cicd-tooling-github-workflow-cookiecutter-template #1008
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: cicd-tooling-github-workflow-cookiecutter-template | |
on: | |
push: | |
schedule: | |
- cron: "0 6 * * 1" | |
workflow_dispatch: | |
# secrets: | |
# SLACK_WEBHOOK: | |
# description: "Optional, enables Slack notifications." | |
# required: false | |
jobs: | |
configuration: | |
uses: ./.github/workflows/job-00-cookiecutter-read_configuration.yml | |
start: | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-00-generic-notification.yml | |
with: | |
NOTIFICATION_EMOJI: ":vertical_traffic_light:" | |
NOTIFICATION_MESSAGE: "Workflow has started!" | |
WORKFLOW_NAME: "cookiecutter" | |
security: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-10-generic-security_scan_credentials.yml | |
with: | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
markdown_links: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-30-cookiecutter-markdown_links.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
CONFIG_FILE: "{{cookiecutter.project_slug}}/.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
pre-commit_hooks: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-50-cookiecutter-test_precommit_hooks.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
ENABLED_PRECOMMIT_CHECKS: '["test_commit_lint_fails", "test_credentials_fails", "test_commit_spelling_fails", "test_shell_lint_fails", "test_shell_format_fails", "test_toml_lint_fails", "test_toml_lint_passes", "test_workflow_lint_fails", "test_workflow_header_lint_fails"]' | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
TEMPLATE_SCENARIOS: ${{ needs.configuration.outputs.COOKIECUTTER_ALL_SCENARIOS }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
commitizen_hooks: | |
needs: | |
- configuration | |
if: startsWith(github.ref, 'refs/heads') | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-50-poetry-test_commitizen_hooks.yml | |
with: | |
COMMITIZEN_BUMP_TYPE: "MINOR" | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
EXPECTED_BUMPED_VERSION: "0.2.0" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
commit_lint: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-rev_range_command.yml | |
with: | |
COMMAND: | | |
poetry run cz check --rev-range "${PUSHED_COMMIT_REV_RANGE}" | |
COMMAND_NAME: "Commit Message Lint" | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
commit_spell_check: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-rev_range_command.yml | |
with: | |
COMMAND: | | |
CICD_COMMIT_MESSAGES_FILE="$(mktemp XXXXXXXX.git_history_file)" | |
git log --pretty=format:%s "${PUSHED_COMMIT_REV_RANGE}" > "${CICD_COMMIT_MESSAGES_FILE}" | |
poetry run pre-commit run --hook-stage manual spelling-vale-sync | |
poetry run pre-commit run --hook-stage commit-msg spelling-commit-message --commit-msg-filename "${CICD_COMMIT_MESSAGES_FILE}" | |
COMMAND_NAME: "Commit Message Spelling" | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
git_conflict_markers: | |
needs: [configuration] | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: "git-conflict-markers" | |
PRECOMMIT_HOOK_NAME: "Git conflict markers" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
json_metaschema_lint: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: "check-metaschema" | |
PRECOMMIT_HOOK_NAME: "JSON Schema Metaschema Linter" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
json_schema_lint_cookiecutter: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: "cicd-tools-schema-cookiecutter" | |
PRECOMMIT_HOOK_NAME: "Cookiecutter JSON Schema Linter" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
markdown_lint: | |
needs: [configuration] | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: "lint-markdown" | |
PRECOMMIT_HOOK_NAME: "Markdown Linter" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
markdown_spelling: | |
needs: [configuration] | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRE_HOOK_COMMAND: poetry run pre-commit run --hook-stage manual spelling-vale-sync | |
PRECOMMIT_HOOK_ID: "spelling-markdown" | |
PRECOMMIT_HOOK_NAME: "Markdown Spelling" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
pre-commit_lint_config: | |
needs: [configuration] | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: "pre-commit-sort-config" | |
PRECOMMIT_HOOK_NAME: "Pre-Commit Config Linting" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
shell_lint: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
strategy: | |
fail-fast: true | |
matrix: | |
hook: | |
- id: "format-shell" | |
name: "Shell Formatting" | |
- id: "lint-shell" | |
name: "Shell Linting" | |
max-parallel: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
uses: ./.github/workflows/job-80-cookiecutter-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: ${{ matrix.hook.id }} | |
PRECOMMIT_HOOK_NAME: ${{ matrix.hook.name }} | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
spelling_vocabularies: | |
needs: [configuration] | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: "spelling-vale-vocab" | |
PRECOMMIT_HOOK_NAME: "Spelling vocabularies" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
toml_lint: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-cookiecutter-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: "format-toml" | |
PRECOMMIT_HOOK_NAME: "TOML Formatting" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
workflow_lint: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
strategy: | |
fail-fast: true | |
matrix: | |
hook: | |
- id: "lint-github-workflow" | |
name: "Workflow Linting" | |
- id: "lint-github-workflow-header" | |
name: "Workflow Header Linting" | |
max-parallel: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
uses: ./.github/workflows/job-80-cookiecutter-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: ${{ matrix.hook.id }} | |
PRECOMMIT_HOOK_NAME: ${{ matrix.hook.name }} | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
yaml_lint: | |
needs: | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-80-cookiecutter-precommit_commit_stage_hook.yml | |
with: | |
CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} | |
PRECOMMIT_HOOK_ID: "yamllint" | |
PRECOMMIT_HOOK_NAME: "YAML Linting" | |
PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} | |
TEMPLATE_SCENARIOS: ${{ needs.configuration.outputs.COOKIECUTTER_ALL_SCENARIOS }} | |
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }} | |
WORKFLOW_NAME: "cookiecutter" | |
create_release: | |
permissions: | |
contents: write | |
needs: | |
- configuration | |
- commit_lint | |
- commit_spell_check | |
- commitizen_hooks | |
- git_conflict_markers | |
- json_metaschema_lint | |
- json_schema_lint_cookiecutter | |
- markdown_links | |
- markdown_lint | |
- markdown_spelling | |
- pre-commit_hooks | |
- pre-commit_lint_config | |
- security | |
- shell_lint | |
- spelling_vocabularies | |
- start | |
- toml_lint | |
- workflow_lint | |
- yaml_lint | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-99-poetry-create_release.yml | |
with: | |
APPENDED_CONTENT: | | |
## Release Checklist | |
- [ ] Ensure all remote references have been updated. | |
- [ ] Ensure main is synchronized with the release tag. | |
WORKFLOW_NAME: "cookiecutter" | |
success: | |
needs: | |
- create_release | |
- configuration | |
secrets: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
uses: ./.github/workflows/job-00-generic-notification.yml | |
with: | |
NOTIFICATION_EMOJI: ":checkered_flag:" | |
NOTIFICATION_MESSAGE: "Workflow has completed successfully!" | |
WORKFLOW_NAME: "cookiecutter" |