chore(deployment): pin ubuntu version used by github (#30871) (#30907)

### Proposed Changes * This pull request proposes updating all Ubuntu runners in our CICD pipelines to version 24.04. * A new GitHub repository variable is needed. `UBUNTU_RUNNER_VERSION` must be set to `24.04`; otherwise, workflows will default to using `22.04`. ## Details We conducted thorough testing with the following setups: *Ubuntu 22.04:* - Executed main CICD workflows (PR, Merge Queue, Trunk, and Nightly) on fork. All runs completed successfully without any unusual behavior. *Ubuntu 24.04:* - Repeated the same tests with runners updated to 24.04. Similarly, all workflows ran correctly, with no anomalies observed. ### Proposal - Given the successful results in both cases, we propose setting the runners directly to version 24.04 to streamline the update process. ### Next Steps - Merge this PR to update the Ubuntu runners. - Monitor post-deployment to ensure stability across all workflows. ### Fixes #30871
dotCMS · Dec 11, 2024 · 8af2d78 · 8af2d78
1 parent dafa0f1
commit 8af2d78
Show file tree

Hide file tree

Showing 44 changed files with 69 additions and 69 deletions.
diff --git a/.github/actions/core-cicd/api-limits-check/Readme.md b/.github/actions/core-cicd/api-limits-check/Readme.md
@@ -24,7 +24,7 @@ on:
 
 jobs:
   check-rate-limits:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: Check API Rate Limit
         uses: your-repo/check-rate-limit-action@v1

diff --git a/.github/actions/core-cicd/cleanup-runner/Readme.md b/.github/actions/core-cicd/cleanup-runner/Readme.md
@@ -40,7 +40,7 @@ Here's an example of how to incorporate this action into your workflow:
 ```yaml
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - uses: actions/checkout@v2
 

diff --git a/.github/actions/core-cicd/deployment/deploy-javadoc/README.md b/.github/actions/core-cicd/deployment/deploy-javadoc/README.md
@@ -53,7 +53,7 @@ on:
 
 jobs:
   deploy-javadoc:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: Deploy Artifact Javadoc
         uses: ./.github/actions/deploy-artifact-javadoc

diff --git a/.github/actions/core-cicd/deployment/deploy-javascript-sdk/README.md b/.github/actions/core-cicd/deployment/deploy-javascript-sdk/README.md
@@ -71,7 +71,7 @@ on:
 
 jobs:
   publish-sdk:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: Publish to NPM
         uses: ./.github/actions/core-cicd/deployment/deploy-javascript-sdk

diff --git a/.github/actions/core-cicd/deployment/deploy-jfrog/README.md b/.github/actions/core-cicd/deployment/deploy-jfrog/README.md
@@ -32,7 +32,7 @@ on:
 
 jobs:
   deploy:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - uses: actions/checkout@v4
 

diff --git a/.github/actions/core-cicd/maven-job/README.md b/.github/actions/core-cicd/maven-job/README.md
@@ -71,7 +71,7 @@ Here's an example of how to incorporate this action into your workflow:
 ```yaml
 jobs:
   build-and-test:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - uses: actions/checkout@v2
 

diff --git a/.github/actions/core-cicd/notification/notify-slack/README.md b/.github/actions/core-cicd/notification/notify-slack/README.md
@@ -24,7 +24,7 @@ on:
 
 jobs:
   notify:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: Send Slack Notification
         uses: ./

diff --git a/.github/actions/core-cicd/prepare-runner/README.md b/.github/actions/core-cicd/prepare-runner/README.md
@@ -53,7 +53,7 @@ Here's an example of how to incorporate this action into your workflow:
 ```yaml
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - uses: actions/checkout@v2
 

diff --git a/.github/actions/core-cicd/setup-java/README.md b/.github/actions/core-cicd/setup-java/README.md
@@ -52,7 +52,7 @@ Here's an example of how to incorporate this action into your workflow:
 ```yaml
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - uses: actions/checkout@v2
 

diff --git a/.github/workflows/cicd_comp_build-phase.yml b/.github/workflows/cicd_comp_build-phase.yml
@@ -50,7 +50,7 @@ jobs:
   # It provides a local Maven repo for subsequent steps.
   build-jdk11:
     name: "Initial Artifact Build"
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: inputs.core-build == true
     permissions:
       contents: read

diff --git a/.github/workflows/cicd_comp_cli-native-build-phase.yml b/.github/workflows/cicd_comp_cli-native-build-phase.yml
@@ -56,17 +56,17 @@ jobs:
   # Job to determine the OS matrix for the build
   os-runners:
     name: 'Get OS matrix'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     outputs:
       runners: ${{ steps.set-os.outputs.runners }}
     steps:
       - name: 'Set OS'
         id: set-os
         run: |
           if [[ "${{ inputs.buildNativeImage }}" == "true" ]]; then
-            RUNNERS='[{ "os": "ubuntu-22.04", "label": "Linux", "platform": "linux-x86_64" }, { "os": "macos-13", "label": "macOS-Intel", "platform": "osx-x86_64" }, { "os": "macos-14", "label": "macOS-Silicon", "platform": "osx-aarch_64" }]'
+            RUNNERS='[{ "os": "ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}", "label": "Linux", "platform": "linux-x86_64" }, { "os": "macos-13", "label": "macOS-Intel", "platform": "osx-x86_64" }, { "os": "macos-14", "label": "macOS-Silicon", "platform": "osx-aarch_64" }]'
           else
-            RUNNERS='[{ "os": "ubuntu-22.04", "label": "Linux", "platform": "linux-x86_64" }]'
+            RUNNERS='[{ "os": "ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}", "label": "Linux", "platform": "linux-x86_64" }]'
           fi
           echo "runners=$RUNNERS" >> $GITHUB_OUTPUT
 

diff --git a/.github/workflows/cicd_comp_deployment-phase.yml b/.github/workflows/cicd_comp_deployment-phase.yml
@@ -63,7 +63,7 @@ on:
 
 jobs:
   deployment:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     # Use of Docker environments to enable per-deployment environment secrets
     # This allows for different secrets to be used based on the deployment environment
     environment: ${{ inputs.environment }}

diff --git a/.github/workflows/cicd_comp_finalize-phase.yml b/.github/workflows/cicd_comp_finalize-phase.yml
@@ -28,7 +28,7 @@ on:
 jobs:
   prepare-report-data:
     name: Prepare Report Data
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: always()
     outputs:
       aggregate_status: ${{ steps.prepare-workflow-data.outputs.aggregate_status }}
@@ -175,7 +175,7 @@ jobs:
     name: Final Status
     needs: prepare-report-data
     if: always()
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       # Check the final status and fail the workflow if not successful
       - name: Check Final Status

diff --git a/.github/workflows/cicd_comp_initialize-phase.yml b/.github/workflows/cicd_comp_initialize-phase.yml
@@ -53,7 +53,7 @@ jobs:
   # This job is used as a required check to indicate that the workflow has started and is running
   initialize:
     name: Initialize
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: always()
     steps:
       - run: echo 'GitHub context'
@@ -75,7 +75,7 @@ jobs:
   # This job checks for artifacts from previous builds and determines if they can be reused
   check-previous-build:
     name: Check Previous Build
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     outputs:
       artifact-run-id: ${{ steps.check.outputs.run_id }}
       found_artifacts: ${{ steps.check.outputs.found_artifacts }}
@@ -119,7 +119,7 @@ jobs:
     name: Check Changed Files
     needs: [ check-previous-build ]
     if: always() && !failure() && !cancelled()
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     outputs:
       build: ${{ steps.filter-rewrite.outputs.build }}
       backend: ${{ steps.filter-rewrite.outputs.backend }}

diff --git a/.github/workflows/cicd_comp_pr-notifier.yml b/.github/workflows/cicd_comp_pr-notifier.yml
@@ -21,7 +21,7 @@ on:
 jobs:
   message-resolver:
     name: Resolve Message
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     outputs:
       message: ${{ steps.message-resolver.outputs.message }}
     steps:
@@ -69,7 +69,7 @@ jobs:
 
   pr-notifier:
     needs: [message-resolver, slack-channel-resolver]
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     strategy:
       fail-fast: false
       matrix:

diff --git a/.github/workflows/cicd_comp_semgrep-phase.yml b/.github/workflows/cicd_comp_semgrep-phase.yml
@@ -23,7 +23,7 @@ on:
 jobs:
   buildmavenDepTree:
     name: Semgrep Dep Tree
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     # Only run on main branch or pull requests in the main repository
     if: |
       (github.ref == 'refs/heads/main' || github.event_name == 'pull_request') && github.repository == 'dotCMS/core'
@@ -55,7 +55,7 @@ jobs:
   semgrep:
     needs: buildmavenDepTree
     name: Scan
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     env:
       SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
       NO_FAIL: ${{ vars.SEMGREP_NO_FAIL || 'false' }}

diff --git a/.github/workflows/cicd_comp_sonarqube-phase.yml b/.github/workflows/cicd_comp_sonarqube-phase.yml
@@ -29,7 +29,7 @@ on:
 jobs:
   sonarqube:
     name: SonarQube Scan
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     # Only run on main branch or pull requests in the main repository
     if: |
       (github.ref == 'refs/heads/main' || github.event_name == 'pull_request') && github.repository == 'dotCMS/core'

diff --git a/.github/workflows/cicd_comp_test-phase.yml b/.github/workflows/cicd_comp_test-phase.yml
@@ -60,7 +60,7 @@ jobs:
   # JVM Unit Tests
   linux-jvm-tests:
     name: JVM Unit Tests - JDK ${{matrix.java.name}}
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: inputs.jvm_unit_test || inputs.run-all-tests
     timeout-minutes: 240
     env:
@@ -82,7 +82,7 @@ jobs:
   # CLI Tests
   linux-cli-tests:
     name: CLI Tests
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: inputs.cli || inputs.run-all-tests
     timeout-minutes: 240
     env:
@@ -106,7 +106,7 @@ jobs:
   # Frontend Tests
   linux-frontend-tests:
     name: Frontend Unit Tests
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: inputs.frontend || inputs.run-all-tests
     timeout-minutes: 240
     env:
@@ -128,7 +128,7 @@ jobs:
   # Integration Tests
   linux-integration-tests:
     name: JVM IT Tests ${{matrix.suites.name}}
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: inputs.integration || inputs.run-all-tests
     timeout-minutes: 240
     env:
@@ -162,7 +162,7 @@ jobs:
   # Postman Tests
   linux-postman-tests:
     name: Run Postman Tests - ${{matrix.collection_group}}
-    runs-on: ubuntu-24.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: inputs.postman || inputs.run-all-tests
     strategy:
       fail-fast: false
@@ -187,7 +187,7 @@ jobs:
   # Karate Tests
   karate-tests:
     name: Karate Tests - ${{ matrix.suites.name }}
-    runs-on: ubuntu-24.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: inputs.karate || inputs.run-all-tests
     strategy:
       fail-fast: false
@@ -219,7 +219,7 @@ jobs:
   # E2E Tests
   linux-e2e-tests:
     name: E2E Tests ${{matrix.suites.name}}
-    runs-on: ubuntu-24.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: inputs.e2e || inputs.run-all-tests
     timeout-minutes: 240
     env:

diff --git a/.github/workflows/cicd_manual_build-docker-context.yml b/.github/workflows/cicd_manual_build-docker-context.yml
@@ -22,7 +22,7 @@ on:
 jobs:
   build_image:
     name: Build Docker Base Image
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: Checkout core
         uses: actions/checkout@v4

diff --git a/.github/workflows/cicd_manual_build-java-base.yml b/.github/workflows/cicd_manual_build-java-base.yml
@@ -19,7 +19,7 @@ on:
 jobs:
   build_image:
     name: Build Docker Base Image
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: Checkout core
         uses: actions/checkout@v4

diff --git a/.github/workflows/cicd_manual_publish-starter.yml b/.github/workflows/cicd_manual_publish-starter.yml
@@ -95,7 +95,7 @@ jobs:
 
   deploy-artifacts:
     needs: [ get-starter ]
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     environment: starter
     outputs:
       filename: ${{ steps.deploy-artifacts.outputs.filename }}
@@ -197,7 +197,7 @@ jobs:
        
   send-notification:
     needs: [ deploy-artifacts ]
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: always() && github.event.inputs.dry-run == 'false'
     steps:
 

diff --git a/.github/workflows/cicd_post-workflow-reporting.yml b/.github/workflows/cicd_post-workflow-reporting.yml
@@ -46,7 +46,7 @@ permissions:
 
 jobs:
   report:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       # Log GitHub context for debugging
       - name: Log GitHub context

diff --git a/.github/workflows/cicd_release-cli.yml b/.github/workflows/cicd_release-cli.yml
@@ -59,7 +59,7 @@ jobs:
   precheck:
     if: ${{ ( github.event_name == 'release' && !contains(github.event.release.tag_name, 'LTS')) || github.event_name == 'workflow_dispatch' }}
     name: 'Pre-check'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     outputs:
       RELEASE_VERSION: ${{ steps.version.outputs.RELEASE_VERSION }}
       HEAD: ${{ steps.version.outputs.HEAD }}
@@ -151,7 +151,7 @@ jobs:
   # Perform the release
   release:
     needs: [ precheck, build-cli ]
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: 'Check out repository'
         uses: actions/checkout@v4
@@ -187,7 +187,7 @@ jobs:
     name: "Publish NPM Package"
     if: success()  # Run only if explicitly indicated and successful
     needs: [ precheck, build, build-cli, release ]
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: 'Checkout code'
         uses: actions/checkout@v4
@@ -332,7 +332,7 @@ jobs:
     name: "Clean Up"
     if: ${{ needs.precheck.outputs.AUXILIARY_BRANCH != '' }}
     needs: [ precheck, build, build-cli, release, publish-npm-package ]
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     steps:
       - name: Checkout Repository
         uses: actions/checkout@v4

diff --git a/.github/workflows/cicd_scheduled_notify-seated-prs.yml b/.github/workflows/cicd_scheduled_notify-seated-prs.yml
@@ -16,7 +16,7 @@ env:
 
 jobs:
   resolve-seated-prs:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     outputs:
       seated_prs: ${{ steps.fetch-seated-prs.outputs.seated_prs }}
       members: ${{ steps.fetch-seated-prs.outputs.members }}
@@ -152,7 +152,7 @@ jobs:
       SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
 
   notify-seated-prs:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     needs: [resolve-seated-prs, slack-channel-resolver]
     if: success()
     name: Notifying team member ${{ matrix.member }}

diff --git a/.github/workflows/issue_comp_frontend-notify.yml b/.github/workflows/issue_comp_frontend-notify.yml
@@ -14,7 +14,7 @@ on:
         required: true
 jobs:
   resolve-data:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     outputs:
       issue_number: ${{ steps.evaluate-actions.outputs.issue_number }}
     steps:
@@ -152,7 +152,7 @@ jobs:
   frontend-notify:
     name: Notify team member ${{ matrix.member }}
     needs: [resolve-data, slack-channel-resolver]
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     if: success() && needs.resolve-data.outputs.issue_number && needs.slack-channel-resolver.outputs.channel_ids
     strategy:
       fail-fast: false

diff --git a/.github/workflows/issue_comp_github-member-resolver.yml b/.github/workflows/issue_comp_github-member-resolver.yml
@@ -23,7 +23,7 @@ on:
 
 jobs:
   github-member-resolver:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
     outputs:
       members: ${{ steps.resolve-members.outputs.members }}
     steps:
-Original file line number
+Diff line change
@@ Expand Up @@
     ```yaml
     jobs:
       build:
-        runs-on: ubuntu-latest
+        runs-on: ubuntu-${{ vars.UBUNTU_RUNNER_VERSION || '24.04' }}
         steps:
           - uses: actions/checkout@v2
@@ Expand Down @@