diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ddc3b1a..c4cad73 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -4,6 +4,9 @@ name: MatrixOne CI on: workflow_call: secrets: + TOKEN_ACTION: + description: "Token for checkout (e.g. pull from fork/private)" + required: false S3ENDPOINT: description: "S3ENDPOINT For Test" required: true @@ -76,6 +79,7 @@ jobs: - uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "3" repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} @@ -143,20 +147,6 @@ jobs: echo "steps.ut.conclusion: ${{ steps.ut.conclusion }}" echo "FAIL_UT_CASES=${fail_ut_cases}" echo "FAIL_UT_CASES=${fail_ut_cases}" >> $GITHUB_OUTPUT - - name: Insert Failed UT Cases to MOC - if: ${{ failure() }} - uses: matrixorigin/CI/actions/fail-ut-case@main - with: - action_time: ${{ steps.time.outputs.ACTION_TIME }} - ut_cases: ${{ steps.failed.outputs.FAIL_UT_CASES }} - pr_link: ${{ github.event.pull_request.html_url }} - action_link: ${{ steps.time.outputs.ACTION_LINK }} - job_time: ${{ steps.time.outputs.START_TIME }} - mo_host: ${{ secrets.EE_DB_ADDR }} - mo_port: ${{ secrets.EE_DB_PORT }} - mo_user: ${{ secrets.EE_DB_USER }} - mo_password: ${{ secrets.EE_DB_PASSWORD }} - mo_database: ${{ secrets.EE_DB_DB }} - name: Print the Top 10 Time-Consuming Tests if: ${{ always() }} continue-on-error: true @@ -173,6 +163,7 @@ jobs: steps: - uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "3" repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} @@ -211,6 +202,7 @@ jobs: steps: - uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "3" repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/e2e-compose.yaml b/.github/workflows/e2e-compose.yaml index a2b3635..6614bd3 100644 --- a/.github/workflows/e2e-compose.yaml +++ b/.github/workflows/e2e-compose.yaml @@ -2,6 +2,10 @@ name: MatrixOne Compose Test on: workflow_call: + secrets: + TOKEN_ACTION: + description: "Token for checkout (e.g. pull from fork/private)" + required: false jobs: bvt-docker-compose-push: @@ -24,6 +28,7 @@ jobs: - name: checkout uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "3" repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} @@ -194,6 +199,7 @@ jobs: - name: checkout uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "3" repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/e2e-standalone.yaml b/.github/workflows/e2e-standalone.yaml index 7049616..8896106 100644 --- a/.github/workflows/e2e-standalone.yaml +++ b/.github/workflows/e2e-standalone.yaml @@ -2,6 +2,10 @@ name: MatrixOne e2e CI(Standalone) on: workflow_call: + secrets: + TOKEN_ACTION: + description: "Token for checkout (e.g. pull from fork/private)" + required: false jobs: bvt-linux-x86: @@ -14,6 +18,7 @@ jobs: - name: checkout head uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "3" path: ./head repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -149,6 +154,7 @@ jobs: - name: checkout head uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./head repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} @@ -237,6 +243,7 @@ jobs: - name: checkout head uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "3" path: ./head repository: ${{ github.event.pull_request.head.repo.full_name }} diff --git a/.github/workflows/e2e-upgrade.yaml b/.github/workflows/e2e-upgrade.yaml index efa5275..5eeadd9 100644 --- a/.github/workflows/e2e-upgrade.yaml +++ b/.github/workflows/e2e-upgrade.yaml @@ -2,6 +2,10 @@ name: MatrixOne e2e upgrade CI on: workflow_call: + secrets: + TOKEN_ACTION: + description: "Token for checkout (e.g. pull from fork/private)" + required: false inputs: release-repo: description: "release version" @@ -23,6 +27,7 @@ jobs: - name: checkout head uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./head repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} @@ -30,6 +35,7 @@ jobs: - name: checkout upstream uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./upstream repository: ${{ github.event.pull_request.base.repo.full_name }} ref: ${{ github.event.pull_request.base.ref }} @@ -229,6 +235,7 @@ jobs: - name: Checkout Head uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./head repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} @@ -243,6 +250,7 @@ jobs: - name: Checkout Upstream Release uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./upstream repository: ${{ inputs.release-repo }} # ref: ${{ steps.get-latest-release.outputs.tag }} // restore to this line after new release includes d4051aebd6 - update bvt cases (#23317) diff --git a/.github/workflows/image-build.yaml b/.github/workflows/image-build.yaml index a35ef7e..bded58d 100644 --- a/.github/workflows/image-build.yaml +++ b/.github/workflows/image-build.yaml @@ -19,6 +19,9 @@ on: default: "p4n7f8j9" type: string secrets: + TOKEN_ACTION: + description: "Token for checkout (e.g. pull from fork/private)" + required: false DOCKERHUB_USERNAME: description: 'DOCKERHUB_USERNAME' required: true @@ -48,6 +51,7 @@ jobs: - name: Checkout uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: 1 # # github OIDC https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services @@ -106,13 +110,13 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Login to DockerHub - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to Alicloud Container Registry - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: registry.cn-shanghai.aliyuncs.com username: ${{ secrets.ACR_USERNAME }} diff --git a/.github/workflows/merge-trigger-standalone.yaml b/.github/workflows/merge-trigger-standalone.yaml index a31fbf1..71ae199 100644 --- a/.github/workflows/merge-trigger-standalone.yaml +++ b/.github/workflows/merge-trigger-standalone.yaml @@ -3,6 +3,9 @@ name: MO Checkin Regression(Standalone BVT) on: workflow_call: secrets: + TOKEN_ACTION: + description: "Token for checkout (e.g. pull from fork/private)" + required: false WECHAT_MO_CHECKIN_BOT_WEBHOOK: description: "WECHAT_MO_CHECKIN_BOT_WEBHOOK" required: true @@ -20,6 +23,7 @@ jobs: - name: checkout matrixorigin/matrixone uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./matrixone - name: Set up Go uses: matrixorigin/CI/actions/setup-env@main @@ -133,6 +137,7 @@ jobs: - name: checkout head uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./head - name: Set up Go uses: matrixorigin/CI/actions/setup-env@main diff --git a/.github/workflows/merge-trigger-tke.yaml b/.github/workflows/merge-trigger-tke.yaml index 8201032..ea1ecdc 100644 --- a/.github/workflows/merge-trigger-tke.yaml +++ b/.github/workflows/merge-trigger-tke.yaml @@ -43,9 +43,10 @@ jobs: if: ${{ always() && !cancelled() }} uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./matrixone - name: Login to TCR - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: "ccr.ccs.tencentyun.com" username: ${{ secrets.TCR_USERNAME }} @@ -125,6 +126,7 @@ jobs: if: ${{ always() && !cancelled() }} uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./matrixone - name: Clean TKE ENV run: | @@ -285,13 +287,13 @@ jobs: uses: actions/checkout@v6 with: repository: matrixorigin/mo-tester - token: ${{secrets.TOKEN_ACTION}} path: ./mo-tester ref: main - name: Clone matrixone Repo if: ${{ always() && !cancelled() }} uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./matrixone - name: Set JAVA PATH run: | diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 870e7e2..3f76ac8 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -35,6 +35,8 @@ jobs: steps: - name: Checkout source uses: actions/checkout@v6 + with: + token: ${{ secrets.TOKEN_ACTION }} - name: Get release id: get_release uses: bruceadams/get-release@v1.3.2 @@ -101,6 +103,8 @@ jobs: steps: - name: Checkout source uses: actions/checkout@v6 + with: + token: ${{ secrets.TOKEN_ACTION }} - name: Get release id: get_release uses: bruceadams/get-release@v1.3.2 @@ -168,6 +172,8 @@ jobs: exit 1; - name: Checkout source uses: actions/checkout@v6 + with: + token: ${{ secrets.TOKEN_ACTION }} - name: Get release id: get_release uses: bruceadams/get-release@v1.3.2 @@ -197,6 +203,7 @@ jobs: - name: Clone gon uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "1" repository: matrixorigin/gon ref: master @@ -270,6 +277,8 @@ jobs: exit 1; - name: Checkout source uses: actions/checkout@v6 + with: + token: ${{ secrets.TOKEN_ACTION }} - name: Get release id: get_release uses: bruceadams/get-release@v1.3.2 diff --git a/.github/workflows/robot.yaml b/.github/workflows/robot.yaml index ed7bc50..257b1c1 100644 --- a/.github/workflows/robot.yaml +++ b/.github/workflows/robot.yaml @@ -38,6 +38,8 @@ jobs: steps: - name: CheckOut uses: actions/checkout@v6 + with: + token: ${{ secrets.TOKEN_ACTION }} - name: Check the code to see if the issue number is removed id: get_check_val @@ -102,6 +104,7 @@ jobs: steps: - uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "3" path: ./matrixone - name: Set up Go diff --git a/.github/workflows/utils.yaml b/.github/workflows/utils.yaml index e048d30..0084446 100644 --- a/.github/workflows/utils.yaml +++ b/.github/workflows/utils.yaml @@ -98,6 +98,7 @@ jobs: steps: - uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} fetch-depth: "1" path: ./matrixone repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -330,6 +331,7 @@ jobs: if: ${{ always() && !cancelled() }} uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} repository: matrixorigin/CI fetch-depth: "1" path: CI @@ -426,6 +428,7 @@ jobs: steps: - uses: actions/checkout@v6 with: + token: ${{ secrets.TOKEN_ACTION }} path: ./matrixone repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }}