This repository has been archived by the owner on Jan 11, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
hook up some testing to help avoid broken dependencies
- Loading branch information
1 parent
63b831e
commit 1220a64
Showing
9 changed files
with
212 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| ## How to contribute to Dockstore | ||
|
|
||
| #### **Did you find a bug?** | ||
|
|
||
| * **Ensure the bug was not already reported** by searching on GitHub under [Issues](https://github.com/dockstore/dockstore/issues). | ||
|
|
||
| * If you're unable to find an open issue addressing the problem, [open a new one](https://github.com/dockstore/dockstore/issues/new). Be sure to include a **title and clear description**, as much relevant information as possible, and a **code sample** or an **executable test case** demonstrating the expected behavior that is not occurring. | ||
|
|
||
| #### **Did you write a patch that fixes a bug?** | ||
|
|
||
| * Open a new GitHub pull request with the patch. | ||
|
|
||
| * Ensure the PR description clearly describes the problem and solution. Include the relevant issue number if applicable. | ||
|
|
||
| * Before submitting, please read ensure that your code passes the style guide and tests. See the GitHub status checks on your PR for more details. Note that until we resolve [this](https://github.com/dockstore/dockstore/issues/3541) issue, a large number of integration tests will fail. | ||
|
|
||
| #### **Do you intend to add a new feature or change an existing one?** | ||
|
|
||
| * Suggest your change as a [github issue](https://github.com/dockstore/dockstore/issues) either by creating a new issue or commenting on an existing one and start writing code. The relevant repositories are nested under our [organization](https://github.com/dockstore) including the webservice (dockstore), the user interface (dockstore-ui2), the command-line interface (dockstore-cli), and many more. | ||
|
|
||
| #### **Do you want to contribute to the Dockstore documentation?** | ||
|
|
||
| * Most of our documentation is generated from [dockstore-documentation](https://github.com/dockstore/dockstore-documentation). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| --- | ||
| name: Bug report | ||
| about: Create a report to help us improve | ||
| title: '' | ||
| labels: 'bug' | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Describe the bug** | ||
| A clear and concise description of what the bug is. | ||
|
|
||
| **To Reproduce** | ||
| Steps to reproduce the behavior: | ||
| 1. Go to '...' | ||
| 2. Click on '....' | ||
| 3. Scroll down to '....' | ||
| 4. See error | ||
|
|
||
| **Expected behavior** | ||
| A clear and concise description of what you expected to happen. | ||
|
|
||
| **Screenshots** | ||
| If applicable, add screenshots to help explain your problem. | ||
|
|
||
| **Desktop (please complete the following information):** | ||
| - OS: [e.g. iOS] | ||
| - Browser [e.g. chrome, safari] | ||
| - Version [e.g. 22] | ||
|
|
||
| **Smartphone (please complete the following information):** | ||
| - Device: [e.g. iPhone6] | ||
| - OS: [e.g. iOS8.1] | ||
| - Browser [e.g. stock browser, safari] | ||
| - Version [e.g. 22] | ||
|
|
||
| **Additional context** | ||
| - UI version: [e.g. 2.5.0] | ||
| - Webservice version: [e.g. 1.8.0] | ||
| - host location: [e.g. staging.dockstore.org] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| blank_issues_enabled: false | ||
| contact_links: | ||
| - name: Dockstore Community Forum | ||
| url: https://discuss.dockstore.org/c/dockstore-arch/7 | ||
| about: Please ask and answer questions here. | ||
| - name: Dockstore Security and Internal Issues | ||
| url: https://ucsc-cgl.atlassian.net/browse/DOCK | ||
| about: Please report security vulnerabilities here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| --- | ||
| name: Feature request | ||
| about: Suggest an idea for this project | ||
| title: '' | ||
| labels: 'enhancement' | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Is your feature request related to a problem? Please describe.** | ||
| A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] | ||
|
|
||
| **Describe the solution you'd like** | ||
| A clear and concise description of what you want to happen. | ||
|
|
||
| **Describe alternatives you've considered** | ||
| A clear and concise description of any alternative solutions or features you've considered. | ||
|
|
||
| **Additional context** | ||
| Add any other context or screenshots about the feature request here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| **Description** | ||
| A description of the PR, should include a decent explanation as to why this change was needed and a decent explanation as to what this change does | ||
|
|
||
| **Review Instructions** | ||
| Describe if this ticket needs review and if so, how one may go about it in qa and/or staging environments. | ||
| For example, a ticket based on Security Hub, Snyk, or Dependabot may not need review since those services | ||
| will generate new warnings if the issue has not been resolved properly. On the other hand, an infrastructure | ||
| ticket that results in visible changes to the end-user will definitely require review. | ||
| Many tickets will likely be between these two extremes, so some judgement may be required. | ||
|
|
||
| **Issue** | ||
| A link to a github issue or SEAB- ticket (using that as a prefix) | ||
|
|
||
| **Security and Privacy** | ||
|
|
||
| If there are any concerns that require extra attention from the security team, highlight them here. | ||
|
|
||
| e.g. Does this change... | ||
| * Any user data we collect, or data location? | ||
| * Access control, authentication or authorization? | ||
| * Encryption features? | ||
|
|
||
| Please make sure that you've checked the following before submitting your pull request. Thanks! | ||
|
|
||
| - [ ] Check that you pass the basic style checks and unit tests by running `mvn clean install` | ||
| - [ ] Ensure that the PR targets the correct branch. Check the milestone or fix version of the ticket. | ||
| - [ ] Follow the existing JPA patterns for queries, using named parameters, to avoid SQL injection | ||
| - [ ] If you are changing dependencies, check the Snyk status check or the dashboard to ensure you are not introducing new high/critical vulnerabilities | ||
| - [ ] Assume that inputs to the API can be malicious, and sanitize and/or check for Denial of Service type values, e.g., massive sizes | ||
| - [ ] Do not serve user-uploaded binary images through the Dockstore API | ||
| - [ ] Ensure that endpoints that only allow privileged access enforce that with the `@RolesAllowed` annotation | ||
| - [ ] Do not create cookies, although this may change in the future | ||
| - [ ] If this PR is for a user-facing feature, create and link a documentation ticket for this feature (usually in the same milestone as the linked issue). Style points if you create a documentation PR directly and link that instead. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| version: 2 | ||
| updates: | ||
|
|
||
| # Maintain dependencies for GitHub Actions, path is indeed "/" https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot#enabling-dependabot-version-updates-for-actions | ||
| - package-ecosystem: "github-actions" | ||
| directory: "/" | ||
| schedule: | ||
| interval: "daily" | ||
| reviewers: | ||
| - "dockstore/dockstore" | ||
|
|
||
| # Maintain dependencies for Maven | ||
| - package-ecosystem: "maven" | ||
| directory: "/" | ||
| schedule: | ||
| interval: "daily" | ||
| # start with security updates only https://stackoverflow.com/a/68254421 | ||
| open-pull-requests-limit: 0 | ||
| reviewers: | ||
| - "dockstore/dockstore" | ||
|
|
||
| # Maintain dependencies for Dockerfile | ||
| - package-ecosystem: "docker" | ||
| directory: "/" | ||
| schedule: | ||
| interval: "daily" | ||
| # start with security updates only https://stackoverflow.com/a/68254421 | ||
| open-pull-requests-limit: 0 | ||
| reviewers: | ||
| - "dockstore/dockstore" | ||
|
|
||
| # Maintain dependencies for swagger-ui and cwltool | ||
| - package-ecosystem: "pip" | ||
| directory: "/" | ||
| schedule: | ||
| interval: "daily" | ||
| # start with security updates only https://stackoverflow.com/a/68254421 | ||
| reviewers: | ||
| - "dockstore/dockstore" |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| name: Regular dockstore-style build | ||
|
|
||
| on: [push] | ||
|
|
||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| java: [ '17.0.4+8' ] | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Set up JDK | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: ${{ matrix.java }} | ||
| distribution: 'adopt' | ||
|
|
||
| - name: Initialize CodeQL | ||
| uses: github/codeql-action/init@v2 | ||
| with: | ||
| languages: java | ||
|
|
||
| # Step that does that actual cache save and restore | ||
| - uses: actions/cache@v3 | ||
| with: | ||
| path: ~/.m2/repository | ||
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-maven- | ||
| - name: Build with mvnw | ||
| run: ./mvnw clean install | ||
|
|
||
| - name: Perform CodeQL Analysis | ||
| uses: github/codeql-action/analyze@v2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters