows/build-lint-test.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index f27e0b4f..ab8629b6 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -5,21 +5,21 @@ on: inputs: skip-codeql: type: boolean - description: "Skip CodeQL checks" + description: 'Skip CodeQL checks' required: false default: false skip-codecov: type: boolean - description: "Skip code coverage step" + description: 'Skip code coverage step' required: false default: false artifact-path: type: string - description: "An optional file, directory or wildcard pattern that describes what to upload" + description: 'An optional file, directory or wildcard pattern that describes what to upload' artifact-name: type: string - description: "An optional artifact name" - default: "artifact" + description: 'An optional artifact name' + default: 'artifact' permissions: actions: read @@ -38,8 +38,8 @@ jobs: - name: Unlock dependencies uses: cloudscape-design/.github/.github/actions/unlock-dependencies@main - run: npm i --force - - run: npm run lint - run: npm run build + - run: npm run lint - run: npm run test if: ${{ github.repository != 'cloudscape-design/components' }} - run: npm run test:unit From 13749820c705f1952ecbbd1a2ae56cafe0a739f0 Mon Sep 17 00:00:00 2001 From: Amr Ahmed Taher Mohamed <99883674+taheramr@users.noreply.github.com> Date: Mon, 11 Sep 2023 12:32:17 +0200 Subject: [PATCH 43/53] feat: Add jest shards in a11y tests (#57) --- .github/workflows/dry-run.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 1bec6ca7..85de4d01 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -164,6 +164,9 @@ jobs: a11yTest: name: Components accessibility tests runs-on: ubuntu-latest + strategy: + matrix: + shard: [1, 2, 3, 4, 5, 6] needs: - buildComponents steps: @@ -178,7 +181,7 @@ jobs: - name: Unpack components artifacts run: tar -xzf components-full.tgz - name: Accessibility tests - run: npm run test:a11y + run: npm run test:a11y -- --shard=${{ matrix.shard }}/${{ strategy.job-total }} demosTest: name: Demos tests From a25a152181d9e7cdf04f627fe4f956b3d4314d2a Mon Sep 17 00:00:00 2001 From: Amr Ahmed Taher Mohamed <99883674+taheramr@users.noreply.github.com> Date: Mon, 11 Sep 2023 12:48:59 +0200 Subject: [PATCH 44/53] upgrade nodejs to version 18 (#58) --- .github/actions/build-package/action.yml | 4 ++-- .../actions/patch-local-dependencies/action.yml | 4 ++-- .github/actions/release-package/action.yml | 4 ++-- .github/actions/unlock-dependencies/action.yml | 4 ++-- .github/workflows/build-lint-test.yml | 14 +++++++------- .github/workflows/dry-run.yml | 12 ++++++------ .github/workflows/release.yml | 4 ++-- 7 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml index d6ff9a64..2700e40d 100644 --- a/.github/actions/build-package/action.yml +++ b/.github/actions/build-package/action.yml @@ -27,10 +27,10 @@ runs: with: repository: cloudscape-design/${{ inputs.package }} path: ${{ inputs.package }} - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Download artifacts if: ${{ inputs.download_dependencies == 'true' }} diff --git a/.github/actions/patch-local-dependencies/action.yml b/.github/actions/patch-local-dependencies/action.yml index 3cd433be..7d230742 100644 --- a/.github/actions/patch-local-dependencies/action.yml +++ b/.github/actions/patch-local-dependencies/action.yml @@ -11,9 +11,9 @@ inputs: runs: using: "composite" steps: - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/local.mjs shell: bash diff --git a/.github/actions/release-package/action.yml b/.github/actions/release-package/action.yml index 6955f3c2..7b83adc3 100644 --- a/.github/actions/release-package/action.yml +++ b/.github/actions/release-package/action.yml @@ -9,10 +9,10 @@ inputs: runs: using: "composite" steps: - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Define new version suffix id: vars diff --git a/.github/actions/unlock-dependencies/action.yml b/.github/actions/unlock-dependencies/action.yml index d501ec2e..f5a9c431 100644 --- a/.github/actions/unlock-dependencies/action.yml +++ b/.github/actions/unlock-dependencies/action.yml @@ -4,9 +4,9 @@ description: "Removes all @cloudscape-design dependencies from package-lock file runs: using: "composite" steps: - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - run: node ${{ github.action_path }}/index.js shell: bash diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index ab8629b6..dfd8b0e8 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -5,21 +5,21 @@ on: inputs: skip-codeql: type: boolean - description: 'Skip CodeQL checks' + description: "Skip CodeQL checks" required: false default: false skip-codecov: type: boolean - description: 'Skip code coverage step' + description: "Skip code coverage step" required: false default: false artifact-path: type: string - description: 'An optional file, directory or wildcard pattern that describes what to upload' + description: "An optional file, directory or wildcard pattern that describes what to upload" artifact-name: type: string - description: 'An optional artifact name' - default: 'artifact' + description: "An optional artifact name" + default: "artifact" permissions: actions: read @@ -31,10 +31,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Unlock dependencies uses: cloudscape-design/.github/.github/actions/unlock-dependencies@main - run: npm i --force diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 85de4d01..84e3e215 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -129,10 +129,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Download component artifacts uses: actions/download-artifact@v3 with: @@ -148,10 +148,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Download component artifacts uses: actions/download-artifact@v3 with: @@ -170,10 +170,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Download component artifacts uses: actions/download-artifact@v3 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ab725444..7e491477 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,10 +25,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Use Node.js 16 + - name: Use Node.js 18 uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - run: npm install --force From 819c36bc7c3fe612783a388bf386e17388559b57 Mon Sep 17 00:00:00 2001 From: Amr Ahmed Taher Mohamed <99883674+taheramr@users.noreply.github.com> Date: Mon, 11 Sep 2023 18:56:35 +0200 Subject: [PATCH 45/53] Revert "upgrade nodejs to version 18 (#58)" (#59) This reverts commit a25a152181d9e7cdf04f627fe4f956b3d4314d2a. --- .github/actions/build-package/action.yml | 4 ++-- .../actions/patch-local-dependencies/action.yml | 4 ++-- .github/actions/release-package/action.yml | 4 ++-- .github/actions/unlock-dependencies/action.yml | 4 ++-- .github/workflows/build-lint-test.yml | 14 +++++++------- .github/workflows/dry-run.yml | 12 ++++++------ .github/workflows/release.yml | 4 ++-- 7 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml index 2700e40d..d6ff9a64 100644 --- a/.github/actions/build-package/action.yml +++ b/.github/actions/build-package/action.yml @@ -27,10 +27,10 @@ runs: with: repository: cloudscape-design/${{ inputs.package }} path: ${{ inputs.package }} - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - name: Download artifacts if: ${{ inputs.download_dependencies == 'true' }} diff --git a/.github/actions/patch-local-dependencies/action.yml b/.github/actions/patch-local-dependencies/action.yml index 7d230742..3cd433be 100644 --- a/.github/actions/patch-local-dependencies/action.yml +++ b/.github/actions/patch-local-dependencies/action.yml @@ -11,9 +11,9 @@ inputs: runs: using: "composite" steps: - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/local.mjs shell: bash diff --git a/.github/actions/release-package/action.yml b/.github/actions/release-package/action.yml index 7b83adc3..6955f3c2 100644 --- a/.github/actions/release-package/action.yml +++ b/.github/actions/release-package/action.yml @@ -9,10 +9,10 @@ inputs: runs: using: "composite" steps: - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - name: Define new version suffix id: vars diff --git a/.github/actions/unlock-dependencies/action.yml b/.github/actions/unlock-dependencies/action.yml index f5a9c431..d501ec2e 100644 --- a/.github/actions/unlock-dependencies/action.yml +++ b/.github/actions/unlock-dependencies/action.yml @@ -4,9 +4,9 @@ description: "Removes all @cloudscape-design dependencies from package-lock file runs: using: "composite" steps: - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - run: node ${{ github.action_path }}/index.js shell: bash diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index dfd8b0e8..ab8629b6 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -5,21 +5,21 @@ on: inputs: skip-codeql: type: boolean - description: "Skip CodeQL checks" + description: 'Skip CodeQL checks' required: false default: false skip-codecov: type: boolean - description: "Skip code coverage step" + description: 'Skip code coverage step' required: false default: false artifact-path: type: string - description: "An optional file, directory or wildcard pattern that describes what to upload" + description: 'An optional file, directory or wildcard pattern that describes what to upload' artifact-name: type: string - description: "An optional artifact name" - default: "artifact" + description: 'An optional artifact name' + default: 'artifact' permissions: actions: read @@ -31,10 +31,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - name: Unlock dependencies uses: cloudscape-design/.github/.github/actions/unlock-dependencies@main - run: npm i --force diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 84e3e215..85de4d01 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -129,10 +129,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - name: Download component artifacts uses: actions/download-artifact@v3 with: @@ -148,10 +148,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - name: Download component artifacts uses: actions/download-artifact@v3 with: @@ -170,10 +170,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - name: Download component artifacts uses: actions/download-artifact@v3 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7e491477..ab725444 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,10 +25,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Use Node.js 18 + - name: Use Node.js 16 uses: actions/setup-node@v3 with: - node-version: 18 + node-version: 16 - run: npm install --force From db2cdbd332aaa875b82059cff4ed9ec5a8c1aaed Mon Sep 17 00:00:00 2001 From: Timo <2446349+timogasda@users.noreply.github.com> Date: Thu, 14 Sep 2023 14:25:17 +0200 Subject: [PATCH 46/53] chore: Add parent task for a11y test shards (#61) --- .github/workflows/dry-run.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 85de4d01..62a2eea1 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -164,6 +164,14 @@ jobs: a11yTest: name: Components accessibility tests runs-on: ubuntu-latest + needs: + - a11yTestShards + steps: + - run: echo "Completed all accessibility tests" + + a11yTestShards: + name: Components accessibility tests shard + runs-on: ubuntu-latest strategy: matrix: shard: [1, 2, 3, 4, 5, 6] From 767314c0b013f20b8763493d9cce1f0b22a1c699 Mon Sep 17 00:00:00 2001 From: Timo <2446349+timogasda@users.noreply.github.com> Date: Wed, 18 Oct 2023 08:51:20 +0200 Subject: [PATCH 47/53] chore: Use NodeJS 18 for all actions and workflows (#63) --- .github/actions/build-package/action.yml | 4 ++-- .github/actions/patch-local-dependencies/action.yml | 4 ++-- .github/actions/release-package/action.yml | 4 ++-- .github/actions/unlock-dependencies/action.yml | 4 ++-- .github/workflows/build-lint-test.yml | 4 ++-- .github/workflows/dry-run.yml | 12 ++++++------ .github/workflows/release.yml | 4 ++-- 7 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml index d6ff9a64..cd597248 100644 --- a/.github/actions/build-package/action.yml +++ b/.github/actions/build-package/action.yml @@ -27,10 +27,10 @@ runs: with: repository: cloudscape-design/${{ inputs.package }} path: ${{ inputs.package }} - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Download artifacts if: ${{ inputs.download_dependencies == 'true' }} diff --git a/.github/actions/patch-local-dependencies/action.yml b/.github/actions/patch-local-dependencies/action.yml index 3cd433be..bccad7a7 100644 --- a/.github/actions/patch-local-dependencies/action.yml +++ b/.github/actions/patch-local-dependencies/action.yml @@ -11,9 +11,9 @@ inputs: runs: using: "composite" steps: - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/local.mjs shell: bash diff --git a/.github/actions/release-package/action.yml b/.github/actions/release-package/action.yml index 6955f3c2..817e70cf 100644 --- a/.github/actions/release-package/action.yml +++ b/.github/actions/release-package/action.yml @@ -9,10 +9,10 @@ inputs: runs: using: "composite" steps: - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Define new version suffix id: vars diff --git a/.github/actions/unlock-dependencies/action.yml b/.github/actions/unlock-dependencies/action.yml index d501ec2e..991963ad 100644 --- a/.github/actions/unlock-dependencies/action.yml +++ b/.github/actions/unlock-dependencies/action.yml @@ -4,9 +4,9 @@ description: "Removes all @cloudscape-design dependencies from package-lock file runs: using: "composite" steps: - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - run: node ${{ github.action_path }}/index.js shell: bash diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml index ab8629b6..6ce89407 100644 --- a/.github/workflows/build-lint-test.yml +++ b/.github/workflows/build-lint-test.yml @@ -31,10 +31,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Unlock dependencies uses: cloudscape-design/.github/.github/actions/unlock-dependencies@main - run: npm i --force diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 62a2eea1..13e48e42 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -129,10 +129,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Download component artifacts uses: actions/download-artifact@v3 with: @@ -148,10 +148,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Download component artifacts uses: actions/download-artifact@v3 with: @@ -178,10 +178,10 @@ jobs: needs: - buildComponents steps: - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Download component artifacts uses: actions/download-artifact@v3 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ab725444..34431b50 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,10 +25,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Use Node.js 16 + - name: Setup Node.js uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - run: npm install --force From 79f002adff3f327866605c47ca1b88ca6012b0c4 Mon Sep 17 00:00:00 2001 From: Timo <2446349+timogasda@users.noreply.github.com> Date: Fri, 20 Oct 2023 11:37:02 +0200 Subject: [PATCH 48/53] chore: Remove shared workflows and actions (#64) --- .github/actions/build-package/action.yml | 124 ---------- .github/actions/download-artifact/action.yml | 24 -- .../patch-local-dependencies/action.yml | 19 -- .../patch-local-dependencies/local.mjs | 5 - .../patch-local-dependencies/utils.mjs | 106 --------- .github/actions/release-package/action.yml | 28 --- .github/actions/release-package/index.mjs | 73 ------ .../actions/unlock-dependencies/action.yml | 12 - .github/actions/unlock-dependencies/index.js | 29 --- .github/actions/upload-artifact/action.yml | 24 -- .github/workflows/build-lint-test.yml | 70 ------ .github/workflows/deploy.yml | 43 ---- .github/workflows/dry-run.yml | 214 ------------------ .github/workflows/lint-pr.yml | 26 --- .github/workflows/release-gh-notes.yml | 48 ---- .github/workflows/release.yml | 55 ----- 16 files changed, 900 deletions(-) delete mode 100644 .github/actions/build-package/action.yml delete mode 100644 .github/actions/download-artifact/action.yml delete mode 100644 .github/actions/patch-local-dependencies/action.yml delete mode 100644 .github/actions/patch-local-dependencies/local.mjs delete mode 100644 .github/actions/patch-local-dependencies/utils.mjs delete mode 100644 .github/actions/release-package/action.yml delete mode 100644 .github/actions/release-package/index.mjs delete mode 100644 .github/actions/unlock-dependencies/action.yml delete mode 100644 .github/actions/unlock-dependencies/index.js delete mode 100644 .github/actions/upload-artifact/action.yml delete mode 100644 .github/workflows/build-lint-test.yml delete mode 100644 .github/workflows/deploy.yml delete mode 100644 .github/workflows/dry-run.yml delete mode 100644 .github/workflows/lint-pr.yml delete mode 100644 .github/workflows/release-gh-notes.yml delete mode 100644 .github/workflows/release.yml diff --git a/.github/actions/build-package/action.yml b/.github/actions/build-package/action.yml deleted file mode 100644 index cd597248..00000000 --- a/.github/actions/build-package/action.yml +++ /dev/null @@ -1,124 +0,0 @@ -name: "Build dependency package locally" -description: "Checks out a dependency package locally and updates all references to it" -inputs: - package: - description: "Name of the package" - required: true - download_dependencies: - description: "Whether to download dependencies" - default: "false" - skip_build: - description: "Whether to skip the build" - default: "false" - skip_tests: - description: "Whether to skip the tests" - default: "false" - target_artifact: - description: "Name of the artifact that will be uploaded" - default: "dependencies" - artifact_path: - description: "Path or pattern for the artifact files that should be uploaded" - -runs: - using: "composite" - steps: - - name: Clone - uses: actions/checkout@v3 - with: - repository: cloudscape-design/${{ inputs.package }} - path: ${{ inputs.package }} - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - - name: Download artifacts - if: ${{ inputs.download_dependencies == 'true' }} - uses: actions/download-artifact@v3 - with: - name: dependencies - - - run: cd ${{ inputs.package }} - shell: bash - - - uses: cloudscape-design/.github/.github/actions/patch-local-dependencies@main - with: - path: ${{ github.workspace }}/${{ inputs.package }} - - - name: npm install - shell: bash - run: npm i --force - working-directory: ${{ inputs.package }} - - name: Build - if: ${{ inputs.skip_build != 'true' }} - shell: bash - run: npm run build - working-directory: ${{ inputs.package }} - - name: Test - if: ${{ inputs.skip_tests != 'true' }} - shell: bash - run: npm test - working-directory: ${{ inputs.package }} - - name: Pack artifacts - if: ${{ inputs.package != 'components' && inputs.package != 'test-utils' && inputs.package != 'theming-core' && inputs.package != 'board-components' && inputs.package != 'demos' }} - shell: bash - working-directory: ${{ inputs.package }} - run: | - npm pack - cp *-${{ inputs.package }}-*.tgz $GITHUB_WORKSPACE/${{ inputs.package }}.tgz - - - name: Pack test-utils artifacts - if: ${{ inputs.package == 'test-utils' }} - shell: bash - working-directory: ${{ inputs.package }} - run: | - cd packages/core - npm pack - cp *-test-utils-core-*.tgz $GITHUB_WORKSPACE - cd ../converter - npm pack - echo $GITHUB_WORKSPACE - cp *-test-utils-converter-*.tgz $GITHUB_WORKSPACE - cd $GITHUB_WORKSPACE - mv *-test-utils-converter-*.tgz test-utils-converter.tgz - mv *-test-utils-core-*.tgz test-utils-core.tgz - - - name: Pack theming-core artifacts - if: ${{ inputs.package == 'theming-core' }} - shell: bash - working-directory: ${{ inputs.package }} - run: | - cd lib/browser - npm pack - cp *-theming-runtime-*.tgz $GITHUB_WORKSPACE - cd ../node - npm pack - echo $GITHUB_WORKSPACE - cp *-theming-build-*.tgz $GITHUB_WORKSPACE - cd $GITHUB_WORKSPACE - mv *-theming-build-*.tgz theming-build.tgz - mv *-theming-runtime-*.tgz theming-runtime.tgz - - - name: Package board components files - if: ${{ inputs.package == 'board-components' }} - shell: bash - working-directory: ${{ inputs.package }} - run: | - cd lib/components - npm pack - cp *-${{ inputs.package }}-*.tgz $GITHUB_WORKSPACE/${{ inputs.package }}.tgz - - - name: Package component files - if: ${{ inputs.package == 'components' }} - shell: bash - working-directory: ${{ inputs.package }} - run: | - tar -czf ../components-full.tgz . - tar -czf ../components.tgz --directory=lib/components . - tar -czf ../design-tokens.tgz --directory=lib/design-tokens . - - - name: Upload artifacts - uses: actions/upload-artifact@v3 - with: - name: ${{ inputs.target_artifact }} - path: ${{ inputs.artifact_path || format('{0}*.tgz', inputs.package) }} diff --git a/.github/actions/download-artifact/action.yml b/.github/actions/download-artifact/action.yml deleted file mode 100644 index 40a4038a..00000000 --- a/.github/actions/download-artifact/action.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: "Download artifact" -description: "Downloads and extracts an artifact from GitHub artifacts" -inputs: - path: - type: string - description: "A directory path for the extracted artifact" - required: true - name: - type: string - description: "Artifact name" - required: true - -runs: - using: "composite" - steps: - - uses: actions/download-artifact@v3 - with: - name: ${{ inputs.name }} - path: ${{ inputs.path }} - - name: Deploy - run: | - cd ${{ inputs.path }} - tar -xf *.tar.gz - shell: bash diff --git a/.github/actions/patch-local-dependencies/action.yml b/.github/actions/patch-local-dependencies/action.yml deleted file mode 100644 index bccad7a7..00000000 --- a/.github/actions/patch-local-dependencies/action.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: "Patch package.json with local dependencies" -description: "Modifies the current package.json to point to local repositories instead" -inputs: - path: - description: "Root directory of the package that should be updated" - required: true - type: - description: 'How the dependencies should change. Possible values: "local" (to consume local tarballs), and "next" (to consume from pre-release CodeArtifact)' - default: "local" - required: false -runs: - using: "composite" - steps: - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - run: INPUT_PATH=${{ inputs.path }} INPUT_TYPE=${{ inputs.type }} node ${{ github.action_path }}/local.mjs - shell: bash diff --git a/.github/actions/patch-local-dependencies/local.mjs b/.github/actions/patch-local-dependencies/local.mjs deleted file mode 100644 index 23026a81..00000000 --- a/.github/actions/patch-local-dependencies/local.mjs +++ /dev/null @@ -1,5 +0,0 @@ -import { updatePackageJsons } from './utils.mjs'; - -updatePackageJsons( - (packageName) => `file:${process.env.GITHUB_WORKSPACE}/${packageName.replace('@cloudscape-design/', '')}.tgz` -); diff --git a/.github/actions/patch-local-dependencies/utils.mjs b/.github/actions/patch-local-dependencies/utils.mjs deleted file mode 100644 index 7d6a0723..00000000 --- a/.github/actions/patch-local-dependencies/utils.mjs +++ /dev/null @@ -1,106 +0,0 @@ -import path from 'path'; -import fs from 'fs'; - -const inputs = { - path: process.env.INPUT_PATH, -}; - -function findPackageFiles(directory) { - const files = []; - - if (!fs.existsSync(directory)) { - return []; - } - - ['package.json', 'package-lock.json'].forEach(fileName => { - const packageJson = path.join(directory, fileName); - if (fs.existsSync(packageJson)) { - files.push(packageJson); - } - }); - - return files; -} - -function findAllPackageJsons() { - const files = []; - - if (!inputs.path || !fs.existsSync(inputs.path)) { - console.error(`Invalid input path: ${inputs.path}`); - process.exit(1); - } - - const mainPackageJsons = findPackageFiles(inputs.path); - if (mainPackageJsons.length) { - files.push(...mainPackageJsons); - } - - const subPackagesPath = path.join(inputs.path, 'packages'); - if (fs.existsSync(subPackagesPath)) { - fs.readdirSync(subPackagesPath).forEach(fileName => { - const filePath = path.join(subPackagesPath, fileName); - if (fs.statSync(filePath).isDirectory()) { - const packageJsons = findPackageFiles(filePath); - if (packageJsons) { - files.push(...packageJsons); - } - } - }); - } - - return files; -} - -function updateDependencyVersions(dependencies, newVersion, sourcePackageName) { - if (!dependencies) { - return; - } - - const updatedDependencies = {}; - - Object.keys(dependencies) - .filter(packageName => packageName.startsWith('@cloudscape-design/')) - .forEach(packageName => { - const isPackageLock = typeof dependencies[packageName] !== 'string'; - const previousVersion = isPackageLock ? dependencies[packageName].version : dependencies[packageName]; - - // Skip local file dependencies - if (previousVersion.startsWith('file:')) { - return; - } - - // Don't touch this local lerna dependency in test-utils-converter - if (sourcePackageName === '@cloudscape-design/test-utils-converter' && packageName === '@cloudscape-design/test-utils-core') { - return; - } - - const nextVersion = typeof newVersion === 'function' ? newVersion(packageName) : newVersion; - - if (isPackageLock) { - updatedDependencies[packageName] = { ...dependencies[packageName], version: nextVersion }; - - // Remove some additional keys for package-lock.json files - delete updatedDependencies[packageName].resolved; - delete updatedDependencies[packageName].integrity; - } else { - updatedDependencies[packageName] = nextVersion; - } - }); - - return { ...dependencies, ...updatedDependencies }; -} - -export function updatePackageJsons(newVersion) { - const packageJsons = findAllPackageJsons(); - packageJsons.forEach(filePath => { - const packageJson = JSON.parse(fs.readFileSync(filePath)); - const packageName = packageJson.name; - - ['dependencies', 'devDependencies'].forEach(dependencyKey => { - const newDeps = updateDependencyVersions(packageJson[dependencyKey], newVersion, packageName); - packageJson[dependencyKey] = newDeps; - }); - - fs.writeFileSync(filePath, JSON.stringify(packageJson, null, 2)); - }); -} diff --git a/.github/actions/release-package/action.yml b/.github/actions/release-package/action.yml deleted file mode 100644 index 817e70cf..00000000 --- a/.github/actions/release-package/action.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: "Publish package to internal CodeArtifact" -description: "Publishes the current package to an internal CodeArtifact on a pre-release tag" -inputs: - publish-packages: - # Arrays are not supported: https://github.com/community/community/discussions/11692 - description: "Comma-separated list of sub-folders to publish" - required: false - -runs: - using: "composite" - steps: - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - - name: Define new version suffix - id: vars - run: echo "::set-output name=version_suffix::-next-build.$(git rev-parse --short HEAD)" - shell: bash - - - run: node ${{ github.action_path }}/index.mjs - shell: bash - env: - INPUT_PATH: ${{ github.workspace }} - INPUT_SUFFIX: ${{ steps.vars.outputs.version_suffix }} - PUBLISH_PACKAGES: ${{ inputs.publish-packages }} - COMMIT_SHA: ${{ github.sha }} diff --git a/.github/actions/release-package/index.mjs b/.github/actions/release-package/index.mjs deleted file mode 100644 index 55fc0758..00000000 --- a/.github/actions/release-package/index.mjs +++ /dev/null @@ -1,73 +0,0 @@ -import path from 'path'; -import { execSync } from 'child_process'; -import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'fs'; - -const inputs = { - path: process.env.INPUT_PATH, - suffix: process.env.INPUT_SUFFIX, - publishPackages: process.env.PUBLISH_PACKAGES - ? process.env.PUBLISH_PACKAGES.split(',').map((pkg) => pkg.trim()) - : null, - commitSha: process.env.COMMIT_SHA, -}; - -console.log('Inputs:'); -console.log(JSON.stringify(inputs, null, 2)); - -const internalFolderName = 'internal' - -// The main branch should publish to next, and dev forks to next-dev -const branchName = process.env.GITHUB_REF_TYPE === 'branch' ? process.env.GITHUB_REF_NAME : ''; -const publishTag = branchName.startsWith('dev-v3-') ? branchName : 'next'; - -function releasePackage(packagePath) { - const packageJsonPath = path.join(packagePath, 'package.json'); - - // Update version in the package.json file - const packageJson = JSON.parse(readFileSync(packageJsonPath)); - packageJson.version += inputs.suffix; - - // Add internal folder to files in package.json - if(packageJson.files) { - packageJson.files.push(internalFolderName) - } - - writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2)); - - // Publish to CodeArtifact - console.info(`Publishing package ${packageJson.name} version ${packageJson.version} to dist-tag ${publishTag}`); - - execSync(`npm publish --tag ${publishTag}`, { stdio: 'inherit', cwd: packagePath }); -} - -function addManifest(data, packagePath) { - mkdirSync(path.join(packagePath, internalFolderName), { recursive: true }) - writeFileSync( - path.join(packagePath, internalFolderName, 'manifest.json'), - JSON.stringify(data, null, 2) - ); -} - -function main() { - const basePath = inputs.path; - - if (!basePath && !existsSync(basePath)) { - console.error(`Invalid path: ${basePath}`); - process.exit(1); - } - - if (!inputs.suffix) { - console.error('No version suffix provided.'); - process.exit(1); - } - - const packagesToPublish = inputs.publishPackages ?? ['.']; - - for (const pkg of packagesToPublish) { - const packagePath = path.join(basePath, pkg); - addManifest({ commit: inputs.commitSha }, packagePath); - releasePackage(packagePath); - } -} - -main(); diff --git a/.github/actions/unlock-dependencies/action.yml b/.github/actions/unlock-dependencies/action.yml deleted file mode 100644 index 991963ad..00000000 --- a/.github/actions/unlock-dependencies/action.yml +++ /dev/null @@ -1,12 +0,0 @@ -name: "Unlock Cloudscape dependencies in package-lock" -description: "Removes all @cloudscape-design dependencies from package-lock file" - -runs: - using: "composite" - steps: - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - run: node ${{ github.action_path }}/index.js - shell: bash diff --git a/.github/actions/unlock-dependencies/index.js b/.github/actions/unlock-dependencies/index.js deleted file mode 100644 index 372dc52c..00000000 --- a/.github/actions/unlock-dependencies/index.js +++ /dev/null @@ -1,29 +0,0 @@ -#!/usr/bin/env node -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -const fs = require("fs"); -const path = require("path"); - -/** - * Remove specific @cloudscape-design/* packages where we should always use the latest minor release. - */ -const filename = path.resolve(process.env.GITHUB_WORKSPACE, "package-lock.json"); -const packageLock = JSON.parse(fs.readFileSync(filename)); - -function removeDependencies(dependencyName, packages) { - if (dependencyName.includes("@cloudscape-design/")) { - delete packages[dependencyName]; - } -} - -Object.keys(packageLock.packages).forEach((dependencyName) => { - removeDependencies(dependencyName, packageLock.packages); -}); - -Object.keys(packageLock.dependencies).forEach((dependencyName) => { - removeDependencies(dependencyName, packageLock.dependencies); -}); - -fs.writeFileSync(filename, JSON.stringify(packageLock, null, 2) + "\n"); -console.log("Removed @cloudscape-design/ dependencies from package-lock file"); diff --git a/.github/actions/upload-artifact/action.yml b/.github/actions/upload-artifact/action.yml deleted file mode 100644 index 266ddbea..00000000 --- a/.github/actions/upload-artifact/action.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: "Upload artifact to GitHub Artifacts" -description: "Compress and uploaded a given folder as an artifact to GitHub Artifacts" -inputs: - path: - type: string - description: "A file, directory or wildcard pattern that describes what to upload" - required: true - name: - type: string - description: "Artifact name" - required: true - -runs: - using: "composite" - steps: - - name: Create artifact - run: | - tar -zcvf ${{ inputs.name }}.tar.gz ${{ inputs.path }} - shell: bash - - name: Upload artifact - uses: actions/upload-artifact@v3 - with: - name: ${{ inputs.name }} - path: ${{ inputs.name }}.tar.gz diff --git a/.github/workflows/build-lint-test.yml b/.github/workflows/build-lint-test.yml deleted file mode 100644 index 6ce89407..00000000 --- a/.github/workflows/build-lint-test.yml +++ /dev/null @@ -1,70 +0,0 @@ -name: Build, lint and test - -on: - workflow_call: - inputs: - skip-codeql: - type: boolean - description: 'Skip CodeQL checks' - required: false - default: false - skip-codecov: - type: boolean - description: 'Skip code coverage step' - required: false - default: false - artifact-path: - type: string - description: 'An optional file, directory or wildcard pattern that describes what to upload' - artifact-name: - type: string - description: 'An optional artifact name' - default: 'artifact' - -permissions: - actions: read - contents: read - security-events: write - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - name: Unlock dependencies - uses: cloudscape-design/.github/.github/actions/unlock-dependencies@main - - run: npm i --force - - run: npm run build - - run: npm run lint - - run: npm run test - if: ${{ github.repository != 'cloudscape-design/components' }} - - run: npm run test:unit - if: ${{ github.repository == 'cloudscape-design/components' }} - - name: Upload Artifacts - if: ${{ inputs.artifact-path != '' }} - uses: cloudscape-design/.github/.github/actions/upload-artifact@main - with: - path: ${{ inputs.artifact-path }} - name: ${{ inputs.artifact-name }} - - name: Codecov - if: ${{ inputs.skip-codecov == false && always() }} - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - fail_ci_if_error: true - - codeql: - if: ${{ inputs.skip-codeql == false }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: javascript - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index 3b5783ef..00000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: Deploy - -on: - workflow_call: - inputs: - artifact-name: - type: string - description: "Name of artifact to deploy" - required: true - deployment-path: - type: string - description: "Directory of assets to upload" - default: "." - -permissions: - id-token: write - contents: read - deployments: write - -jobs: - deploy: - if: github.event_name == 'pull_request' - runs-on: ubuntu-latest - continue-on-error: true - environment: - name: preview - url: https://d21d5uik3ws71m.cloudfront.net/${{ github.event.repository.name }}/${{ github.event.pull_request.head.sha }}/index.html - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - role-to-assume: ${{ secrets.AWS_PREVIEW_ROLE_ARN }} - aws-region: us-west-2 - - name: Download artifact - uses: cloudscape-design/.github/.github/actions/download-artifact@main - with: - name: ${{ inputs.artifact-name }} - path: build - - name: Deploy - id: deploy - run: | - aws s3 cp ${{ inputs.deployment-path }} s3://${{ secrets.AWS_PREVIEW_BUCKET_NAME }}/${{ github.event.repository.name }}/${{ github.event.pull_request.head.sha }} --recursive - working-directory: build diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml deleted file mode 100644 index 13e48e42..00000000 --- a/.github/workflows/dry-run.yml +++ /dev/null @@ -1,214 +0,0 @@ -# This workflow executes a full dry-run test, which means that all we build and test all @cloudscape-design packages in GitHub. -# This ensures that the changes in the current package do not cause any regressions for its consumers. -name: dry-run - -on: - pull_request: - branches: - - main - workflow_call: - -permissions: - contents: read - -defaults: - run: - shell: bash - -jobs: - buildJestPreset: - name: Build jest-preset - runs-on: ubuntu-latest - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: jest-preset - skip_build: "true" - buildGlobalStyles: - name: Build global-styles - runs-on: ubuntu-latest - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: global-styles - buildCollectionHooks: - name: Build collection-hooks - runs-on: ubuntu-latest - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: collection-hooks - buildBrowserTestTools: - name: Build browser-test-tools - runs-on: ubuntu-latest - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: browser-test-tools - buildDocumenter: - name: Build documenter - runs-on: ubuntu-latest - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: documenter - buildTestUtils: - name: Build test-utils - runs-on: ubuntu-latest - needs: buildDocumenter - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: test-utils - download_dependencies: "true" - buildThemingCore: - name: Build theming-core - runs-on: ubuntu-latest - needs: - - buildBrowserTestTools - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: theming-core - artifact_path: theming-*.tgz - download_dependencies: true - buildComponentToolkit: - name: Build component-toolkit - runs-on: ubuntu-latest - needs: - - buildBrowserTestTools - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: component-toolkit - download_dependencies: true - buildComponents: - name: Build components - runs-on: ubuntu-latest - needs: - - buildJestPreset - - buildGlobalStyles - - buildCollectionHooks - - buildBrowserTestTools - - buildDocumenter - - buildTestUtils - - buildThemingCore - - buildComponentToolkit - steps: - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: components - target_artifact: components-package - artifact_path: ./*.tgz - skip_tests: true - download_dependencies: true - - buildBoardComponents: - name: Build board components - runs-on: ubuntu-latest - needs: - - buildGlobalStyles - - buildBrowserTestTools - - buildDocumenter - - buildTestUtils - - buildComponentToolkit - - buildComponents - steps: - - name: Download component artifacts - uses: actions/download-artifact@v3 - with: - name: components-package - - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: board-components - download_dependencies: true - - unitTest: - name: Components unit tests - runs-on: ubuntu-latest - needs: - - buildComponents - steps: - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - name: Download component artifacts - uses: actions/download-artifact@v3 - with: - name: components-package - - name: Unpack components artifacts - run: tar -xzf components-full.tgz - - name: Unit tests - run: npm run test:unit - - integTest: - name: Components integration tests - runs-on: ubuntu-latest - needs: - - buildComponents - steps: - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - name: Download component artifacts - uses: actions/download-artifact@v3 - with: - name: components-package - - name: Unpack components artifacts - run: tar -xzf components-full.tgz - - name: Integration tests - run: npm run test:integ - - a11yTest: - name: Components accessibility tests - runs-on: ubuntu-latest - needs: - - a11yTestShards - steps: - - run: echo "Completed all accessibility tests" - - a11yTestShards: - name: Components accessibility tests shard - runs-on: ubuntu-latest - strategy: - matrix: - shard: [1, 2, 3, 4, 5, 6] - needs: - - buildComponents - steps: - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - name: Download component artifacts - uses: actions/download-artifact@v3 - with: - name: components-package - - name: Unpack components artifacts - run: tar -xzf components-full.tgz - - name: Accessibility tests - run: npm run test:a11y -- --shard=${{ matrix.shard }}/${{ strategy.job-total }} - - demosTest: - name: Demos tests - runs-on: ubuntu-latest - needs: - - buildComponents - - buildBoardComponents - - buildBrowserTestTools - - buildCollectionHooks - - buildTestUtils - - buildGlobalStyles - - buildThemingCore - steps: - - name: Download component artifacts - uses: actions/download-artifact@v3 - with: - name: components-package - - name: Build - uses: cloudscape-design/.github/.github/actions/build-package@main - with: - package: demos - download_dependencies: true diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml deleted file mode 100644 index 001f042b..00000000 --- a/.github/workflows/lint-pr.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: Lint PR - -on: - workflow_call: - -permissions: {} - -jobs: - main: - name: Validate PR title - runs-on: ubuntu-latest - steps: - - uses: actions/github-script@v6 - with: - script: | - const title = context.payload.pull_request.title; - - const allowedTypes = ["chore", "feat", "fix", "refactor", "test", "revert"]; - - const matchesType = allowedTypes.some( type => title.startsWith(type + ":") ); - - if(!matchesType) { - console.log(`This PR's title does not follow the convention "type: subject". Allowed types are:`, allowedTypes.join(", ")) - console.log(`This PR's title is:`, title) - process.exitCode = 1; - } diff --git a/.github/workflows/release-gh-notes.yml b/.github/workflows/release-gh-notes.yml deleted file mode 100644 index 85525f39..00000000 --- a/.github/workflows/release-gh-notes.yml +++ /dev/null @@ -1,48 +0,0 @@ -name: release-gh-notes - -on: - workflow_call: - inputs: - version: - required: true - description: "Specify the version for this release" - type: string - npm_package: - required: true - description: "npm package of the release" - type: string - -jobs: - release: - runs-on: ubuntu-latest - - steps: - - name: install npm package - run: npm install ${{ github.event.inputs.npm_package }}@${{ github.event.inputs.version }} - shell: bash - - name: Get manifest file - id: manifest - run: echo ::set-output name=manifest::$(cat node_modules/${{ github.event.inputs.npm_package }}/internal/manifest.json) - shell: bash - - name: Checkout - uses: actions/checkout@v3 - with: - ref: ${{ fromJson(steps.manifest.outputs.manifest).commit }} - fetch-depth: 0 - - name: Replace version in package.json - run: | - package_json="$(jq '.version = "${{ github.event.inputs.version }}"' package.json)" && \ - echo -E "${package_json}" > package.json - - name: Generate changelog - run: npx conventional-changelog-cli@2 -i CHANGELOG.md -s -p conventionalcommits - - name: Get number of lines in CHANGELOG.md - id: changelog - run: echo ::set-output name=changelog_lines::$(wc -l < "CHANGELOG.md") - shell: bash - - name: Add empty release note - run: echo "No customer visible changes in this release" >> CHANGELOG.md - if: ${{ steps.changelog.outputs.changelog_lines <= 2 }} - - name: Create Release - run: gh release create ${{ github.event.inputs.version }} -F CHANGELOG.md --target ${{ fromJson(steps.manifest.outputs.manifest).commit }} --title "Release ${{ github.event.inputs.version }}" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 34431b50..00000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,55 +0,0 @@ -# This workflow releases the current package to a dedicated private CodeArtifact repository. -# One repository may publish more than one package. For more details refer to the release-package Action. -name: release - -on: - workflow_call: - inputs: - publish-packages: - description: "Comma-separated list of sub-folders to publish" - type: string - required: false - skip-test: - type: boolean - description: "Skip tests" - required: false - default: false - -permissions: - id-token: write - contents: read - -jobs: - release: - concurrency: release-${{ github.ref }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: 18 - - - run: npm install --force - - - run: npm run build - - - run: npm run test - if: ${{ inputs.skip-test == false }} - - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - role-to-assume: ${{ secrets.AWS_CODEARTIFACT_ROLE }} - aws-region: us-west-2 - - name: Login and configure codeartifact - env: - CODE_ARTIFACT_REPO: ${{ startsWith(github.ref_name, 'dev-v3-') && format('AwsUI-Artifacts-{0}', github.ref_name) || 'github-artifacts' }} - run: | - echo Logging into repository $CODE_ARTIFACT_REPO - aws codeartifact login --tool npm --repository $CODE_ARTIFACT_REPO --domain awsui --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --region us-west-2 --namespace @cloudscape-design - - - name: Release package to private CodeArtifact - uses: cloudscape-design/.github/.github/actions/release-package@main - with: - publish-packages: ${{ inputs.publish-packages }} From 1f9aa36082750b6d59a0a05a73ae19418a927c0b Mon Sep 17 00:00:00 2001 From: jedigal <119687809+jedigal@users.noreply.github.com> Date: Tue, 21 Feb 2023 14:26:56 -0500 Subject: [PATCH 49/53] Update SECURITY.md Updating security.md file with new version based on feedback from stakeholders during security.txt/md project. --- SECURITY.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 9d3b4f23..7b7c45ba 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,5 +1,3 @@ -## Reporting a Vulnerability +## Reporting Security Issues -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security -via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. -Please do **not** create a public GitHub issue. +We take all security reports seriously. When we receive such reports, we will investigate and subsequently address any potential vulnerabilities as quickly as possible. If you discover a potential security issue in this project, please notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to [AWS Security](mailto:aws-security@amazon.com). Please do *not* create a public GitHub issue in this project. From 3186a483807d49a6726e28777f25c09efaf3e0ee Mon Sep 17 00:00:00 2001 From: jedigal <119687809+jedigal@users.noreply.github.com> Date: Fri, 24 Feb 2023 16:07:32 -0500 Subject: [PATCH 50/53] Update SECURITY.md --- SECURITY.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 7b7c45ba..75a3b51e 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,3 +1,11 @@ ## Reporting Security Issues -We take all security reports seriously. When we receive such reports, we will investigate and subsequently address any potential vulnerabilities as quickly as possible. If you discover a potential security issue in this project, please notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to [AWS Security](mailto:aws-security@amazon.com). Please do *not* create a public GitHub issue in this project. +We take all security reports seriously. +When we receive such reports, +we will investigate and subsequently address +any potential vulnerabilities as quickly as possible. +If you discover a potential security issue in this project, +please notify AWS/Amazon Security via our +[vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) +or directly via email to [AWS Security](mailto:aws-security@amazon.com). +Please do *not* create a public GitHub issue in this project. From 5eec77068613dfaf2eaf8cd6e079781be0dcce68 Mon Sep 17 00:00:00 2001 From: Neil Zhao Date: Wed, 10 May 2023 10:12:09 -0400 Subject: [PATCH 51/53] feat: ceder launch --- GOVERNANCE.md | 33 +++++++++++++++++++++ MAINTAINERS.md | 25 ++++++++++++++++ README.md | 69 ++++++++++++++++++++++++++++++++++++++++++++ RESPONSIBILITIES.md | 30 +++++++++++++++++++ cedar_1_green.png | Bin 0 -> 8564 bytes 5 files changed, 157 insertions(+) create mode 100644 GOVERNANCE.md create mode 100644 MAINTAINERS.md create mode 100644 README.md create mode 100644 RESPONSIBILITIES.md create mode 100644 cedar_1_green.png diff --git a/GOVERNANCE.md b/GOVERNANCE.md new file mode 100644 index 00000000..337262d1 --- /dev/null +++ b/GOVERNANCE.md @@ -0,0 +1,33 @@ +# GOVERNANCE.md + +This open source project is managed by a Steering Committee composed of the maintainers of this project. Maintainers are defined as individuals with full commit access to the project repositories. + +## Steering Committee + +The Steering Committee will be responsible for oversight of all technical, project, approval, and policy matters for the project. This notably includes brand and trademark management. + +The Steering Committee members are listed in the MAINTAINERS.md file in the repository. New maintainers (and accordingly, Steering Committee members) may be added or removed by no less than 3/4 affirmative vote of the Steering Committee. The Steering Committee will appoint a Chair responsible for organizing Steering Committee activity. If the Steering Committee Chair is removed from the Committee (or the Chair steps down from that role), it is the responsibility of the Steering Committee to appoint a new Chair. + + +The Steering Committee may, at its discretion, add or remove members who are not maintainers. + +## Voting + +The Steering Committee will strive for all decisions to be made by consensus. While explicit agreement of the entire Steering Committee is preferred, it is not required for consensus. Rather, the Steering Committee will determine consensus based on their good faith consideration of a number of factors, including the dominant view of the Steering Committee and nature of support and objections. The Steering Committee will document evidence of consensus in accordance with these requirements. If consensus cannot be reached, the Steering Committee will make the decision by a vote. + +The Steering Committee Chair will call a vote with reasonable notice to the Steering Committee, setting out a discussion period and a separate voting period. Any discussion may be conducted in person or electronically by text, voice, or video. The discussion will be open to the public, with the notable exception of discussions involving embargoed security issues or the addition or removal of maintainers, which will be private. In any vote, each voting representative will have one vote. Except as specifically noted elsewhere in this document, decisions by vote require a simple majority vote of all voting members. + + + +## Termination of Membership + +A maintainer’s access (and accordingly, their position on the Steering Committee) will be removed if any of the following occur: + +* Resignation: Written notice of resignation to the Steering Committee +* Steering Committee Vote: 3/4 affirmative vote of the Steering Committee to remove a member +* Unreachable Member: If a member is unresponsive for more than six months, the remaining active members of the Steering Committee may vote to remove the member + +## License of this document + +This document is a modified work of the GitHub Minimal Viable Governance model, located here: https://github.com/github/MVG/ +This document may be used, modified, and/or distributed under the terms of the [Creative Commons Attribution 4.0 International (CC-BY) license](https://creativecommons.org/licenses/by/4.0/legalcode). diff --git a/MAINTAINERS.md b/MAINTAINERS.md new file mode 100644 index 00000000..0dffb094 --- /dev/null +++ b/MAINTAINERS.md @@ -0,0 +1,25 @@ +# MAINTAINERS.md + +## Overview + +This document contains a list of maintainers in this repo. See [RESPONSIBILITIES.md](https://github.com/opensearch-project/.github/blob/main/RESPONSIBILITIES.md#maintainer-responsibilities) that explains what the role of maintainer means, what maintainers do in this and other repos, and how they should be doing it. If you're interested in contributing, and becoming a maintainer, see CONTRIBUTING.md. + +## Current Maintainers + +|Maintainer |GitHub ID |Affiliation | +|--- |--- |--- | +|Neha Rungta |neharungta |Amazon | +|Mark Stalzer |mstalzer |Amazon | +|Sarah Cecchetti |sarahcec |Amazon | +|Darin McAdams|D-McAdams |Amazon | +|Emina Torlak |emina |Amazon | +|Mike Hicks | mwhicks1|Amazon | +|Anwar Mamat |anwarmamat |Amazon | +|Andrew Wells |andrewmwells-amazon | Amazon| +|Shaobo He |shaobo-he-aws |Amazon | +|Aaron Eline |aaronjeline |Amazon | +|Craig Disselkoen |cdisselkoen |Amazon | +|John Kastner |john-h-kastner-aws |Amazon | +|Kesha Hietala |khieta |Amazon | +|Matt McCutchen |mattmccutchen-amazon |Amazon | +|Dave Bishop |bisdavid |Amazon | diff --git a/README.md b/README.md new file mode 100644 index 00000000..c0e47faa --- /dev/null +++ b/README.md @@ -0,0 +1,69 @@ +# README.md + +![Cedar Green Logo](cedar_1_green.png "Cedar Logo") + +## Welcome! + +**Cedar** is an open source policy language and evaluation engine. Cedar enables developers to express fine-grained permissions as easy-to-understand policies enforced in their applications, and decouple access control from application logic. Cedar supports common authorization models such as role-based access control and attribute-based access control. It is the first policy language built from the ground up to be verified formally by using automated reasoning, and tested rigorously using differential random testing. + + +## Project Resources + +* [Project Website](https://www.cedarpolicy.com/) +* [Documentation](https://docs.cedarpolicy.com/) +* Need help? Try [Slack]([https://cedar-policy.slack.com](https://cedar-policy.slack.com/)) + +## Repositories + +* cedar (https://github.com/cedar-policy/cedar) + +The cedar repository houses the Cedar SDK including the authorization engine, validator, policy formatter, and CLI. + +* cedar-docs (https://github.com/cedar-policy/cedar-docs) + +The cedar-docs repository houses documentation for all cedar projects. + +* cedar-examples (https://github.com/cedar-policy/cedar-examples) + +The cedar-examples repository houses example applications using the Cedar language and SDK + +* cedar-java (https://github.com/cedar-policy/cedar-java) + +The cedar-java repository houses the Java language bindings for Cedar. + +* cedar-spec (https://github.com/cedar-policy/cedar-spec) + +The cedar-spec repository houses the formal Dafny specification for the Cedar language as well as the differential testing/property-based testing framework. + +## Code of Conduct + +This project has adopted the [Amazon Open Source Code of Conduct](../CODE_OF_CONDUCT.md). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq), or contact [opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com) with any additional questions or comments. + + +## Security + +If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do **not** create a public GitHub issue. + + +## License + +This project is licensed under the [Apache v2.0 License](LICENSE.txt). + + +## Copyright + +Copyright OpenSearch Contributors. See [NOTICE](NOTICE.txt) for details. + + +## Trademark + +Cedar is a registered trademark of Amazon Web Services. If publishing software using Cedar, you are not required to attribute. However, if you’d like to, we encourage you to use the language below. + + +|Do: |Don't: | +|--- |--- | +|✅ Powered by Cedar |❌ Cedar 2.0 | +|✅ Created with Cedar |❌ Created by Cedar | +|✅ Using Cedar |❌ Software created by Cedar | + + diff --git a/RESPONSIBILITIES.md b/RESPONSIBILITIES.md new file mode 100644 index 00000000..4c89d264 --- /dev/null +++ b/RESPONSIBILITIES.md @@ -0,0 +1,30 @@ +# RESPONSIBILITIES.md + +## Overview + +This document explains who maintainers are, what they do, and how they should be doing it. If you're interested in contributing, see [CONTRIBUTING](https://github.com/opensearch-project/.github/blob/main/CONTRIBUTING.md). + +## Current Maintainers + +MAINTAINERS.md lists current maintainers. + +## Maintainer Responsibilities + +Maintainers are active and visible members of the community, and have [maintain-level permissions on a repository](https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization). Use those privileges to serve the community and evolve code as follows. + +* Uphold Code of Conduct +* Model the behavior set forward by the Code of Conduct and raise any violations to other maintainers and admins. +* Prioritize Security +* Security is your number one priority. Maintainer's Github keys must be password protected securely and any reported security vulnerabilities are addressed before features or bugs. Note that this repository is monitored and supported 24/7 by Amazon Security, see [Reporting a Vulnerability](https://github.com/opensearch-project/.github/blob/main/SECURITY.md) for details. +* Review pull requests regularly, comment, suggest, reject, merge and close. Accept only high quality pull-requests. +* Provide code reviews and guidance on incoming pull requests. Don't let PRs be stale and do your best to be helpful to contributors. +* Triage Open Issues +* Manage labels, review issues regularly, and triage by labelling them. +* Be Responsive +* Respond to enhancement requests, and forum posts. Allocate time to reviewing and commenting on issues and conversations as they come in. +* Maintain Overall Health of the Repo +* Keep the `main` branch at production quality at all times. Backport features as needed. Cut release branches and tags to enable future patches. +* Keep Dependencies up to Date +* Assist, add, and remove MAINTAINERS. +* Make sure the repo has a well-written, accurate, and complete description. + diff --git a/cedar_1_green.png b/cedar_1_green.png new file mode 100644 index 0000000000000000000000000000000000000000..379f3fa58156ce3c7fed1ea99080adc352bcb33f GIT binary patch literal 8564 zcmXY1c|6nqAD>hzxxYouqEO0`N{-D9z+%}Z^ocp%q z*qqC3G;Dq!`u(we-h01apV#a4e!gC>=lk{fJQituSC`|2;0X{2#G!Xv>plp?vJH%9 zj~xZR-D`(SfXngcw;%a{KuIT*ykJ?KGI}mNl0Ldla5c^}Ipx%7b=kA<(@|?ZH#6-|b5Q{gPN`GQDY_L` zmAUGR)4~TYCWI{$<1a!)&4S&E*ir_%Y7G>Wqx*!)bgHQqgh> zwOh6PW<8F{AP~2rgut`)?GeJM#get1=Z<2dW)Tq3S^uz*uyZIdHyor!J;vZ>)558( zuz>DKP+6nT&<|nQKw43Fviy@d_9jsf_XUmm&T|sBXE#AFN!;7Gi~ok7xnb+4|H)?4 zvbKc(4YP)_xc)mBnv|4has8V$DNM)$U!)wd;{ts)Sk|!hKG16%Y5E5Dsf{1-C)2n1 zcyRMSe+n#kwr`6cSnIzIrJ}SCT+4O#B}v2ty&7c&y>@jYNg#t7o0-}%j67hAYT_Iw z@omZl!U^(+Kx$`W*n?xl3HA2rzhz7X6tn&V z5A}%?f)e`&^~qE2q{vV0N`4uVB)F|50LvRkplPv z{)dFy)%y{?X z^)m6|4XPHd{~#XUZ$ASx-8;yN%nNspLr};|2b;LUtwPm;b{q&@x5DEql_+94?2avy ziGO+EAm^`Iho1S&`9$X2=PFQi@dzl%DFA^4rEZff#RBtXk_XuUJ8vnXFmb{+ihqTq z>2MAdi2n8WBY;c62&(3e)V8DbQs^kF+RqoM(YkYN1I|6wFP3Vha-bhG*+3jK7pPhx z*Z0$?V-Rp~_8gFsmkjoSIRi{ePh^NIXv7SN$oXDz~TTRqdM*Y@l1Wf~&+kzAAlqAcV=UQ-*8_T!^~3HSxOp55P4 z%VrLD_DiAP9GDB`fdkes%2yAZFnH&jZq;0ggn*h{oPlUQjer1K72r4tL8%Jc z?Tg$r3IhTgKFS9NMYLxCAyYjNF<$|uceD@gJj)eKgu(hF=(m^7|K5ifP*FJVI^{Z- zlzZ2O8$i&X23J*CFEJ>naGmWwivduZ4Q1e-Dj=eY*i#oyrGP#7>DJ$?) z$mMi7P1lIBM;`}e-q#aFmSCkZMb7}SXl(g|ULz35KuT4oo?=>I=iY=V4Fne6VZ+I1 zK#yVYo@}y}ep0j?|9MG{$X$;ZbPP}%X9bPEMDssf5fY$l*xT<iEM`pkigOYf*PN|Jbh*_cQT@{1S}bjgr~}j|wOAhf?#a?18=QiR+tw89?w0QS#6H1Sd1>-VYKYt6QM{iR{dMJi>_xP0_M1x3&RTx@^0Vc-c{W$1l|^^{O7Kg zC`hnTpOl^j7!9wGp)B&D2U``*_g%XFwi2(*7)6|0v%8`*Osi@@yIz&;{4ZknWgCB8 zvklI1N=#}2CwjW7%3Ep2hXr)~b&@?bi<{1aA~c)VQfG2|JL>z-g3iKhbg57t`note z)%z(I$hkxsNMfmo1CBi!AxqU_a{uEb=)E^U>hc`0`UfZYw<5#N~(JH|jQ>2tEeN^m-kJqoD!}%4Bb7tgvJz*O6;Bow$o|1}XIjH(j!j~pX95A|#bN+*DZJ(fl=zGNpIRY{Uho8V6wZYNDZLJF*%@v1W$q!G_HAHt1mi42{Bl>{tx00OLs5);{ z>44%0K(c>|_OyZ1cmAU^Rcl&opU8ghQx6khR5fSEG-aMZ6xTG&ls8qt-i;}RuGth? zpPxggn_n9qcA-CFz`#qXxm@62Nzls|BDX$CQN%}#_IxlcIJ>6Z+u;QAQg{ZP$-d{y z;72pk|2FJXTSprZI20O7yMeLmIj;ll=SAbWf;ASFaC~ zYwd+ZM7sC3SkN}lF$l(+(nFx!L)Fy~K zTM7U#K$rRJxVK;xUy}`hn3jvtK0Ttq|6%r+8+&u$JyNcOw<`l@5CtF`Gzws>YBk3m zxT0-CO3~fhDCbAxjQ-D#5ENRLQX6F70;Q2}Y^q9a+A+&pm}USkUrI<@sd^=iN?Me# zy(L%6=xS~0z{of)G=-<`xd*ok`rLETs<+uP_dg6WF3|GyDYiLDTrI60VhPs9eU;hl zeaGb&jg>2h*|4ZdoDu2EcWm*v4f!k5UeDMWw}b1seMJ$sLnSu-f@{6}hkE0x{VZj- zveAAMpZrl39-%D|xft9;Ih{eZm&uoBc_}alwnca|-}KV3 zfsv_OZOf@!G%kq5xkv4yDh{>@{w>T091MM4Ob=VZd0k$N^%Xx+x8+!e>IomgZQ^xm zO{@L_)o1Y~0arjE7;-T3pbGVPyyp^Qt%h8^)@>fpm~@80S9x6Z<SOWylFA??8EHewkj#M9=icAR`048V_*nHTiA7 z0Gi0u=Xl*G^{wZu@#q-1E|n1f7r|NG+5!Eq+G@t0k3vwmv#v5md$rpT_z2nBQ-9<4 zC_JhzRXBj!C%>KI+7T6$Wr#sur^x@gbh5-p=Fd(&k`@OtrPu zY}F12ob0hx^{7GCNZp`~2O6ZIIEzPn#N{K;$m; z@&5r&S^|*0WwP&oL*;c1hY5B(MM767XPJNZ{%qIxBYI77>qX~+y0?6!5nn_*9x7fE zlHv1cqW=nEY9pBC)#}XP?EiY>aR!q<7y5`DiBL1g?u9ktJE4<*WA`#*QjXb^Z%{nE zCs#J*$;)7)JEz9EcaBM*k-w0Vc{`b@OI$-c+q*XJPb|J&D16Io72J){_Y9GRQuksy zP2KE!e6N~{<$G+cbWDuB+8V;wvKt1UUni~h@%Wh8){&h_Bed$I>Sg7LW7&J?5atz; z!;Bt|*Ciygza?SWx<6I|gHM`v2#|iYf?>u=8-n`m34^``VLY1Mke1+B%Os zprS|NJoi=@y39U#v8{k!)BJV}QjX#gu$CyS?-(zpeOet-;VHWuZ>3B3U+TlYWroFy zt0uhd>zkJm+%6AYt9;?k^dAy>&Q?~I2i7vvTpLpS!hC}K=HZziwv`JdBA4rfAKZyU zE@&^%oSJ$Q{hYDHjzXwe$YO@f1hQt6A|O=v^Zbr#Cb)ljt=VGl6F66?JG##PJfy|} zI=rjF(Wjsxs8;Py7?~XX#BFU5X2|rj0*^cSj&# z1o6H`!AYyeOv{C*!Niuzh+erT!}wJ@@+x48y~?DaTO)w)Pfip1lzn$65vH0ikQ7VV z5eiR=7PUa1-)#SElqd`@&Bqs1tK`V(;C|Wdecn0*&iEj>b6aY|$#zZYu@jnmV2ua2SeCsnL*AsKC zTF!@soba%lv0dbwZ}zf7JSL?#V75d9TL+(b-$fhF9a+EZykZYAVx}lJcUi?%A={C| z@M-_iH-x*xbIb5L1hd8K;?D&iSWrl3&qMj-djW(E6?99T9Ai}M&#l-~Fe&4eP%Tl2 zx}DhiyMU$WVwaf1NMGN1$65L6lH6@fy>W+}n}Seq-Y0bwPvuv>-i<}!<<^i8la*FZ z?5yIZ7VfZ(z1T)sg;I(qeu%Qrbvb+crcb_2qSr}FE}t{l1V4+Zc*LH37jEm9IZlXh zlHi;oO^wYT<)iZkMg~tx1QMeM1CtmbEgz~?z`th?eQ8~OaNJ>$NLaEp&nz1i9P{UM znrRH8_Yd1bIG6Z_*;_;24YdlGnUHZETp}T^f57 zz=2~EGne5db&H12gY0JA3-QYKfQPzIzl@Gtpv2j7c&Mkei)14M8l^rowxODKGSW{Z zVnyE0KWALi$*7BM7|aUbi~t_;@NJ_b(v;xok#i9(r?Whj?N?oKNP9EP%Iek2;mgT# z z$Gark$;T~>wpw8mt`BF*Dt~?zF0ox(pZvxXprx{`Yo}){8xTeI#|OdXaN|B%9UcbF-3Wyfyu;a@2aF; z$NTmko|_91z4?sF3o1^V9!-H<5aU7#7G0`RoY;T#sq26Bqed2NIsIX1xq|QUQOn!v zNW?|nTIb67=}eHc&7;bHei)J zS7_2bUOul-)|tKb3GR2A)_orjQ5K)(oT+l~q#4rkhgL@{&$>KZY8!VmnM?2VbXx09 zIr_q|a#B{%m3ilf``ObQO4qj7HIOj<*Q+(Xrqf+zm^J!sE_l~%=>kA^XASX_gurbv zA%3_5_*oA%QFgOu#EPSGWffaY&GlRB>#zw1U2gO0nG1U zz!&*GtG{mqD$JpgZl*VjM=g23-2(C@?_uXmjWu0TF2I-1%W&5x+^PRJf0!uEF%|Kq zl9QkDnJslMNsoKV{7dav)bQ* zv~4lpXziDrps$u3{tCBY%VJZ(7gNCJ-(#eX9Fk}PB#hU-f4zAn9Dcsufma}lE$Em} zT6g!0`YSKFysp5NPj=26RU@%*ncj6O@+hzhtm9-3D)>!EQZgP3Cx_kZxWSWsUiOEuVDY#?YuB z1h}(q%^^^C*9S#NKHDV+1Lc-kFDDKJn;D;|TyaOZ5qG}V7zA+DI~CJ{4PWbk!)y5h zC0egj>famtThmcIkeB_B;xCg@m%tVShdjnCz2FY9DJCjqEz=3BL43dS)(X~ZTM(X# zlXtynC}MZoI8td7vosdZm;EqP$d%r+`RPKv755_QeRMxFfWJA2E=BpUoTXLeYcdp*$w76v>OcU^%O zdD?71cKSq7y|Ui}+!Mln%2eNdfGm_6}gdk@PUePzoIk$ooQ8S@;U2^H=%PakFhwimm#GR(@H0ce#FNRg%FQgl zR|d_cQn9_{uc5j-50S^xWO=cb$ez@@5HQ+mj>Tr{_3+JRbxl3%3l{FFw4CjIT($hu8q&UH{ z1;L{4zL40R&evIKSq3PUEJlzEV{dZ`i`aPsK#!IAI1XQq@SN}tNUNolR)&}<+&tY> zw0~&K(vzjrJyxE29}5%x)1Yk=ey^1}70^t;^c6*o)Z;KgOP;xRhCdD^D5$E+pe*X3 zo`)e=GwP9bPoKfSak%eBKjFg}MJXr{-jTf}IPLM%3E!UJ_tV~HC({mRvF+aW`_IqP zcJBVHjI!?hYi2$BN})-?1Vh7^9q=o77N}SZ5WW|4IBpR}@0|Lk^0}{-!fS=!A9~t5 zsY|960jwqFm@A=vnnsdco_;+P;XjjoqD5H1;2*Ki%W;#V&%k>lYrl6SLL`|OVGpQT zqZM9Lz%^d@$Kz|Fzg~$VgVcX~8RqcMyw4feR(yO8Qyu?>=v`SraVn6S(4dr196y2BKP~gXb*Yx_1?Qjha8FFEVDE_&z$Y)!=Ju7@jrc zD_kTGA!CgPWOy0gRg9>eFb-@RMo)(pChC`T+!$lcKD4V`pw_UjgzjC%!p||@`B5xd zxloGQ@IeV%ykvs6@W>LZbr@jg+#tKfJ(VE;O2isk_`IpKQ=D}6tF76UQ5yHxZ<3xD(}&a*mFI;l9#>Ryu8>?DR7&cItE#Cw?w@E zp%OL4<#cIQSnwlN$>2X3r5N#_qTK=D07_nJ#y^3 zfYsOKlx*W{IxcI1TOBZEx(h@?ziTnIv!)NG{==*Efya%WqHLi4?s-lK{!r`v-E^MV zL%4-|vDn=kKArC~TP5JC$voS7Z5EoqyXZQ1+-I=vGS`a!{dxPxT~XW3z{_yjB(ryc zc)j`%*5QFN!{Eq12_%4qnG0ORLYuKB(>J z(*!JaD_h7{Y*On4kWYVEY|J2Xy zonGLKis%rR7OC%W^7RkN$Ll<9esYR=B(~k|e;GKP(>iC??vLLIM1uY0|HOxhmglQ# z1>|J8iAR$rx;wJhjKYJgIal-}){&mEGyB96#18&xM$FcqH zHPh(3Gtfr2UeakEt5v$kJudGze8=i#478hIq%djy3(C(6K@X&+y0~ z#Yqjlc*YIV}vx2I?_+9 z7t7o)*Q4I3mV}$f2zQgMv|3Gkc+w+)6G^AINiUEU?5|1cJ4W|1n8>lG#Y{YJJp7%a zpc}KW5k*q@UNHE}it-26Inz?|9gvmv|Jm`v`J_Ujf_#iQ8LnwNS9)UHMKcNI@L-d2?M5n#89vJqr~P)LEv%XL&g1!Z)7`#FwvM99a_5U;yYYswBKUO3%L|e z48g+Q);dtWQ)lYp9MIDMJo-S09O=Z6Im+e!uk#)4T*OKn53VGMVZSXf`C(uL*`T$#LD))=AiS8%FRijRS8euHq zs#DzHV@0cc)r+3;_@lixwTaCasLsL);{9SdHO(Osh%B+PJVn7y4j=FY+vWsY%v^wQ zwJcP)Pv+8gkS?fi6a zGOTjKe*#w%q-2@)l(m<%o~|bIV{yP38u!wGTp@XG-wP?iFFoJT{OE6C+u1M;WJ`zc zCfy^b_R{_N=B9A(?CMh@-8}ReyIq{2z0{u?x$UJa|M)GJBT6jSUSsf9@_hISt;}PHkpFJXr|Hi4|x{z+AX(s0If@JpC^a-!hj#;#(SS4XxOBT5epO0W-r_QQM2xT+ZvXDRT zF<{Y*5@PFz#>xfC7l^Xs1ujACf-rXSN+4j5K))s7pRVw-|1}?*>Y-HgQ;@WGFxh4YLvvI zkJHDfpu+x9ysct)Kqx|P}Ov_48Xx>1On)Kc= Z7U~)vihe=@{v-j?)4r=!qVf3k{{T?LZ(aZZ literal 0 HcmV?d00001 From 16bc367abda25b4ab15e5a1f16d5935af2205403 Mon Sep 17 00:00:00 2001 From: Neil Zhao <95498458+neilzhao-aws@users.noreply.github.com> Date: Wed, 10 May 2023 10:13:12 -0400 Subject: [PATCH 52/53] Revert "feat: ceder launch" --- GOVERNANCE.md | 33 --------------------- MAINTAINERS.md | 25 ---------------- README.md | 69 -------------------------------------------- RESPONSIBILITIES.md | 30 ------------------- cedar_1_green.png | Bin 8564 -> 0 bytes 5 files changed, 157 deletions(-) delete mode 100644 GOVERNANCE.md delete mode 100644 MAINTAINERS.md delete mode 100644 README.md delete mode 100644 RESPONSIBILITIES.md delete mode 100644 cedar_1_green.png diff --git a/GOVERNANCE.md b/GOVERNANCE.md deleted file mode 100644 index 337262d1..00000000 --- a/GOVERNANCE.md +++ /dev/null @@ -1,33 +0,0 @@ -# GOVERNANCE.md - -This open source project is managed by a Steering Committee composed of the maintainers of this project. Maintainers are defined as individuals with full commit access to the project repositories. - -## Steering Committee - -The Steering Committee will be responsible for oversight of all technical, project, approval, and policy matters for the project. This notably includes brand and trademark management. - -The Steering Committee members are listed in the MAINTAINERS.md file in the repository. New maintainers (and accordingly, Steering Committee members) may be added or removed by no less than 3/4 affirmative vote of the Steering Committee. The Steering Committee will appoint a Chair responsible for organizing Steering Committee activity. If the Steering Committee Chair is removed from the Committee (or the Chair steps down from that role), it is the responsibility of the Steering Committee to appoint a new Chair. - - -The Steering Committee may, at its discretion, add or remove members who are not maintainers. - -## Voting - -The Steering Committee will strive for all decisions to be made by consensus. While explicit agreement of the entire Steering Committee is preferred, it is not required for consensus. Rather, the Steering Committee will determine consensus based on their good faith consideration of a number of factors, including the dominant view of the Steering Committee and nature of support and objections. The Steering Committee will document evidence of consensus in accordance with these requirements. If consensus cannot be reached, the Steering Committee will make the decision by a vote. - -The Steering Committee Chair will call a vote with reasonable notice to the Steering Committee, setting out a discussion period and a separate voting period. Any discussion may be conducted in person or electronically by text, voice, or video. The discussion will be open to the public, with the notable exception of discussions involving embargoed security issues or the addition or removal of maintainers, which will be private. In any vote, each voting representative will have one vote. Except as specifically noted elsewhere in this document, decisions by vote require a simple majority vote of all voting members. - - - -## Termination of Membership - -A maintainer’s access (and accordingly, their position on the Steering Committee) will be removed if any of the following occur: - -* Resignation: Written notice of resignation to the Steering Committee -* Steering Committee Vote: 3/4 affirmative vote of the Steering Committee to remove a member -* Unreachable Member: If a member is unresponsive for more than six months, the remaining active members of the Steering Committee may vote to remove the member - -## License of this document - -This document is a modified work of the GitHub Minimal Viable Governance model, located here: https://github.com/github/MVG/ -This document may be used, modified, and/or distributed under the terms of the [Creative Commons Attribution 4.0 International (CC-BY) license](https://creativecommons.org/licenses/by/4.0/legalcode). diff --git a/MAINTAINERS.md b/MAINTAINERS.md deleted file mode 100644 index 0dffb094..00000000 --- a/MAINTAINERS.md +++ /dev/null @@ -1,25 +0,0 @@ -# MAINTAINERS.md - -## Overview - -This document contains a list of maintainers in this repo. See [RESPONSIBILITIES.md](https://github.com/opensearch-project/.github/blob/main/RESPONSIBILITIES.md#maintainer-responsibilities) that explains what the role of maintainer means, what maintainers do in this and other repos, and how they should be doing it. If you're interested in contributing, and becoming a maintainer, see CONTRIBUTING.md. - -## Current Maintainers - -|Maintainer |GitHub ID |Affiliation | -|--- |--- |--- | -|Neha Rungta |neharungta |Amazon | -|Mark Stalzer |mstalzer |Amazon | -|Sarah Cecchetti |sarahcec |Amazon | -|Darin McAdams|D-McAdams |Amazon | -|Emina Torlak |emina |Amazon | -|Mike Hicks | mwhicks1|Amazon | -|Anwar Mamat |anwarmamat |Amazon | -|Andrew Wells |andrewmwells-amazon | Amazon| -|Shaobo He |shaobo-he-aws |Amazon | -|Aaron Eline |aaronjeline |Amazon | -|Craig Disselkoen |cdisselkoen |Amazon | -|John Kastner |john-h-kastner-aws |Amazon | -|Kesha Hietala |khieta |Amazon | -|Matt McCutchen |mattmccutchen-amazon |Amazon | -|Dave Bishop |bisdavid |Amazon | diff --git a/README.md b/README.md deleted file mode 100644 index c0e47faa..00000000 --- a/README.md +++ /dev/null @@ -1,69 +0,0 @@ -# README.md - -![Cedar Green Logo](cedar_1_green.png "Cedar Logo") - -## Welcome! - -**Cedar** is an open source policy language and evaluation engine. Cedar enables developers to express fine-grained permissions as easy-to-understand policies enforced in their applications, and decouple access control from application logic. Cedar supports common authorization models such as role-based access control and attribute-based access control. It is the first policy language built from the ground up to be verified formally by using automated reasoning, and tested rigorously using differential random testing. - - -## Project Resources - -* [Project Website](https://www.cedarpolicy.com/) -* [Documentation](https://docs.cedarpolicy.com/) -* Need help? Try [Slack]([https://cedar-policy.slack.com](https://cedar-policy.slack.com/)) - -## Repositories - -* cedar (https://github.com/cedar-policy/cedar) - -The cedar repository houses the Cedar SDK including the authorization engine, validator, policy formatter, and CLI. - -* cedar-docs (https://github.com/cedar-policy/cedar-docs) - -The cedar-docs repository houses documentation for all cedar projects. - -* cedar-examples (https://github.com/cedar-policy/cedar-examples) - -The cedar-examples repository houses example applications using the Cedar language and SDK - -* cedar-java (https://github.com/cedar-policy/cedar-java) - -The cedar-java repository houses the Java language bindings for Cedar. - -* cedar-spec (https://github.com/cedar-policy/cedar-spec) - -The cedar-spec repository houses the formal Dafny specification for the Cedar language as well as the differential testing/property-based testing framework. - -## Code of Conduct - -This project has adopted the [Amazon Open Source Code of Conduct](../CODE_OF_CONDUCT.md). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq), or contact [opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com) with any additional questions or comments. - - -## Security - -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do **not** create a public GitHub issue. - - -## License - -This project is licensed under the [Apache v2.0 License](LICENSE.txt). - - -## Copyright - -Copyright OpenSearch Contributors. See [NOTICE](NOTICE.txt) for details. - - -## Trademark - -Cedar is a registered trademark of Amazon Web Services. If publishing software using Cedar, you are not required to attribute. However, if you’d like to, we encourage you to use the language below. - - -|Do: |Don't: | -|--- |--- | -|✅ Powered by Cedar |❌ Cedar 2.0 | -|✅ Created with Cedar |❌ Created by Cedar | -|✅ Using Cedar |❌ Software created by Cedar | - - diff --git a/RESPONSIBILITIES.md b/RESPONSIBILITIES.md deleted file mode 100644 index 4c89d264..00000000 --- a/RESPONSIBILITIES.md +++ /dev/null @@ -1,30 +0,0 @@ -# RESPONSIBILITIES.md - -## Overview - -This document explains who maintainers are, what they do, and how they should be doing it. If you're interested in contributing, see [CONTRIBUTING](https://github.com/opensearch-project/.github/blob/main/CONTRIBUTING.md). - -## Current Maintainers - -MAINTAINERS.md lists current maintainers. - -## Maintainer Responsibilities - -Maintainers are active and visible members of the community, and have [maintain-level permissions on a repository](https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization). Use those privileges to serve the community and evolve code as follows. - -* Uphold Code of Conduct -* Model the behavior set forward by the Code of Conduct and raise any violations to other maintainers and admins. -* Prioritize Security -* Security is your number one priority. Maintainer's Github keys must be password protected securely and any reported security vulnerabilities are addressed before features or bugs. Note that this repository is monitored and supported 24/7 by Amazon Security, see [Reporting a Vulnerability](https://github.com/opensearch-project/.github/blob/main/SECURITY.md) for details. -* Review pull requests regularly, comment, suggest, reject, merge and close. Accept only high quality pull-requests. -* Provide code reviews and guidance on incoming pull requests. Don't let PRs be stale and do your best to be helpful to contributors. -* Triage Open Issues -* Manage labels, review issues regularly, and triage by labelling them. -* Be Responsive -* Respond to enhancement requests, and forum posts. Allocate time to reviewing and commenting on issues and conversations as they come in. -* Maintain Overall Health of the Repo -* Keep the `main` branch at production quality at all times. Backport features as needed. Cut release branches and tags to enable future patches. -* Keep Dependencies up to Date -* Assist, add, and remove MAINTAINERS. -* Make sure the repo has a well-written, accurate, and complete description. - diff --git a/cedar_1_green.png b/cedar_1_green.png deleted file mode 100644 index 379f3fa58156ce3c7fed1ea99080adc352bcb33f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8564 zcmXY1c|6nqAD>hzxxYouqEO0`N{-D9z+%}Z^ocp%q z*qqC3G;Dq!`u(we-h01apV#a4e!gC>=lk{fJQituSC`|2;0X{2#G!Xv>plp?vJH%9 zj~xZR-D`(SfXngcw;%a{KuIT*ykJ?KGI}mNl0Ldla5c^}Ipx%7b=kA<(@|?ZH#6-|b5Q{gPN`GQDY_L` zmAUGR)4~TYCWI{$<1a!)&4S&E*ir_%Y7G>Wqx*!)bgHQqgh> zwOh6PW<8F{AP~2rgut`)?GeJM#get1=Z<2dW)Tq3S^uz*uyZIdHyor!J;vZ>)558( zuz>DKP+6nT&<|nQKw43Fviy@d_9jsf_XUmm&T|sBXE#AFN!;7Gi~ok7xnb+4|H)?4 zvbKc(4YP)_xc)mBnv|4has8V$DNM)$U!)wd;{ts)Sk|!hKG16%Y5E5Dsf{1-C)2n1 zcyRMSe+n#kwr`6cSnIzIrJ}SCT+4O#B}v2ty&7c&y>@jYNg#t7o0-}%j67hAYT_Iw z@omZl!U^(+Kx$`W*n?xl3HA2rzhz7X6tn&V z5A}%?f)e`&^~qE2q{vV0N`4uVB)F|50LvRkplPv z{)dFy)%y{?X z^)m6|4XPHd{~#XUZ$ASx-8;yN%nNspLr};|2b;LUtwPm;b{q&@x5DEql_+94?2avy ziGO+EAm^`Iho1S&`9$X2=PFQi@dzl%DFA^4rEZff#RBtXk_XuUJ8vnXFmb{+ihqTq z>2MAdi2n8WBY;c62&(3e)V8DbQs^kF+RqoM(YkYN1I|6wFP3Vha-bhG*+3jK7pPhx z*Z0$?V-Rp~_8gFsmkjoSIRi{ePh^NIXv7SN$oXDz~TTRqdM*Y@l1Wf~&+kzAAlqAcV=UQ-*8_T!^~3HSxOp55P4 z%VrLD_DiAP9GDB`fdkes%2yAZFnH&jZq;0ggn*h{oPlUQjer1K72r4tL8%Jc z?Tg$r3IhTgKFS9NMYLxCAyYjNF<$|uceD@gJj)eKgu(hF=(m^7|K5ifP*FJVI^{Z- zlzZ2O8$i&X23J*CFEJ>naGmWwivduZ4Q1e-Dj=eY*i#oyrGP#7>DJ$?) z$mMi7P1lIBM;`}e-q#aFmSCkZMb7}SXl(g|ULz35KuT4oo?=>I=iY=V4Fne6VZ+I1 zK#yVYo@}y}ep0j?|9MG{$X$;ZbPP}%X9bPEMDssf5fY$l*xT<iEM`pkigOYf*PN|Jbh*_cQT@{1S}bjgr~}j|wOAhf?#a?18=QiR+tw89?w0QS#6H1Sd1>-VYKYt6QM{iR{dMJi>_xP0_M1x3&RTx@^0Vc-c{W$1l|^^{O7Kg zC`hnTpOl^j7!9wGp)B&D2U``*_g%XFwi2(*7)6|0v%8`*Osi@@yIz&;{4ZknWgCB8 zvklI1N=#}2CwjW7%3Ep2hXr)~b&@?bi<{1aA~c)VQfG2|JL>z-g3iKhbg57t`note z)%z(I$hkxsNMfmo1CBi!AxqU_a{uEb=)E^U>hc`0`UfZYw<5#N~(JH|jQ>2tEeN^m-kJqoD!}%4Bb7tgvJz*O6;Bow$o|1}XIjH(j!j~pX95A|#bN+*DZJ(fl=zGNpIRY{Uho8V6wZYNDZLJF*%@v1W$q!G_HAHt1mi42{Bl>{tx00OLs5);{ z>44%0K(c>|_OyZ1cmAU^Rcl&opU8ghQx6khR5fSEG-aMZ6xTG&ls8qt-i;}RuGth? zpPxggn_n9qcA-CFz`#qXxm@62Nzls|BDX$CQN%}#_IxlcIJ>6Z+u;QAQg{ZP$-d{y z;72pk|2FJXTSprZI20O7yMeLmIj;ll=SAbWf;ASFaC~ zYwd+ZM7sC3SkN}lF$l(+(nFx!L)Fy~K zTM7U#K$rRJxVK;xUy}`hn3jvtK0Ttq|6%r+8+&u$JyNcOw<`l@5CtF`Gzws>YBk3m zxT0-CO3~fhDCbAxjQ-D#5ENRLQX6F70;Q2}Y^q9a+A+&pm}USkUrI<@sd^=iN?Me# zy(L%6=xS~0z{of)G=-<`xd*ok`rLETs<+uP_dg6WF3|GyDYiLDTrI60VhPs9eU;hl zeaGb&jg>2h*|4ZdoDu2EcWm*v4f!k5UeDMWw}b1seMJ$sLnSu-f@{6}hkE0x{VZj- zveAAMpZrl39-%D|xft9;Ih{eZm&uoBc_}alwnca|-}KV3 zfsv_OZOf@!G%kq5xkv4yDh{>@{w>T091MM4Ob=VZd0k$N^%Xx+x8+!e>IomgZQ^xm zO{@L_)o1Y~0arjE7;-T3pbGVPyyp^Qt%h8^)@>fpm~@80S9x6Z<SOWylFA??8EHewkj#M9=icAR`048V_*nHTiA7 z0Gi0u=Xl*G^{wZu@#q-1E|n1f7r|NG+5!Eq+G@t0k3vwmv#v5md$rpT_z2nBQ-9<4 zC_JhzRXBj!C%>KI+7T6$Wr#sur^x@gbh5-p=Fd(&k`@OtrPu zY}F12ob0hx^{7GCNZp`~2O6ZIIEzPn#N{K;$m; z@&5r&S^|*0WwP&oL*;c1hY5B(MM767XPJNZ{%qIxBYI77>qX~+y0?6!5nn_*9x7fE zlHv1cqW=nEY9pBC)#}XP?EiY>aR!q<7y5`DiBL1g?u9ktJE4<*WA`#*QjXb^Z%{nE zCs#J*$;)7)JEz9EcaBM*k-w0Vc{`b@OI$-c+q*XJPb|J&D16Io72J){_Y9GRQuksy zP2KE!e6N~{<$G+cbWDuB+8V;wvKt1UUni~h@%Wh8){&h_Bed$I>Sg7LW7&J?5atz; z!;Bt|*Ciygza?SWx<6I|gHM`v2#|iYf?>u=8-n`m34^``VLY1Mke1+B%Os zprS|NJoi=@y39U#v8{k!)BJV}QjX#gu$CyS?-(zpeOet-;VHWuZ>3B3U+TlYWroFy zt0uhd>zkJm+%6AYt9;?k^dAy>&Q?~I2i7vvTpLpS!hC}K=HZziwv`JdBA4rfAKZyU zE@&^%oSJ$Q{hYDHjzXwe$YO@f1hQt6A|O=v^Zbr#Cb)ljt=VGl6F66?JG##PJfy|} zI=rjF(Wjsxs8;Py7?~XX#BFU5X2|rj0*^cSj&# z1o6H`!AYyeOv{C*!Niuzh+erT!}wJ@@+x48y~?DaTO)w)Pfip1lzn$65vH0ikQ7VV z5eiR=7PUa1-)#SElqd`@&Bqs1tK`V(;C|Wdecn0*&iEj>b6aY|$#zZYu@jnmV2ua2SeCsnL*AsKC zTF!@soba%lv0dbwZ}zf7JSL?#V75d9TL+(b-$fhF9a+EZykZYAVx}lJcUi?%A={C| z@M-_iH-x*xbIb5L1hd8K;?D&iSWrl3&qMj-djW(E6?99T9Ai}M&#l-~Fe&4eP%Tl2 zx}DhiyMU$WVwaf1NMGN1$65L6lH6@fy>W+}n}Seq-Y0bwPvuv>-i<}!<<^i8la*FZ z?5yIZ7VfZ(z1T)sg;I(qeu%Qrbvb+crcb_2qSr}FE}t{l1V4+Zc*LH37jEm9IZlXh zlHi;oO^wYT<)iZkMg~tx1QMeM1CtmbEgz~?z`th?eQ8~OaNJ>$NLaEp&nz1i9P{UM znrRH8_Yd1bIG6Z_*;_;24YdlGnUHZETp}T^f57 zz=2~EGne5db&H12gY0JA3-QYKfQPzIzl@Gtpv2j7c&Mkei)14M8l^rowxODKGSW{Z zVnyE0KWALi$*7BM7|aUbi~t_;@NJ_b(v;xok#i9(r?Whj?N?oKNP9EP%Iek2;mgT# z z$Gark$;T~>wpw8mt`BF*Dt~?zF0ox(pZvxXprx{`Yo}){8xTeI#|OdXaN|B%9UcbF-3Wyfyu;a@2aF; z$NTmko|_91z4?sF3o1^V9!-H<5aU7#7G0`RoY;T#sq26Bqed2NIsIX1xq|QUQOn!v zNW?|nTIb67=}eHc&7;bHei)J zS7_2bUOul-)|tKb3GR2A)_orjQ5K)(oT+l~q#4rkhgL@{&$>KZY8!VmnM?2VbXx09 zIr_q|a#B{%m3ilf``ObQO4qj7HIOj<*Q+(Xrqf+zm^J!sE_l~%=>kA^XASX_gurbv zA%3_5_*oA%QFgOu#EPSGWffaY&GlRB>#zw1U2gO0nG1U zz!&*GtG{mqD$JpgZl*VjM=g23-2(C@?_uXmjWu0TF2I-1%W&5x+^PRJf0!uEF%|Kq zl9QkDnJslMNsoKV{7dav)bQ* zv~4lpXziDrps$u3{tCBY%VJZ(7gNCJ-(#eX9Fk}PB#hU-f4zAn9Dcsufma}lE$Em} zT6g!0`YSKFysp5NPj=26RU@%*ncj6O@+hzhtm9-3D)>!EQZgP3Cx_kZxWSWsUiOEuVDY#?YuB z1h}(q%^^^C*9S#NKHDV+1Lc-kFDDKJn;D;|TyaOZ5qG}V7zA+DI~CJ{4PWbk!)y5h zC0egj>famtThmcIkeB_B;xCg@m%tVShdjnCz2FY9DJCjqEz=3BL43dS)(X~ZTM(X# zlXtynC}MZoI8td7vosdZm;EqP$d%r+`RPKv755_QeRMxFfWJA2E=BpUoTXLeYcdp*$w76v>OcU^%O zdD?71cKSq7y|Ui}+!Mln%2eNdfGm_6}gdk@PUePzoIk$ooQ8S@;U2^H=%PakFhwimm#GR(@H0ce#FNRg%FQgl zR|d_cQn9_{uc5j-50S^xWO=cb$ez@@5HQ+mj>Tr{_3+JRbxl3%3l{FFw4CjIT($hu8q&UH{ z1;L{4zL40R&evIKSq3PUEJlzEV{dZ`i`aPsK#!IAI1XQq@SN}tNUNolR)&}<+&tY> zw0~&K(vzjrJyxE29}5%x)1Yk=ey^1}70^t;^c6*o)Z;KgOP;xRhCdD^D5$E+pe*X3 zo`)e=GwP9bPoKfSak%eBKjFg}MJXr{-jTf}IPLM%3E!UJ_tV~HC({mRvF+aW`_IqP zcJBVHjI!?hYi2$BN})-?1Vh7^9q=o77N}SZ5WW|4IBpR}@0|Lk^0}{-!fS=!A9~t5 zsY|960jwqFm@A=vnnsdco_;+P;XjjoqD5H1;2*Ki%W;#V&%k>lYrl6SLL`|OVGpQT zqZM9Lz%^d@$Kz|Fzg~$VgVcX~8RqcMyw4feR(yO8Qyu?>=v`SraVn6S(4dr196y2BKP~gXb*Yx_1?Qjha8FFEVDE_&z$Y)!=Ju7@jrc zD_kTGA!CgPWOy0gRg9>eFb-@RMo)(pChC`T+!$lcKD4V`pw_UjgzjC%!p||@`B5xd zxloGQ@IeV%ykvs6@W>LZbr@jg+#tKfJ(VE;O2isk_`IpKQ=D}6tF76UQ5yHxZ<3xD(}&a*mFI;l9#>Ryu8>?DR7&cItE#Cw?w@E zp%OL4<#cIQSnwlN$>2X3r5N#_qTK=D07_nJ#y^3 zfYsOKlx*W{IxcI1TOBZEx(h@?ziTnIv!)NG{==*Efya%WqHLi4?s-lK{!r`v-E^MV zL%4-|vDn=kKArC~TP5JC$voS7Z5EoqyXZQ1+-I=vGS`a!{dxPxT~XW3z{_yjB(ryc zc)j`%*5QFN!{Eq12_%4qnG0ORLYuKB(>J z(*!JaD_h7{Y*On4kWYVEY|J2Xy zonGLKis%rR7OC%W^7RkN$Ll<9esYR=B(~k|e;GKP(>iC??vLLIM1uY0|HOxhmglQ# z1>|J8iAR$rx;wJhjKYJgIal-}){&mEGyB96#18&xM$FcqH zHPh(3Gtfr2UeakEt5v$kJudGze8=i#478hIq%djy3(C(6K@X&+y0~ z#Yqjlc*YIV}vx2I?_+9 z7t7o)*Q4I3mV}$f2zQgMv|3Gkc+w+)6G^AINiUEU?5|1cJ4W|1n8>lG#Y{YJJp7%a zpc}KW5k*q@UNHE}it-26Inz?|9gvmv|Jm`v`J_Ujf_#iQ8LnwNS9)UHMKcNI@L-d2?M5n#89vJqr~P)LEv%XL&g1!Z)7`#FwvM99a_5U;yYYswBKUO3%L|e z48g+Q);dtWQ)lYp9MIDMJo-S09O=Z6Im+e!uk#)4T*OKn53VGMVZSXf`C(uL*`T$#LD))=AiS8%FRijRS8euHq zs#DzHV@0cc)r+3;_@lixwTaCasLsL);{9SdHO(Osh%B+PJVn7y4j=FY+vWsY%v^wQ zwJcP)Pv+8gkS?fi6a zGOTjKe*#w%q-2@)l(m<%o~|bIV{yP38u!wGTp@XG-wP?iFFoJT{OE6C+u1M;WJ`zc zCfy^b_R{_N=B9A(?CMh@-8}ReyIq{2z0{u?x$UJa|M)GJBT6jSUSsf9@_hISt;}PHkpFJXr|Hi4|x{z+AX(s0If@JpC^a-!hj#;#(SS4XxOBT5epO0W-r_QQM2xT+ZvXDRT zF<{Y*5@PFz#>xfC7l^Xs1ujACf-rXSN+4j5K))s7pRVw-|1}?*>Y-HgQ;@WGFxh4YLvvI zkJHDfpu+x9ysct)Kqx|P}Ov_48Xx>1On)Kc= Z7U~)vihe=@{v-j?)4r=!qVf3k{{T?LZ(aZZ From f3fbc492327126c45bf242edf9d5c03f3d5fb25c Mon Sep 17 00:00:00 2001 From: Fnu Aimi Date: Fri, 18 Oct 2024 15:23:04 -0700 Subject: [PATCH 53/53] Update SECURITY.md --- SECURITY.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 75a3b51e..929cbfa6 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,11 +1,11 @@ ## Reporting Security Issues -We take all security reports seriously. -When we receive such reports, -we will investigate and subsequently address -any potential vulnerabilities as quickly as possible. -If you discover a potential security issue in this project, -please notify AWS/Amazon Security via our -[vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) -or directly via email to [AWS Security](mailto:aws-security@amazon.com). -Please do *not* create a public GitHub issue in this project. +Amazon Web Services (AWS) is dedicated to the responsible disclosure of security vulnerabilities. + +We kindly ask that you **do not** open a public GitHub issue to report security concerns. + +Instead, please submit the issue to the AWS Vulnerability Disclosure Program via [HackerOne](https://hackerone.com/aws_vdp) or send your report via [email](mailto:aws-security@amazon.com). + +For more details, visit the [AWS Vulnerability Reporting Page](http://aws.amazon.com/security/vulnerability-reporting/). + +Thank you in advance for collaborating with us to help protect our customers.