Merge pull request #306 from JohT/feature/provide-public-reusable-analysis-workflow

Provide re-useable public workflow for code graph analysis

Author: JohT

.github/workflows/check-links-in-documentation.yml renamed to .github/workflows/internal-check-links-in-documentation.yml

@@ -9,6 +9,7 @@ on:
       - 'README.md'
       - 'COMMANDS.md'
       - 'GETTING_STARTED.md'
+      - 'INTEGRATION.md'
       - '.github/workflows/check-links-in-documentation.yml' # also run when this file was changed
   schedule:
     - cron: "15 6 1 * *" # On the first day of each month at 6:15 o'clock
@@ -36,6 +37,6 @@ jobs:
 
     - name: Check links in top level documentation Markdown files
       if: ${{ ! env.skip_link_check}}
-      run: npx --yes [email protected] --verbose --alive=200,202,206 --retry README.md COMMANDS.md GETTING_STARTED.md
+      run: npx --yes [email protected] --verbose --alive=200,202,206 --retry README.md COMMANDS.md GETTING_STARTED.md INTEGRATION.md
       # Temporarily, everything is done using command line options rather than with the config file, which doesn't seem to work.
       # Maybe related to https://github.com/tcort/markdown-link-check/issues/379 ?

.github/workflows/check-renovate-config.yml renamed to .github/workflows/internal-check-renovate-config.yml

@@ -0,0 +1,159 @@
+name: Java Code Structure Graph Analysis
+
+on:
+  push:
+    branches:
+      - main
+    # Ignore changes in documentation, general configuration and reports for push events
+    paths-ignore: 
+      - 'results/**'
+      - '**/*.md'
+      - '**/*.txt'
+      - '**/*.css'
+      - '**/*.html'
+      - '**/*.js'
+      - '.gitignore'
+      - '.gitattributes'
+      - 'renovate.json'
+      - 'changelogTemplate.mustache'
+      - '**.code-workspace'
+      - '.github/workflows/typescript-code-analysis.yml'
+      - '.github/workflows/*documentation.yml'
+  pull_request:
+    branches:
+      - main
+    # Ignore changes in documentation, general configuration and reports for pull request events
+    paths-ignore: 
+      - 'results/**'
+      - '**/*.md'
+      - '**/*.txt'
+      - '**/*.css'
+      - '**/*.html'
+      - '**/*.js'
+      - '.gitignore'
+      - '.gitattributes'
+      - 'renovate.json'
+      - 'changelogTemplate.mustache'
+      - '**.code-workspace'
+      - '.github/workflows/typescript-code-analysis.yml'
+      - '.github/workflows/*documentation.yml'
+
+# Requires the secret NEO4J_INITIAL_PASSWORD to be configured
+jobs:
+  prepare-code-to-analyze:
+    runs-on: ubuntu-latest
+    outputs:
+      analysis-name: ${{ steps.set-analysis-name.outputs.analysis-name }}
+      sources-upload-name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }}
+      artifacts-upload-name: ${{ steps.set-artifacts-upload-name.outputs.artifacts-upload-name }}
+
+    env: 
+      PROJECT_NAME: AxonFramework
+      # Version variable names matches renovate.json configuration entry
+      AXON_FRAMEWORK_VERSION: 4.10.3
+
+    steps:
+    - name: Checkout GIT Repository
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+    
+    - name: Set Set output variable 'analysis-name'
+      id: set-analysis-name
+      run: echo "analysis-name=${{ env.PROJECT_NAME }}-${{ env.AXON_FRAMEWORK_VERSION }}" >> "$GITHUB_OUTPUT"
+
+    - name: Setup temp directory if missing
+      run: mkdir -p ./temp
+
+    - name: Download ${{ steps.set-analysis-name.outputs.analysis-name }}
+      working-directory: temp
+      run: |
+        mkdir -p ${{ steps.set-analysis-name.outputs.analysis-name }}
+        cd ${{ steps.set-analysis-name.outputs.analysis-name }}
+        echo "Working directory: $( pwd -P )"
+        ./../../scripts/downloader/downloadAxonFramework.sh ${{ env.AXON_FRAMEWORK_VERSION }}
+
+    - name: Debug folder structure in temp directory
+      if: runner.debug == '1'
+      working-directory: temp
+      run: |
+        ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/   /' -e 's/-/|/'
+ 
+    - name: (Prepare Code to Analyze) Generate ARTIFACT_UPLOAD_ID
+      run: echo "ARTIFACT_UPLOAD_ID=$(LC_ALL=C tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 10)" >> $GITHUB_ENV
+ 
+    - name: (Prepare Code to Analyze) Set sources-upload-name
+      id: set-sources-upload-name
+      run: echo "sources-upload-name=${{ steps.set-analysis-name.outputs.analysis-name }}-analysis-sources_input-${{ env.ARTIFACT_UPLOAD_ID }}" >> "$GITHUB_OUTPUT"
+ 
+    - name: (Prepare Code to Analyze) Set output variable 'artifacts-upload-name'
+      id: set-artifacts-upload-name
+      run: echo "artifacts-upload-name=${{ steps.set-analysis-name.outputs.analysis-name }}-analysis-artifacts-input-${{ env.ARTIFACT_UPLOAD_ID }}" >> "$GITHUB_OUTPUT"
+
+    - name: (Prepare Code to Analyze) Upload sources to analyze
+      if: success()
+      uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
+      with:
+        name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }}
+        path: ./temp/${{ steps.set-analysis-name.outputs.analysis-name }}/source
+        include-hidden-files: true
+        if-no-files-found: error
+        retention-days: 1
+
+    - name: (Prepare Code to Analyze) Upload artifacts to analyze
+      if: success()
+      uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
+      with:
+        name: ${{ steps.set-artifacts-upload-name.outputs.artifacts-upload-name }}
+        path: ./temp/${{ steps.set-analysis-name.outputs.analysis-name }}/artifacts
+        if-no-files-found: error
+        retention-days: 1
+
+
+
+  analyze-code-graph:
+    needs: [prepare-code-to-analyze]
+    uses: ./.github/workflows/public-analyze-code-graph.yml
+    with:
+      analysis-name: ${{ needs.prepare-code-to-analyze.outputs.analysis-name }}
+      artifacts-upload-name: ${{ needs.prepare-code-to-analyze.outputs.artifacts-upload-name }}
+      sources-upload-name: ${{ needs.prepare-code-to-analyze.outputs.sources-upload-name }}
+
+
+
+  commit-analysis-results:
+    if: github.event_name == 'push'
+    needs: [prepare-code-to-analyze, analyze-code-graph]
+    runs-on: ubuntu-latest
+
+    env: 
+      CI_COMMIT_MESSAGE: Automated code structure analysis analysis-results (CI)
+      CI_COMMIT_AUTHOR: ${{ github.event.repository.name }} Continuous Integration
+
+    steps:
+    - name: Checkout GIT Repository
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      with:
+        token: ${{ secrets.WORKFLOW_GIT_ACCESS_TOKEN }}
+  
+    - name: (Code Analysis Setup) Download source code and artifacts for analysis
+      uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
+      with:
+        name: ${{ needs.analyze-code-graph.outputs.uploaded-analysis-results }}
+        path: ./results/${{ needs.prepare-code-to-analyze.outputs.analysis-name }}
+
+    - name: Commit "results" directory containing the reports
+      # Only run when a pull request gets merged or a commit is pushed to the main branch
+      # git add parameters need to match paths-ignore parameters above
+      # Git pull before add/commit/push to reduce race conditions on parallel builds
+      run: |
+        git config --global user.name '${{ env.CI_COMMIT_AUTHOR }}'
+        git config --global user.email "[email protected]"
+        git config --local http.postBuffer 524288000
+        git fetch origin
+        git status
+        git add results
+        git status
+        git commit -m "${{ env.CI_COMMIT_MESSAGE }}"
+        git status
+        git rebase --strategy-option=theirs origin/main --verbose
+        git status
+        git push --verbose

.github/workflows/cypher-reference-documentation.yml renamed to .github/workflows/internal-cypher-reference-documentation.yml

@@ -0,0 +1,160 @@
+name: Typescript Code Structure Graph Analysis
+
+on:
+  push:
+    branches:
+      - main
+    # Ignore changes in documentation, general configuration and reports for push events
+    paths-ignore: 
+      - 'results/**'
+      - '**/*.md'
+      - '**/*.txt'
+      - '**/*.css'
+      - '**/*.html'
+      - '**/*.js'
+      - '.gitignore'
+      - '.gitattributes'
+      - 'renovate.json'
+      - 'changelogTemplate.mustache'
+      - '**.code-workspace'
+      - '.github/workflows/java-code-analysis.yml'
+      - '.github/workflows/*documentation.yml'
+  pull_request:
+    branches:
+      - main
+    # Ignore changes in documentation, general configuration and reports for pull request events
+    paths-ignore: 
+      - 'results/**'
+      - '**/*.md'
+      - '**/*.txt'
+      - '**/*.css'
+      - '**/*.html'
+      - '**/*.js'
+      - '.gitignore'
+      - '.gitattributes'
+      - 'renovate.json'
+      - 'changelogTemplate.mustache'
+      - '**.code-workspace'
+      - '.github/workflows/java-code-analysis.yml'
+      - '.github/workflows/*documentation.yml'
+
+jobs:
+
+  prepare-code-to-analyze:
+    runs-on: ubuntu-latest
+    outputs:
+      analysis-name: ${{ steps.set-analysis-name.outputs.analysis-name }}
+      sources-upload-name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }}
+
+    env: 
+      PROJECT_NAME: react-router
+      # Version variable name matches renovate.json configuration entry
+      REACT_ROUTER_VERSION: 6.28.1
+
+    steps:
+    - name: (Prepare Code to Analyze) Checkout GIT repository
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+ 
+    
+    - name: Set Set output variable 'analysis-name'
+      id: set-analysis-name
+      run: echo "analysis-name=${{ env.PROJECT_NAME }}-${{ env.REACT_ROUTER_VERSION }}" >> "$GITHUB_OUTPUT"
+    
+    - name: Setup temp directory if missing
+      run: mkdir -p ./temp
+
+    - name: Setup Cache for "temp/downloads" folder
+      uses: actions/cache@v4
+      with:
+        path: ./temp/downloads
+        key:
+          ${{ runner.os }}-${{ hashFiles('**/*.sh') }}
+
+    - name: Download ${{ steps.set-analysis-name.outputs.analysis-name }}
+      working-directory: temp
+      run: |
+        mkdir -p ${{ steps.set-analysis-name.outputs.analysis-name }}
+        cd ${{ steps.set-analysis-name.outputs.analysis-name }}
+        echo "Working directory: $( pwd -P )"
+        ./../../scripts/downloader/downloadReactRouter.sh ${{ env.REACT_ROUTER_VERSION }}
+
+    - name: (Prepare Code to Analyze) Setup pnpm for react-router
+      uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
+      with:
+        package_json_file: temp/${{ steps.set-analysis-name.outputs.analysis-name }}/source/${{ steps.set-analysis-name.outputs.analysis-name }}/package.json
+          
+    - name: (Prepare Code to Analyze) Install dependencies with pnpm
+      working-directory: temp/${{ steps.set-analysis-name.outputs.analysis-name }}/source/${{ steps.set-analysis-name.outputs.analysis-name }}
+      run: pnpm install --frozen-lockfile --strict-peer-dependencies
+
+    - name: Debug folder structure in temp directory
+      if: runner.debug == '1'
+      working-directory: temp
+      run: |
+        ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/   /' -e 's/-/|/'
+
+    - name: (Prepare Code to Analyze) Generate ARTIFACT_UPLOAD_ID
+      run: echo "ARTIFACT_UPLOAD_ID=$(LC_ALL=C tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 10)" >> $GITHUB_ENV
+ 
+    - name: (Prepare Code to Analyze) Set sources-upload-name
+      id: set-sources-upload-name
+      run: echo "sources-upload-name=${{ steps.set-analysis-name.outputs.analysis-name }}-analysis-sources_input-${{ env.ARTIFACT_UPLOAD_ID }}" >> "$GITHUB_OUTPUT"
+    
+    - name: (Prepare Code to Analyze) Upload code to analyze
+      if: success()
+      uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
+      with:
+        name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }}
+        path: ./temp/${{ steps.set-analysis-name.outputs.analysis-name }}/source
+        if-no-files-found: error
+        retention-days: 1
+
+
+
+  analyze-code-graph:
+    needs: [prepare-code-to-analyze]
+    uses: ./.github/workflows/public-analyze-code-graph.yml
+    with:
+      analysis-name: ${{ needs.prepare-code-to-analyze.outputs.analysis-name }}
+      sources-upload-name: ${{ needs.prepare-code-to-analyze.outputs.sources-upload-name }}
+
+
+
+  commit-analysis-results:
+    if: github.event_name == 'push'
+    needs: [prepare-code-to-analyze, analyze-code-graph]
+    runs-on: ubuntu-latest
+
+    env: 
+      CI_COMMIT_MESSAGE: Automated code structure analysis analysis-results (CI)
+      CI_COMMIT_AUTHOR: ${{ github.event.repository.name }} Continuous Integration
+
+    steps:
+    - name: Checkout GIT Repository
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      with:
+        token: ${{ secrets.WORKFLOW_GIT_ACCESS_TOKEN }}
+  
+    - name: (Code Analysis Setup) Download source code and artifacts for analysis
+      uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
+      with:
+        name: ${{ needs.analyze-code-graph.outputs.uploaded-analysis-results }}
+        path: results/${{ needs.prepare-code-to-analyze.outputs.analysis-name }}
+
+    - name: Commit "results" directory containing the reports
+      # Only run when a pull request gets merged or a commit is pushed to the main branch
+      # git add parameters need to match paths-ignore parameters above
+      # Git pull before add/commit/push to reduce race conditions on parallel builds
+      run: |
+        git config --global user.name '${{ env.CI_COMMIT_AUTHOR }}'
+        git config --global user.email "[email protected]"
+        git config --local http.postBuffer 524288000
+        git fetch origin
+        git status
+        git add results
+        git status
+        git commit -m "${{ env.CI_COMMIT_MESSAGE }}"
+        git status
+        git rebase --strategy-option=theirs origin/main --verbose
+        git status
+        git push --verbose