Skip to content

Commit 231fb80

Browse files
aditi-khare-mongoDBaditi-khare-mongoDB
authored
Merge branch 'main' into NODE-5720/clarify-retryable-fields
2 parents 9eb063e + d85f827 commit 231fb80

File tree

28 files changed

+521
-339
lines changed

28 files changed

+521
-339
lines changed

.github/actions/compress_sign_and_upload/action.yml

Lines changed: 0 additions & 54 deletions
This file was deleted.

.github/actions/setup/action.yml

Lines changed: 0 additions & 15 deletions
This file was deleted.

.github/workflows/build.yml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
on:
2+
workflow_call: {}
3+
4+
name: Build
5+
6+
permissions:
7+
contents: write
8+
pull-requests: write
9+
id-token: write
10+
11+
jobs:
12+
build:
13+
runs-on: ubuntu-latest
14+
steps:
15+
- run: echo "nothing to do."
16+
shell: bash

.github/workflows/build_docs.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,8 @@ jobs:
1919

2020
steps:
2121
- uses: actions/checkout@v4
22-
- name: actions/setup
23-
uses: ./.github/actions/setup
22+
- name: Install Node and dependencies
23+
uses: mongodb-labs/drivers-github-tools/node/setup@v2
2424
- run: sudo apt-get install hugo
2525
- name: Build Docs
2626
run: npm run build:docs -- --yes

.github/workflows/dependencies.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,6 @@ jobs:
1414
runs-on: ubuntu-latest
1515
steps:
1616
- uses: actions/checkout@v4
17-
- name: actions/setup
18-
uses: ./.github/actions/setup
17+
- name: Install Node and dependencies
18+
uses: mongodb-labs/drivers-github-tools/node/setup@v2
1919
- run: npm run check:dependencies

.github/workflows/release-5.x.yml

Lines changed: 59 additions & 69 deletions
Original file line numberDiff line numberDiff line change
@@ -21,95 +21,85 @@ jobs:
2121
with:
2222
target-branch: 5.x
2323

24-
compress_sign_and_upload:
24+
build:
2525
needs: [release_please]
26-
if: ${{ needs.release_please.outputs.release_created }}
26+
name: "Perform any build or bundling steps, as necessary."
27+
uses: ./.github/workflows/build.yml
28+
29+
ssdlc:
30+
needs: [release_please, build]
31+
permissions:
32+
# required for all workflows
33+
security-events: write
34+
id-token: write
35+
contents: write
2736
environment: release
2837
runs-on: ubuntu-latest
2938
steps:
3039
- uses: actions/checkout@v4
31-
- name: actions/setup
32-
uses: ./.github/actions/setup
40+
41+
- name: Install Node and dependencies
42+
uses: mongodb-labs/drivers-github-tools/node/setup@v2
43+
with:
44+
ignore_install_scripts: false
45+
46+
- name: Load version and package info
47+
uses: mongodb-labs/drivers-github-tools/node/get_version_info@v2
48+
with:
49+
npm_package_name: mongodb
50+
3351
- name: actions/compress_sign_and_upload
34-
uses: ./.github/actions/compress_sign_and_upload
52+
uses: mongodb-labs/drivers-github-tools/node/sign_node_package@v2
3553
with:
3654
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
37-
aws_region_name: 'us-east-1'
55+
aws_region_name: us-east-1
3856
aws_secret_id: ${{ secrets.AWS_SECRET_ID }}
39-
npm_package_name: 'mongodb'
40-
- run: npm publish --provenance --tag=5x
41-
env:
42-
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
57+
npm_package_name: mongodb
58+
dry_run: ${{ needs.release_please.outputs.release_created == '' }}
4359

44-
generate_sarif_report:
45-
environment: release
46-
runs-on: ubuntu-latest
47-
needs: [release_please]
48-
permissions:
49-
# required for all workflows
50-
security-events: write
51-
id-token: write
52-
contents: write
60+
- name: Copy sbom file to release assets
61+
shell: bash
62+
if: ${{ '' == '' }}
63+
run: cp sbom.json ${{ env.S3_ASSETS }}/sbom.json
5364

54-
steps:
55-
- uses: actions/checkout@v4
56-
- name: Set up drivers-github-tools
57-
uses: mongodb-labs/drivers-github-tools/setup@v2
65+
# only used for mongodb-client-encryption
66+
- name: Augment SBOM and copy to release assets
67+
if: ${{ '' != '' }}
68+
uses: mongodb-labs/drivers-github-tools/sbom@v2
5869
with:
59-
aws_region_name: us-east-1
60-
aws_role_arn: ${{ secrets.aws_role_arn }}
61-
aws_secret_id: ${{ secrets.aws_secret_id }}
70+
silk_asset_group: ''
71+
sbom_file_name: sbom.json
6272

63-
- name: "Generate Sarif Report"
64-
uses: mongodb-labs/drivers-github-tools/code-scanning-export@v2
73+
- name: Generate authorized pub report
74+
uses: mongodb-labs/drivers-github-tools/full-report@v2
6575
with:
66-
ref: 5.x
67-
output-file: sarif-report.json
76+
release_version: ${{ env.package_version }}
77+
product_name: mongodb
78+
sarif_report_target_ref: 5.x
79+
third_party_dependency_tool: n/a
80+
dist_filenames: artifacts/*
81+
token: ${{ github.token }}
82+
sbom_file_name: sbom.json
83+
evergreen_project: mongo-node-driver-next
84+
evergreen_commit: ${{ env.commit }}
6885

69-
- name: Get release version and release package file name
70-
id: get_version
71-
shell: bash
72-
run: |
73-
package_version=$(jq --raw-output '.version' package.json)
74-
echo "package_version=${package_version}" >> "$GITHUB_OUTPUT"
75-
- name: actions/publish_asset_to_s3
76-
uses: mongodb-labs/drivers-github-tools/node/publish_asset_to_s3@main
86+
- uses: mongodb-labs/drivers-github-tools/upload-s3-assets@v2
7787
with:
78-
version: ${{ steps.get_version.outputs.package_version }}
79-
product_name: node-mongodb-native
80-
file: sarif-report.json
81-
dry_run: ${{ needs.release_please.outputs.release_created == '' }}
88+
version: ${{ env.package_version }}
89+
product_name: mongodb
90+
dry_run: ${{ needs.release_please.outputs.release_created == '' }}
8291

83-
upload_sbom_lite:
92+
publish:
93+
needs: [release_please, ssdlc, build]
8494
environment: release
8595
runs-on: ubuntu-latest
86-
needs: [release_please]
87-
permissions:
88-
# required for all workflows
89-
security-events: write
90-
id-token: write
91-
contents: write
92-
9396
steps:
9497
- uses: actions/checkout@v4
95-
- name: Set up drivers-github-tools
96-
uses: mongodb-labs/drivers-github-tools/setup@v2
97-
with:
98-
aws_region_name: us-east-1
99-
aws_role_arn: ${{ secrets.aws_role_arn }}
100-
aws_secret_id: ${{ secrets.aws_secret_id }}
10198

102-
- name: Get release version and release package file name
103-
id: get_version
104-
shell: bash
105-
run: |
106-
package_version=$(jq --raw-output '.version' package.json)
107-
echo "package_version=${package_version}" >> "$GITHUB_OUTPUT"
99+
- name: Install Node and dependencies
100+
uses: mongodb-labs/drivers-github-tools/node/setup@v2
108101

109-
- name: actions/publish_asset_to_s3
110-
uses: mongodb-labs/drivers-github-tools/node/publish_asset_to_s3@v2
111-
with:
112-
version: ${{ steps.get_version.outputs.package_version }}
113-
product_name: node-mongodb-native
114-
file: sbom.json
115-
dry_run: ${{ needs.release_please.outputs.release_created == '' }}
102+
- run: npm publish --provenance --tag=5x
103+
if: ${{ needs.release_please.outputs.release_created }}
104+
env:
105+
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/release-alpha.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,8 +26,8 @@ jobs:
2626
exit 1
2727
fi
2828
- uses: actions/checkout@v4
29-
- name: actions/setup
30-
uses: ./.github/actions/setup
29+
- name: Install Node and dependencies
30+
uses: mongodb-labs/drivers-github-tools/node/setup@v2
3131
- run: npm version "${{ inputs.alphaVersion }}" --git-tag-version=false
3232
- run: npm publish --provenance --tag=alpha
3333
env:

.github/workflows/release-nightly.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,8 @@ jobs:
2020
runs-on: ubuntu-latest
2121
steps:
2222
- uses: actions/checkout@v4
23-
- name: actions/setup
24-
uses: ./.github/actions/setup
23+
- name: Install Node and dependencies
24+
uses: mongodb-labs/drivers-github-tools/node/setup@v2
2525
- id: build_nightly
2626
run: npm run build:nightly
2727
- if: ${{ steps.build_nightly.outputs.publish == 'yes' }}

0 commit comments

Comments
 (0)