From 306580df89ba6dfff74056ae3cddb53c6fedb1fe Mon Sep 17 00:00:00 2001 From: Niall Byrne <9848926+niall-byrne@users.noreply.github.com> Date: Wed, 8 Mar 2023 14:43:02 -0500 Subject: [PATCH] ci(GITHUB): refactor inner workflow --- .github/scripts/job-50-test-precommit.sh | 2 +- .github/scripts/workflow-setup-environment.sh | 11 +- .github/workflows/.job-00-start.yml | 5 +- .github/workflows/.job-00-success.yml | 5 +- .github/workflows/.job-10-security.yml | 7 +- .github/workflows/.job-30-documentation.yml | 5 +- .github/workflows/.job-40-molecule.yml | 9 +- .github/workflows/.job-50-precommit.yml | 7 +- .github/workflows/.job-60-remote-push.yml | 7 +- .github/workflows/.job-80-commit-lint.yml | 11 +- .github/workflows/.job-80-shell-lint.yml | 5 +- .github/workflows/.job-80-toml-lint.yml | 5 +- .github/workflows/.job-80-yaml-lint.yml | 5 +- .github/workflows/.job-99-create-release.yml | 15 +- .github/workflows/workflow-template-test.yml | 4 +- README.md | 12 +- cookiecutter.json | 6 +- {{cookiecutter.project_slug}}/.ansible-lint | 1 + .../.github/config/workflows/push.json | 7 - .../workflows/workflow-publish-to-galaxy.json | 4 + .../config/workflows/workflow-push.json | 12 + .../{version.sh => job-99-check-version.sh} | 2 +- ...hangelog.sh => job-99-create-changelog.sh} | 2 +- .../{release.js => job-99-create-release.js} | 0 ...ndidate.sh => job-99-release-candidate.sh} | 2 +- ...e_cache.sh => task-setup-ansible-cache.sh} | 2 +- ...ications.sh => task-slack-notification.sh} | 2 +- .../scripts/{poetry.sh => task-use-poetry.sh} | 2 +- ...h => workflow-determine-pushed-commits.sh} | 2 +- .../workflow-identify-molecule-scenarios.sh | 21 + ...ow_json_value.sh => workflow-set-value.sh} | 4 +- ...setup.sh => workflow-setup-environment.sh} | 9 +- .../.github/workflows/.job-00-start.yml | 35 ++ .../.github/workflows/.job-00-success.yml | 35 ++ .../.github/workflows/.job-10-security.yml | 57 ++ .../workflows/.job-30-documentation.yml | 48 ++ .../workflows/.job-40-molecule-lint.yml | 90 +++ .../workflows/.job-40-molecule-test.yml | 120 ++++ .../.github/workflows/.job-80-commit-lint.yml | 88 +++ .../.github/workflows/.job-80-toml-lint.yml | 52 ++ .../.github/workflows/.job-80-yaml-lint.yml | 48 ++ .../workflows/.job-99-create-release.yml | 95 ++++ .../.github/workflows/.job-99-import-role.yml | 95 ++++ .../.github/workflows/push.yml | 538 ------------------ .../.github/workflows/release.yml | 118 ---- .../workflows/workflow-publish-to-galaxy.yml | 65 +++ .../.github/workflows/workflow-push.yml | 127 +++++ {{cookiecutter.project_slug}}/README.md | 4 +- {{cookiecutter.project_slug}}/pyproject.toml | 2 +- 49 files changed, 1069 insertions(+), 741 deletions(-) delete mode 100644 {{cookiecutter.project_slug}}/.github/config/workflows/push.json create mode 100644 {{cookiecutter.project_slug}}/.github/config/workflows/workflow-publish-to-galaxy.json create mode 100644 {{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json rename {{cookiecutter.project_slug}}/.github/scripts/{version.sh => job-99-check-version.sh} (89%) rename {{cookiecutter.project_slug}}/.github/scripts/{changelog.sh => job-99-create-changelog.sh} (89%) rename {{cookiecutter.project_slug}}/.github/scripts/{release.js => job-99-create-release.js} (100%) rename {{cookiecutter.project_slug}}/.github/scripts/{release_candidate.sh => job-99-release-candidate.sh} (90%) rename {{cookiecutter.project_slug}}/.github/scripts/{ansible_cache.sh => task-setup-ansible-cache.sh} (94%) rename {{cookiecutter.project_slug}}/.github/scripts/{notifications.sh => task-slack-notification.sh} (89%) rename {{cookiecutter.project_slug}}/.github/scripts/{poetry.sh => task-use-poetry.sh} (91%) rename {{cookiecutter.project_slug}}/.github/scripts/{pushed_commit_range.sh => workflow-determine-pushed-commits.sh} (96%) create mode 100644 {{cookiecutter.project_slug}}/.github/scripts/workflow-identify-molecule-scenarios.sh rename {{cookiecutter.project_slug}}/.github/scripts/{workflow_json_value.sh => workflow-set-value.sh} (78%) rename {{cookiecutter.project_slug}}/.github/scripts/{setup.sh => workflow-setup-environment.sh} (63%) create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-00-start.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-00-success.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-10-security.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-30-documentation.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-40-molecule-lint.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-40-molecule-test.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-80-commit-lint.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-80-toml-lint.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-80-yaml-lint.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-99-create-release.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/.job-99-import-role.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/workflows/push.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/workflows/release.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml diff --git a/.github/scripts/job-50-test-precommit.sh b/.github/scripts/job-50-test-precommit.sh index edd222af..344110c2 100644 --- a/.github/scripts/job-50-test-precommit.sh +++ b/.github/scripts/job-50-test-precommit.sh @@ -36,7 +36,7 @@ test_toml_lint_1() { test_toml_lint_2() { util_git_reset - sed -i.bak 's/>=3.9.0,<4.0/>=3.9.1,<4.0/g' pyproject.toml + sed -i.bak 's/python = ">=.*,<4.0/python = ">=3.9.0,<5.0/g' pyproject.toml git stage pyproject.toml git commit -m 'test(PRE-COMMIT): upgrade python without issue' } diff --git a/.github/scripts/workflow-setup-environment.sh b/.github/scripts/workflow-setup-environment.sh index 15a93b8d..21ad70c4 100644 --- a/.github/scripts/workflow-setup-environment.sh +++ b/.github/scripts/workflow-setup-environment.sh @@ -14,15 +14,20 @@ main() { PROJECT_NAME="ansible-workbench" USER_NAME="niall-byrne" TEMPLATED_NAME="flower-generator" - VERBOSE_NOTIFICATIONS="${VERBOSE_NOTIFICATIONS:-0}" + + BRANCH_OR_TAG="$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///g' | sed 's/refs\/tags\///g')" + WORKFLOW_URL="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" { echo "ANSIBLE_WORKBENCH_BRANCH_NAME_BASE=${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE}" echo "ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT=${ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT}" + echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" + echo "CACHE_TTL=$(date +%d)" + echo "NOTIFICATION=${PROJECT_NAME} [<${WORKFLOW_URL}|${BRANCH_OR_TAG}>]" echo "PROJECT_NAME=${PROJECT_NAME}" - echo "USER_NAME=${USER_NAME}" echo "TEMPLATED_NAME=${TEMPLATED_NAME}" - echo "VERBOSE_NOTIFICATIONS=${VERBOSE_NOTIFICATIONS}" + echo "USER_NAME=${USER_NAME}" + echo "WEBHOOK_URL=${WEBHOOK_URL}" } >> "${GITHUB_ENV}" } diff --git a/.github/workflows/.job-00-start.yml b/.github/workflows/.job-00-start.yml index af6ebbe0..afb37f43 100644 --- a/.github/workflows/.job-00-start.yml +++ b/.github/workflows/.job-00-start.yml @@ -23,15 +23,14 @@ jobs: - name: Start -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - name: Start -- Report Job Status on Success run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: workflow has started!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: workflow has started!" - name: Start -- Report Job Status on Failure if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: error reporting job status!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: error reporting job status!" diff --git a/.github/workflows/.job-00-success.yml b/.github/workflows/.job-00-success.yml index 9ac28439..acc5136e 100644 --- a/.github/workflows/.job-00-success.yml +++ b/.github/workflows/.job-00-success.yml @@ -23,15 +23,14 @@ jobs: - name: Success -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - name: Success -- Report Job Status on Success run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: all checks were successful!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: all checks were successful!" - name: Success -- Report Job Status on Failure if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: error reporting job status!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: error reporting job status!" diff --git a/.github/workflows/.job-10-security.yml b/.github/workflows/.job-10-security.yml index e5a59a3c..4c41ab78 100644 --- a/.github/workflows/.job-10-security.yml +++ b/.github/workflows/.job-10-security.yml @@ -32,8 +32,7 @@ jobs: - name: Security Test Repo -- Setup Environment run: | source "./.github/scripts/workflow-setup-environment.sh" - source "./{{cookiecutter.project_slug}}/.github/scripts/setup.sh" - source "./{{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh" env: GITHUB_CONTEXT: ${{ toJson(github) }} WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -48,9 +47,9 @@ jobs: - name: Security Test Repo -- Report Job Status on Success if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: security checks succeeded!" + "./{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: security checks succeeded!" - name: Security Test Repo -- Report Job Status on Failure if: failure() run: | - "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: security checks failed!" + "./{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: security checks failed!" diff --git a/.github/workflows/.job-30-documentation.yml b/.github/workflows/.job-30-documentation.yml index 56b07e94..75d6cfd0 100644 --- a/.github/workflows/.job-30-documentation.yml +++ b/.github/workflows/.job-30-documentation.yml @@ -37,7 +37,6 @@ jobs: - name: Documentation Test -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -75,9 +74,9 @@ jobs: - name: Documentation Test -- Report Job Status on Success if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: documentation checks succeeded!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: documentation checks succeeded!" - name: Documentation Test -- Report Job Status on Failure if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: documentation checks failed!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: documentation checks failed!" diff --git a/.github/workflows/.job-40-molecule.yml b/.github/workflows/.job-40-molecule.yml index dbc44116..a023e08a 100644 --- a/.github/workflows/.job-40-molecule.yml +++ b/.github/workflows/.job-40-molecule.yml @@ -37,7 +37,6 @@ jobs: - name: Molecule Lint Test -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -53,8 +52,8 @@ jobs: - name: Molecule Lint Test -- Initialize Cache Locations run: | mkdir -p ~/.cache/pypoetry/virtualenvs - source "./template/{{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh" \ - "$(pwd)/ansible_cache" \ + source "./template/{{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh" \ + "$(pwd)/ansible_cache" \ ~/.cache - name: Molecule Lint Test -- Mount Ansible Cache @@ -81,9 +80,9 @@ jobs: - name: Molecule Lint Test -- Report Job Status on Success if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: molecule linting checks succeeded!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: molecule linting checks succeeded!" - name: Molecule Lint Test -- Report Job Status on Failure if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: molecule linting checks failed!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: molecule linting checks failed!" diff --git a/.github/workflows/.job-50-precommit.yml b/.github/workflows/.job-50-precommit.yml index 99769ebc..f98062e8 100644 --- a/.github/workflows/.job-50-precommit.yml +++ b/.github/workflows/.job-50-precommit.yml @@ -38,7 +38,6 @@ jobs: - name: Pre-Commit Test -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -58,7 +57,7 @@ jobs: - name: Pre-Commit -- Initialize Cache Locations run: | mkdir -p ~/.cache/pypoetry/virtualenvs - source "./template/{{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh" \ + source "./template/{{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh" \ "$(pwd)/ansible_cache" \ ~/.cache @@ -101,9 +100,9 @@ jobs: - name: Pre-Commit Test -- Report Job Status on Success if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: pre-commit hook test has passed!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: pre-commit hook test has passed!" - name: Pre-Commit Test -- Report Job Status on Failure if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: pre-commit hook test has failed!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: pre-commit hook test has failed!" diff --git a/.github/workflows/.job-60-remote-push.yml b/.github/workflows/.job-60-remote-push.yml index a11f7c41..a9a18f40 100644 --- a/.github/workflows/.job-60-remote-push.yml +++ b/.github/workflows/.job-60-remote-push.yml @@ -46,7 +46,6 @@ jobs: - name: Push Test -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -92,7 +91,7 @@ jobs: - name: Push Test -- Trigger Release Workflow Test if: matrix.cookiecutter-toml-selection == 1 run: | - gh workflow run -r "${TEST_PUSH_TAG}" -R "${REMOTE_ORIGIN}" release.yml -f "TAG=${TEST_PUSH_TAG}" + gh workflow run -r "${TEST_PUSH_TAG}" -R "${REMOTE_ORIGIN}" workflow-publish-to-galaxy.yml -f "TAG=${TEST_PUSH_TAG}" env: GITHUB_TOKEN: ${{ secrets.REMOTE_TOKEN }} REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} @@ -108,9 +107,9 @@ jobs: - name: Push Test -- Report Job Status on Success if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: push has been triggered!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: push has been triggered!" - name: Push Test -- Report Job Status on Failure if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: push failed to trigger!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: push failed to trigger!" diff --git a/.github/workflows/.job-80-commit-lint.yml b/.github/workflows/.job-80-commit-lint.yml index 70258328..8a3696b3 100644 --- a/.github/workflows/.job-80-commit-lint.yml +++ b/.github/workflows/.job-80-commit-lint.yml @@ -38,8 +38,7 @@ jobs: - name: Commit Lint Test -- Setup Environment run: | source "./.github/scripts/workflow-setup-environment.sh" - source "./{{cookiecutter.project_slug}}/.github/scripts/setup.sh" - source "./{{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh" env: GITHUB_CONTEXT: ${{ toJson(github) }} WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -51,7 +50,7 @@ jobs: - name: Commit Lint Test -- Install Poetry run: | - source "./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh" "install-poetry" + source "./{{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh" "install-poetry" - name: Commit Lint Test -- Initialize Cache Locations run: | @@ -65,7 +64,7 @@ jobs: - name: Commit Lint Test -- Install Requirements run: | - source "./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh" "install-project" + source "./{{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh" "install-project" - name: Commit Lint Test -- Lint Pushed Commits run: | @@ -74,9 +73,9 @@ jobs: - name: Commit Lint Test -- Report Job Status on Success if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: commit lint checks succeeded!" + "./{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: commit lint checks succeeded!" - name: Commit Lint Test -- Report Job Status on Failure if: failure() run: | - "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: commit lint checks failed!" + "./{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: commit lint checks failed!" diff --git a/.github/workflows/.job-80-shell-lint.yml b/.github/workflows/.job-80-shell-lint.yml index c2aac789..45f3bb8b 100644 --- a/.github/workflows/.job-80-shell-lint.yml +++ b/.github/workflows/.job-80-shell-lint.yml @@ -37,7 +37,6 @@ jobs: - name: Shell Lint Test -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -69,9 +68,9 @@ jobs: - name: Shell Lint Test -- Report Job Status on Success if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: shellcheck checks succeeded!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: shellcheck checks succeeded!" - name: Shell Lint Test -- Report Job Status on Failure if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: shellcheck checks failed!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: shellcheck checks failed!" diff --git a/.github/workflows/.job-80-toml-lint.yml b/.github/workflows/.job-80-toml-lint.yml index c981d676..0fa6626d 100644 --- a/.github/workflows/.job-80-toml-lint.yml +++ b/.github/workflows/.job-80-toml-lint.yml @@ -37,7 +37,6 @@ jobs: - name: Toml Lint Test -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -73,9 +72,9 @@ jobs: - name: Toml Lint Test -- Report Job Status (Success) if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: toml linting was successful!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: toml linting was successful!" - name: Toml Lint Test -- Report Job Status (Failure) if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: toml linting has failed!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: toml linting has failed!" diff --git a/.github/workflows/.job-80-yaml-lint.yml b/.github/workflows/.job-80-yaml-lint.yml index ab320685..b836c722 100644 --- a/.github/workflows/.job-80-yaml-lint.yml +++ b/.github/workflows/.job-80-yaml-lint.yml @@ -38,7 +38,6 @@ jobs: - name: Yaml Lint Test -- Setup Environment run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -74,9 +73,9 @@ jobs: - name: Yaml Lint Test -- Report Job Status on Success if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: YAML linting checks succeeded!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: YAML linting checks succeeded!" - name: Yaml Lint Test -- Report Job Status on Failure if: failure() run: | - "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: YAML linting checks failed!" + "./template/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: YAML linting checks failed!" diff --git a/.github/workflows/.job-99-create-release.yml b/.github/workflows/.job-99-create-release.yml index 4898f435..924b4d09 100644 --- a/.github/workflows/.job-99-create-release.yml +++ b/.github/workflows/.job-99-create-release.yml @@ -26,7 +26,7 @@ jobs: - name: Create Release -- Filter Release Candidates id: filter run: | - source "./{{cookiecutter.project_slug}}/.github/scripts/release_candidate.sh" "${{ github.event.ref }}" + source "./{{cookiecutter.project_slug}}/.github/scripts/job-99-release-candidate.sh" "${{ github.event.ref }}" - name: Create Release -- Checkout Repository (All Commits) if: steps.filter.outputs.release_candidate == 'TRUE' @@ -38,24 +38,23 @@ jobs: if: steps.filter.outputs.release_candidate == 'TRUE' run: | source "./template/.github/scripts/workflow-setup-environment.sh" - source "./{{cookiecutter.project_slug}}/.github/scripts/setup.sh" env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - name: Create Release -- Install Poetry if: steps.filter.outputs.release_candidate == 'TRUE' run: | - source "./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh" "install-poetry" + source "./{{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh" "install-poetry" - name: Create Release -- Check 'pyproject.toml' Matches Tag if: steps.filter.outputs.release_candidate == 'TRUE' run: | - source "./{{cookiecutter.project_slug}}/.github/scripts/version.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/task-99-check-version.sh" - name: Create Release -- Generate Changelog if: steps.filter.outputs.release_candidate == 'TRUE' run: - source "./{{cookiecutter.project_slug}}/.github/scripts/changelog.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh" - name: Create Release -- Generate GitHub Release Draft if: steps.filter.outputs.release_candidate == 'TRUE' @@ -64,7 +63,7 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | - const script = require('./{{cookiecutter.project_slug}}/.github/scripts/release.js'); + const script = require('./{{cookiecutter.project_slug}}/.github/scripts/job-99-create-release.js'); const body = process.env.CHANGE_LOG_CONTENT + "\n" + process.env.CHECK_LIST_CONTENT; const tag = process.env.BRANCH_OR_TAG; await script({ body, context, core, github, tag }) @@ -76,9 +75,9 @@ jobs: - name: Create Release -- Report Job Status on Success if: steps.filter.outputs.release_candidate == 'TRUE' run: | - "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: automated release has been created!\nhttps://github.com/${USER_NAME}/${PROJECT_NAME}/releases" + "./{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: automated release has been created!\nhttps://github.com/${USER_NAME}/${PROJECT_NAME}/releases" - name: Create Release -- Report Job Status on Failure if: failure() run: | - "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: automated release creation has failed!" + "./{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: automated release creation has failed!" diff --git a/.github/workflows/workflow-template-test.yml b/.github/workflows/workflow-template-test.yml index 3a7587e8..7b6c7452 100644 --- a/.github/workflows/workflow-template-test.yml +++ b/.github/workflows/workflow-template-test.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest outputs: - configuration: ${{ steps.cookiecutter_configuration.outputs.json_value }} + configuration: ${{ steps.cookiecutter_configuration.outputs.value }} steps: - name: Create Configuration -- Checkout Repository @@ -33,7 +33,7 @@ jobs: - name: Create Configuration -- Set Cookiecutter Configuration as Output id: cookiecutter_configuration run: | - source "./{{cookiecutter.project_slug}}/.github/scripts/workflow_json_value.sh" cat "cookiecutter.json" + source "./{{cookiecutter.project_slug}}/.github/scripts/workflow-set-value.sh" cat "cookiecutter.json" start: uses: ./.github/workflows/.job-00-start.yml diff --git a/README.md b/README.md index 0bd75cea..b6fedef5 100644 --- a/README.md +++ b/README.md @@ -93,7 +93,7 @@ A fundamental pillar of Ansible Workbench is the use of [Conventional Commits](h #### 1. Why Conventional Commits? - Following this standard has numerous advantages, but among the largest is its tight integration with [Semantic Versioning](https://semver.org/). -- For the Ansible Workbench CI/CD in particular, [changelog generation]({{cookiecutter.project_slug}}/.github/scripts/changelog.sh) and [release automation]({{cookiecutter.project_slug}}/.github/workflows/release.yml) is made possible through adherence to this format. +- For the Ansible Workbench CI/CD in particular, [changelog generation]({{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh) and [release automation]({{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml) is made possible through adherence to this format. - Being able to read commits from different people that conform to common standard also makes [interactive rebasing](https://git-scm.com/book/en/v2/Git-Tools-Rewriting-History) relatively painless. #### 2. Making A Conventional Commit With Commitizen @@ -141,7 +141,7 @@ To add tests to your role, create new scenarios with Molecule: #### iii. Add Your New Scenarios to CI/CD -If you are using the rendered [GitHub CI/CD]({{cookiecutter.project_slug}}/.github/workflows/push.yml), make sure to add your new scenario to the list that are tested in the `molecule_test` step. +If you are using the rendered [GitHub CI/CD]({{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml), make sure to add your new scenario to the list that are tested in the `molecule_test` step. ### 2. The Recommended Ansible Galaxy Settings @@ -201,7 +201,7 @@ You'll need to create some [secrets](https://docs.github.com/en/actions/security To make the most out of your [templated CI/CD]({{cookiecutter.project_slug}}/.github/workflows), create the following secrets: - `SLACK_WEBHOOK`: This secret value can optionally be set to a [Slack Webhook](https://api.slack.com/messaging/webhooks) you can configure to get status updates on how your commit is proceeding through the CI/CD. - - The verbosity of this integration can be controlled by setting the `VERBOSE_NOTIFICATIONS` environment variable to 1 in [this]({{cookiecutter.project_slug}}/.github/workflows/push.yml) workflow. + - The verbosity of this integration can be controlled by setting the `VERBOSE_NOTIFICATIONS` environment variable to 1 in [this]({{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml) workflow. - See this documentation on how to create a [Slack Webhook](https://api.slack.com/messaging/webhooks) for your team. - `GALAXY_API_KEY`: This secret API key can be found on your [Ansible Galaxy](https://galaxy.ansible.com/) account page, and enables automated publishing to Galaxy. - If you do not wish to publish your role, simply leave this secret unset. @@ -237,11 +237,11 @@ To make working with the CI/CD easy to get started with, there is configuration Your workflow configuration files will be created at [.github/config]({{cookiecutter.project_slug}}/.github/config): - [gaurav-nelson-github-action-markdown-link-check.json]({{cookiecutter.project_slug}}/.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json) is used to customize the [documentation_test](https://github.com/gaurav-nelson/github-action-markdown-link-check) step of the workflow. -- [push.json]({{cookiecutter.project_slug}}/.github/config/workflows/push.json) is used to customize the push workflow itself. (This is the workflow that runs on each git "push" to your GitHub repository.) +- [push.json]({{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json) is used to customize the push workflow itself. (This is the workflow that runs on each git "push" to your GitHub repository.) ##### Push Workflow Configuration -The following values are exposed in the [push.json]({{cookiecutter.project_slug}}/.github/config/workflows/push.json) configuration file: +The following values are exposed in the [push.json]({{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json) configuration file: - "ci_commitzen_rev_range": Optionally allows you to specify the range commitizen will respect when examining pushed commits. - "ci_molecule_excluded_scenarios_regex": Allows you to specify a regex that will prevent certain molecule scenarios from being run by the CI/CD. - "ci_molecule_test_platforms": Allows you to specify an array of [GitHub Action Platforms](https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources) your role will be linted and tested with. @@ -269,7 +269,7 @@ Tag your release with [Semantic Versioning](https://semver.org/). (Avoid prefix #### iv. Publishing Your Release to Ansible Galaxy - If you have configured a [secret](#2-Setting-Up-Your-CICD) for Ansible Galaxy more automation will now begin **after** you've published your GitHub release. -- The [release workflow]({{cookiecutter.project_slug}}/.github/workflows/release.yml) will be triggered, and will publish your release automatically to [Ansible Galaxy](https://galaxy.ansible.com/). +- The [release workflow]({{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml) will be triggered, and will publish your release automatically to [Ansible Galaxy](https://galaxy.ansible.com/). ## License diff --git a/cookiecutter.json b/cookiecutter.json index 1bc6e274..abb92507 100644 --- a/cookiecutter.json +++ b/cookiecutter.json @@ -20,8 +20,8 @@ "_GITHUB_ACTION_YAMLLINT": "ibiqlik/action-yamllint@v3", "_GITHUB_CI_DEFAULT_CONCURRENCY": 4, "_GITHUB_CI_DEFAULT_PYTHON_VERSIONS": ["3.9"], - "_GITHUB_CI_MOLECULE_TEST_PLATFORMS": ["ubuntu-latest"], - "_GITHUB_CI_MOLECULE_EXCLUDED_SCENARIOS_REGEX": "^default$|^noci-.*$", - "_GITHUB_CI_VERBOSE_NOTIFICATIONS": "0", + "_GITHUB_CI_DEFAULT_MOLECULE_TEST_PLATFORMS": ["ubuntu-latest"], + "_GITHUB_CI_DEFAULT_MOLECULE_EXCLUDED_SCENARIOS_REGEX": "^default$|^noci-.*$", + "_GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS": false, "*DO_NOT_MODIFY_THIS_FILE*": "This file is created to assist with upgrading to future versions of this template." } diff --git a/{{cookiecutter.project_slug}}/.ansible-lint b/{{cookiecutter.project_slug}}/.ansible-lint index fe5ef8f5..8b87c8ce 100644 --- a/{{cookiecutter.project_slug}}/.ansible-lint +++ b/{{cookiecutter.project_slug}}/.ansible-lint @@ -13,6 +13,7 @@ exclude_paths: - .ansible/ - .cache/ - .idea/ + - .github/ - .mac_maker/ - collections/ - roles/ diff --git a/{{cookiecutter.project_slug}}/.github/config/workflows/push.json b/{{cookiecutter.project_slug}}/.github/config/workflows/push.json deleted file mode 100644 index 87a9110b..00000000 --- a/{{cookiecutter.project_slug}}/.github/config/workflows/push.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "ci_commitzen_rev_range": "HEAD", - "ci_molecule_excluded_scenarios_regex": "{{ cookiecutter._GITHUB_CI_MOLECULE_EXCLUDED_SCENARIOS_REGEX }}", - "ci_molecule_test_platforms": {{ cookiecutter._GITHUB_CI_MOLECULE_TEST_PLATFORMS | tojson }}, - "ci_python_versions": {{ cookiecutter._GITHUB_CI_PYTHON_VERSIONS | tojson }}, - "ci_trufflehog_extra_scan_args": "" -} diff --git a/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-publish-to-galaxy.json b/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-publish-to-galaxy.json new file mode 100644 index 00000000..6f57b903 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-publish-to-galaxy.json @@ -0,0 +1,4 @@ +{ + "ci_python_version": "{{ cookiecutter._GITHUB_CI_DEFAULT_PYTHON_VERSIONS | first }}", + "ci_verbose_notifications": {{ cookiecutter._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS | tojson }} +} diff --git a/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json b/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json new file mode 100644 index 00000000..b32df34a --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json @@ -0,0 +1,12 @@ +{ + "ci_commitzen_rev_range": "HEAD", + "ci_extra_release_content": [ + "## Customizable Text.", + "This message is appended to the changelog of your GitHub release." + ], + "ci_molecule_excluded_scenarios_regex": "{{ cookiecutter._GITHUB_CI_DEFAULT_MOLECULE_EXCLUDED_SCENARIOS_REGEX }}", + "ci_molecule_test_platforms": {{ cookiecutter._GITHUB_CI_DEFAULT_MOLECULE_TEST_PLATFORMS | tojson }}, + "ci_python_versions": {{ cookiecutter._GITHUB_CI_DEFAULT_PYTHON_VERSIONS | tojson }}, + "ci_trufflehog_extra_scan_args": "", + "ci_verbose_notifications": {{ cookiecutter._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS | tojson }} +} diff --git a/{{cookiecutter.project_slug}}/.github/scripts/version.sh b/{{cookiecutter.project_slug}}/.github/scripts/job-99-check-version.sh similarity index 89% rename from {{cookiecutter.project_slug}}/.github/scripts/version.sh rename to {{cookiecutter.project_slug}}/.github/scripts/job-99-check-version.sh index 0991ebc5..4774a377 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/version.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/job-99-check-version.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/version.sh +# .github/scripts/job-99-check-version.sh # Ensures the 'pyproject.toml' version matches the current Git Tag. # BRANCH_OR_TAG: The name of the current Git Branch or Tag. diff --git a/{{cookiecutter.project_slug}}/.github/scripts/changelog.sh b/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh similarity index 89% rename from {{cookiecutter.project_slug}}/.github/scripts/changelog.sh rename to {{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh index 982b1bc1..9581a00c 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/changelog.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/changelog.sh +# .github/scripts/job-99-create-changelog.sh # Generates a changelog for the specified ${BRANCH_OR_TAG}. # BRANCH_OR_TAG: The new git tag the changelog is being generated for. diff --git a/{{cookiecutter.project_slug}}/.github/scripts/release.js b/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-release.js similarity index 100% rename from {{cookiecutter.project_slug}}/.github/scripts/release.js rename to {{cookiecutter.project_slug}}/.github/scripts/job-99-create-release.js diff --git a/{{cookiecutter.project_slug}}/.github/scripts/release_candidate.sh b/{{cookiecutter.project_slug}}/.github/scripts/job-99-release-candidate.sh similarity index 90% rename from {{cookiecutter.project_slug}}/.github/scripts/release_candidate.sh rename to {{cookiecutter.project_slug}}/.github/scripts/job-99-release-candidate.sh index 27902459..4d6e99bf 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/release_candidate.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/job-99-release-candidate.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/release_candidate.sh +# .github/scripts/job-99-release-candidate.sh # Evaluates if the current git reference is a release candidate. # 1: The git reference that created the workflow flow. diff --git a/{{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh b/{{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh similarity index 94% rename from {{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh rename to {{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh index 5edead54..062ed37b 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/ansible_cache.sh +# .github/scripts/task-setup-ansible-cache.sh # Creates symlinks for attaching an external cache folder for Ansible. # Separate folders for Ansible-Compat, and Molecule are maintained. diff --git a/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh b/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh similarity index 89% rename from {{cookiecutter.project_slug}}/.github/scripts/notifications.sh rename to {{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh index c212119e..238e56ac 100755 --- a/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/notifications.sh +# .github/scripts/task-slack-notification.sh # Sends a notification to slack. # 1: The branch information to display. diff --git a/{{cookiecutter.project_slug}}/.github/scripts/poetry.sh b/{{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh similarity index 91% rename from {{cookiecutter.project_slug}}/.github/scripts/poetry.sh rename to {{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh index 856a428c..ecf8ff07 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/poetry.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/poetry.sh +# .github/scripts/task-use-poetry.sh # Centralized management of poetry installs. # CI only script diff --git a/{{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh b/{{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh similarity index 96% rename from {{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh rename to {{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh index 33de1399..070799f4 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/pushed_commit_range.sh +# .github/scripts/workflow-determine-pushed-commits.sh # Retrieves the range of the commits in a push, and sets the PUSHED_COMMIT_START, PUSHED_COMMIT_REV_RANGE variables. # ANSIBLE_WORKBENCH_PUSH_FALLBACK_INDEX: Optionally set fallback behaviour when no changed commits are detected. (Default is the first commit in the project.) diff --git a/{{cookiecutter.project_slug}}/.github/scripts/workflow-identify-molecule-scenarios.sh b/{{cookiecutter.project_slug}}/.github/scripts/workflow-identify-molecule-scenarios.sh new file mode 100644 index 00000000..29083d78 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/scripts/workflow-identify-molecule-scenarios.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +# .github/scripts/task-identify-molecule-scenarios.sh +# Creates a workflow configuration value containing an array of active molecule scenarios for testing. + +# CI only script + +set -eo pipefail + +main() { + + EXCLUDED="$(jq -rM ".ci_molecule_excluded_scenarios_regex" ".github/config/workflows/workflow-push.json")" + SCENARIOS=(); while IFS='' read -r SCENARIO; do SCENARIOS+=("${SCENARIO}"); done < <(find molecule/* -maxdepth 0 -type d -not -name "default" -not -name "${EXCLUDED}" -exec basename {} \;) + + source ".github/scripts/workflow-set-value.sh" jq -M --null-input "\$ARGS.positional" --args "${SCENARIOS[@]}" + +} + +main "$@" + + diff --git a/{{cookiecutter.project_slug}}/.github/scripts/workflow_json_value.sh b/{{cookiecutter.project_slug}}/.github/scripts/workflow-set-value.sh similarity index 78% rename from {{cookiecutter.project_slug}}/.github/scripts/workflow_json_value.sh rename to {{cookiecutter.project_slug}}/.github/scripts/workflow-set-value.sh index 33e7bc69..03dcc5ef 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/workflow_json_value.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/workflow-set-value.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/workflow_json_value.sh +# .github/scripts/workflow-set-value.sh # Create configuration for a workflow run dynamically. # @ An array of commands to execute to generate the JSON value. @@ -12,7 +12,7 @@ set -eo pipefail main() { { - echo "json_value<> "${GITHUB_OUTPUT}" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/setup.sh b/{{cookiecutter.project_slug}}/.github/scripts/workflow-setup-environment.sh similarity index 63% rename from {{cookiecutter.project_slug}}/.github/scripts/setup.sh rename to {{cookiecutter.project_slug}}/.github/scripts/workflow-setup-environment.sh index 34d5c67d..43633133 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/setup.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/workflow-setup-environment.sh @@ -1,7 +1,7 @@ #!/bin/bash -# .github/scripts/setup.sh -# Configures environment variables for GitHub Actions. +# .github/scripts/workflow-setup-environment.sh +# Configures environment variables for GitHub Workflows. # CI only script. @@ -9,6 +9,9 @@ set -eo pipefail main() { + PROJECT_NAME="{{ cookiecutter.project_slug }}" + USER_NAME="{{ cookiecutter.github_handle }}" + BRANCH_OR_TAG="$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///g' | sed 's/refs\/tags\///g')" WORKFLOW_URL="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" @@ -16,6 +19,8 @@ main() { echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" echo "CACHE_TTL=$(date +%d)" echo "NOTIFICATION=${PROJECT_NAME} [<${WORKFLOW_URL}|${BRANCH_OR_TAG}>]" + echo "PROJECT_NAME=${PROJECT_NAME}" + echo "USER_NAME=${USER_NAME}" echo "WEBHOOK_URL=${WEBHOOK_URL}" } >> "${GITHUB_ENV}" diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-00-start.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-00-start.yml new file mode 100644 index 00000000..08531405 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-00-start.yml @@ -0,0 +1,35 @@ +--- +name: {{ cookiecutter.project_slug }}-job-start-notification +{% raw %} +on: + workflow_call: + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + start_notification: + + runs-on: ubuntu-latest + + steps: + - name: Start -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + + - name: Start -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Start -- Report Job Status on Success + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: workflow has started!" + + - name: Start -- Report Job Status on Failure + if: failure() + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: error reporting job status!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-00-success.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-00-success.yml new file mode 100644 index 00000000..4329d050 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-00-success.yml @@ -0,0 +1,35 @@ +--- +name: {{ cookiecutter.project_slug }}-job-success-notification +{% raw %} +on: + workflow_call: + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + success_notification: + + runs-on: ubuntu-latest + + steps: + - name: Success -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + + - name: Success -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Success -- Report Job Status on Success + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: all checks were successful!" + + - name: Success -- Report Job Status on Failure + if: failure() + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: error reporting job status!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-10-security.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-10-security.yml new file mode 100644 index 00000000..2ae115cb --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-10-security.yml @@ -0,0 +1,57 @@ +--- +name: {{ cookiecutter.project_slug }}-job-security +{% raw %} +on: + workflow_call: + inputs: + TRUFFLEHOG_ARGS: + description: "Extra arguments to pass to the trufflehog binary." + required: true + type: string + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + run_trufflehog: + + runs-on: ubuntu-latest + + steps: + - name: Security Test Repo -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + with: + fetch-depth: 0 + + - name: Security Test Repo -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + source "./.github/scripts/workflow-determine-pushed-commits.sh" + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Security Test -- Run Trufflehog + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_TRUFFLEHOG }}{% raw %} + with: + base: ${{ env.PUSHED_COMMIT_START }} + extra_args: ${{ inputs.TRUFFLEHOG_ARGS }} + head: ${{ env.BRANCH_OR_TAG }} + path: . + + - name: Security Test Repo -- Report Job Status on Success + if: inputs.VERBOSITY == true + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: security checks succeeded!" + + - name: Security Test Repo -- Report Job Status on Failure + if: failure() + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: security checks failed!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-30-documentation.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-30-documentation.yml new file mode 100644 index 00000000..13d2f8ac --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-30-documentation.yml @@ -0,0 +1,48 @@ +--- +name: {{ cookiecutter.project_slug }}-job-documentation +{% raw %} +on: + workflow_call: + inputs: + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + check_markdown_links: + + runs-on: ubuntu-latest + + steps: + - name: Documentation Test -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + + - name: Documentation Test -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Documentation Test -- Documentation Validation + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_MARKDOWN_LINK_CHECK }}{% raw %} + with: + config-file: './.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json' + use-quiet-mode: 'no' + use-verbose-mode: 'yes' + + - name: Documentation Test -- Report Success + if: inputs.VERBOSITY == true + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: documentation test was successful!" + + - name: Documentation Test -- Report Failure + if: failure() + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: documentation test has failed!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-40-molecule-lint.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-40-molecule-lint.yml new file mode 100644 index 00000000..390ef26e --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-40-molecule-lint.yml @@ -0,0 +1,90 @@ +--- +name: {{ cookiecutter.project_slug }}-job-molecule-lint +{% raw %} +on: + workflow_call: + inputs: + PYTHON_VERSIONS: + description: "The versions of Python to use as a JSON array of string values." + required: true + type: string + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + secrets: + SLACK_WEBHOOK: + required: false + +jobs: + + run_molecule_lint: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + python-version: ${{ fromJSON(inputs.PYTHON_VERSIONS) }} + max-parallel: {% endraw %}{{ cookiecutter._GITHUB_CI_DEFAULT_CONCURRENCY }}{% raw %} + + steps: + + - name: Molecule Lint Test -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + with: + path: "role" + + - name: Molecule Lint Test -- Setup Environment + run: | + source "./role/.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Molecule Lint Test -- Set up Python ${{ matrix.python-version }} + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} + with: + python-version: ${{ matrix.python-version }} + + - name: Molecule Lint Test -- Install Poetry + run: | + source "./role/.github/scripts/task-use-poetry.sh" "install-poetry" + + - name: Molecule Lint Test -- Initialize Cache Locations + run: | + mkdir -p ~/.cache/pypoetry/virtualenvs + source "./role/.github/scripts/task-setup-ansible-cache.sh" \ + "$(pwd)/ansible_cache" \ + ~/.cache + + - name: Molecule Lint Test -- Mount Ansible Cache + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} + with: + key: ansible-${{ hashFiles('./role/requirements.yml') }}-${{ env.CACHE_TTL }} + path: ansible_cache + + - name: Molecule Lint Test -- Mount Poetry Cache + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} + with: + key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} + path: ~/.cache/pypoetry/virtualenvs + + - name: Molecule Lint Test -- Install Requirements + run: | + cd role + source "./.github/scripts/task-use-poetry.sh" "install-project" + + - name: Molecule Lint Test -- Run Linter + run: | + cd role + poetry run molecule lint + + - name: Molecule Lint Test -- Report Job Status (Success) + if: inputs.VERBOSITY == true + run: | + ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":white_check_mark: molecule linting was successful!" + + - name: Molecule Lint Test -- Report Job Status (Failure) + if: failure() + run: | + ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":x: molecule linting has failed!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-40-molecule-test.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-40-molecule-test.yml new file mode 100644 index 00000000..4f749fa1 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-40-molecule-test.yml @@ -0,0 +1,120 @@ +--- +name: {{ cookiecutter.project_slug }}-job-molecule-test +{% raw %} +on: + workflow_call: + inputs: + MOLECULE_PLATFORMS: + description: "The GitHub OS platforms to use for testing as a JSON array of string values." + required: true + type: string + MOLECULE_SCENARIOS: + description: "The molecule scenarios to test as a JSON array of string values." + required: true + type: string + PYTHON_VERSIONS: + description: "The versions of Python to use as a JSON array of string values." + required: true + type: string + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + run_molecule_test: + + runs-on: ${{ matrix.platform }} + strategy: + fail-fast: true + matrix: + platform: ${{ fromJSON(inputs.MOLECULE_PLATFORMS) }} + python-version: ${{ fromJSON(inputs.PYTHON_VERSIONS) }} + scenario: ${{ fromJSON(inputs.MOLECULE_SCENARIOS) }} + max-parallel: {% endraw %}{{ cookiecutter._GITHUB_CI_DEFAULT_CONCURRENCY }}{% raw %} + + steps: + - name: Molecule Test -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + with: + path: "role" + + - name: Molecule Test -- Setup Environment + run: | + source "./role/.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Molecule Test -- Set up Python ${{ matrix.python-version }} + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} + with: + python-version: ${{ matrix.python-version }} + + - name: Molecule Test -- Install Poetry + run: | + source "./role/.github/scripts/task-use-poetry.sh" "install-poetry" + + - name: Molecule Test -- Initialize Cache Locations + run: | + mkdir -p ~/.cache/pypoetry/virtualenvs + source "./role/.github/scripts/task-setup-ansible-cache.sh" \ + "$(pwd)/ansible_cache" \ + ~/.cache + + - name: Molecule Test -- Mount Ansible Cache + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} + with: + key: ansible-${{ hashFiles('./role/requirements.yml') }}-${{ env.CACHE_TTL }} + path: ansible_cache + + - name: Molecule Test -- Mount Poetry Cache + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} + with: + key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} + path: ~/.cache/pypoetry/virtualenvs + + - name: Molecule Test -- Install Requirements + run: | + cd role + source "./.github/scripts/task-use-poetry.sh" "install-project" + + - name: Molecule Test -- Reuse Cached Dependencies as Scenario + run: | + cd role + poetry run molecule dependency + mv ~/.cache/molecule/role/default ~/.cache/molecule/role/"${SCENARIO}" + env: + SCENARIO: ${{ matrix.scenario }} + + - name: Molecule Test -- Run ${{ matrix.scenario }} Scenario + run: | + cd role + poetry run molecule test -s "${SCENARIO}" + env: + SCENARIO: ${{ matrix.scenario }} + + - name: Molecule Test -- Reuse Scenario Dependencies as Cache + run: | + mv ~/.cache/molecule/role/"${SCENARIO}" ~/.cache/molecule/role/default + env: + SCENARIO: ${{ matrix.scenario }} + + - name: Molecule Test -- Report Job Status (Success) + if: inputs.VERBOSITY == true + run: | + ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":white_check_mark: molecule test scenario '${SCENARIO}' was successful!" + env: + SCENARIO: ${{ matrix.scenario }} + + - name: Molecule Test -- Report Job Status (Failure) + if: failure() + run: | + ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":x: molecule test scenario '${SCENARIO}' has failed!" + env: + SCENARIO: ${{ matrix.scenario }} +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-80-commit-lint.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-80-commit-lint.yml new file mode 100644 index 00000000..a16ec66f --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-80-commit-lint.yml @@ -0,0 +1,88 @@ +--- +name: {{ cookiecutter.project_slug }}-job-commit-lint +{% raw %} +on: + workflow_call: + inputs: + COMMITIZEN_REV_RANGE: + description: "The range of commits commitizen will enforce." + required: true + type: string + PYTHON_VERSIONS: + description: "The versions of Python to use as a JSON array of string values." + required: true + type: string + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE: ${{ inputs.COMMITIZEN_REV_RANGE }} + +jobs: + + run_commitizen: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + python-version: ${{ fromJSON(inputs.PYTHON_VERSIONS) }} + max-parallel: {% endraw %}{{ cookiecutter._GITHUB_CI_DEFAULT_CONCURRENCY }}{% raw %} + + steps: + - name: Commit Lint Test -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + with: + fetch-depth: 0 + + - name: Commit Lint Test -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + source "./.github/scripts/workflow-determine-pushed-commits.sh" + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Commit Lint Test -- Set up Python ${{ matrix.python-version }} + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} + with: + python-version: ${{ matrix.python-version }} + + - name: Commit Lint Test -- Install Poetry + run: | + source "./.github/scripts/task-use-poetry.sh" "install-poetry" + + - name: Commit Lint Test -- Initialize Cache Locations + run: | + mkdir -p ~/.cache/pypoetry/virtualenvs + + - name: Commit Lint Test -- Mount Poetry Cache + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} + with: + key: poetry-${{ hashFiles('./pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} + path: ~/.cache/pypoetry/virtualenvs + + - name: Commit Lint Test -- Install Requirements + run: | + source "./.github/scripts/task-use-poetry.sh" "install-project" + + - name: Commit Lint Test -- Lint Pushed Commits + run: | + poetry run cz check --rev-range "${PUSHED_COMMIT_REV_RANGE}" + + - name: Commit Lint Test -- Report Job Status on Success + if: inputs.VERBOSITY == true + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: commit lint checks succeeded!" + + - name: Commit Lint Test -- Report Job Status on Failure + if: failure() + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: commit lint checks failed!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-80-toml-lint.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-80-toml-lint.yml new file mode 100644 index 00000000..11619b62 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-80-toml-lint.yml @@ -0,0 +1,52 @@ +--- +name: {{ cookiecutter.project_slug }}-job-toml-lint +{% raw %} +on: + workflow_call: + inputs: + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + run_tomll: + + runs-on: ubuntu-latest + + steps: + - name: Toml Lint Test -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + + - name: Toml Lint Test -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Toml Lint Test -- Install Linter + run: | + sudo apt-get install -y golang-github-pelletier-go-toml + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Toml Lint Test -- Run Linter + run: | + find . -type f -name "*.toml" -exec tomll "{}" \; + git diff --exit-code + + - name: Toml Lint Test -- Report Job Status (Success) + if: inputs.VERBOSITY == true + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: toml linting was successful!" + + - name: Toml Lint Test -- Report Job Status (Failure) + if: failure() + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: toml linting has failed!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-80-yaml-lint.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-80-yaml-lint.yml new file mode 100644 index 00000000..256e10ab --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-80-yaml-lint.yml @@ -0,0 +1,48 @@ +--- +name: {{ cookiecutter.project_slug }}-job-yaml-lint +{% raw %} +on: + workflow_call: + inputs: + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + run_yamllint: + + runs-on: ubuntu-latest + + steps: + - name: Workflows Lint Test -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + + - name: Workflows Lint Test -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Workflows Lint Test -- Lint GitHub Workflows + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_YAMLLINT }}{% raw %} + with: + format: standard + file_or_dir: .github/workflows/ + config_file: .yamllint.yml + + - name: Workflows Lint Test -- Report Job Status (Success) + if: inputs.VERBOSITY == true + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: workflow linting was successful!" + + - name: Workflows Lint Test -- Report Job Status (Failure) + if: failure() + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: workflow linting has failed!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-99-create-release.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-99-create-release.yml new file mode 100644 index 00000000..1d5342d9 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-99-create-release.yml @@ -0,0 +1,95 @@ +--- +name: {{ cookiecutter.project_slug }}-job-create-release +{% raw %} +on: + workflow_call: + inputs: + EXTRA_RELEASE_CONTENT: + default: "[]" + description: "A JSON array containing extra markdown content to append to the generated release." + required: false + type: string + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + outputs: + release: + description: "A JSON object representing the created release." + value: ${{ jobs.generate_github_release.outputs.release }} + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + generate_github_release: + + outputs: + release: ${{ steps.create_release.outputs.result }} + runs-on: ubuntu-latest + + steps: + - name: Create Release -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + + - name: Create Release -- Filter Release Candidates + id: filter + run: | + source ".github/scripts/job-99-release-candidate.sh" "${{ github.event.ref }}" + + - name: Create Release -- Checkout Repository (All Commits) + if: steps.filter.outputs.release_candidate == 'TRUE' + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + with: + fetch-depth: 0 + + - name: Create Release -- Setup Environment + if: steps.filter.outputs.release_candidate == 'TRUE' + run: | + source "./.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Create Release -- Install Poetry + if: steps.filter.outputs.release_candidate == 'TRUE' + run: | + source "./.github/scripts/task-use-poetry.sh" "install-poetry" + + - name: Create Release -- Check 'pyproject.toml' Matches Tag + if: steps.filter.outputs.release_candidate == 'TRUE' + run: | + source "./.github/scripts/job-99-check-version.sh" + + - name: Create Release -- Generate Changelog + if: steps.filter.outputs.release_candidate == 'TRUE' + run: + source "./.github/scripts/job-99-create-changelog.sh" + + - name: Create Release -- Generate GitHub Release Draft + if: steps.filter.outputs.release_candidate == 'TRUE' + id: create_release + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_SCRIPT }}{% raw %} + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + result-encoding: json + script: | + const script = require('./.github/scripts/job-99-create-release.js') + const extraContent = "\n" + JSON.parse(process.env.EXTRA_RELEASE_CONTENT).join("\n") + const body = process.env.CHANGE_LOG_CONTENT + extraContent + const tag = process.env.BRANCH_OR_TAG; + return await script({ body, context, core, github, tag }) + env: + EXTRA_RELEASE_CONTENT: ${{ inputs.EXTRA_RELEASE_CONTENT }} + + - name: Create Release -- Report Job Status (Success) + if: steps.filter.outputs.release_candidate == 'TRUE' + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: automated release has been created:\nhttps://github.com/${USER_NAME}/${PROJECT_NAME}/releases" + + - name: Create Release -- Report Job Status (Failure) + if: failure() + run: | + "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: automated release generation failed!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/.job-99-import-role.yml b/{{cookiecutter.project_slug}}/.github/workflows/.job-99-import-role.yml new file mode 100644 index 00000000..81b9b618 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/.job-99-import-role.yml @@ -0,0 +1,95 @@ +--- +name: {{ cookiecutter.project_slug }}-job-import-role +{% raw %} +on: + workflow_call: + inputs: + PYTHON_VERSION: + description: "The single version of Python that will be used as a string value." + required: true + type: string + WORKFLOW_DISPATCH: + description: "Indicates whether a 'workflow_dispatch' event triggered this workflow run." + required: true + type: boolean + VERBOSITY: + description: "Manages the types of Slack notifications." + required: true + type: boolean + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + GALAXY_API_KEY: + description: "Optional, enables importing the role into Ansible Galaxy." + required: false + +jobs: + + import_role: + + runs-on: ubuntu-latest + + steps: + - name: Publish to Galaxy -- Code Checkout (workflow dispatch) + if: inputs.WORKFLOW_DISPATCH == true + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + with: + fetch-depth: 0 + path: 'role' + ref: ${{ github.event.inputs.TAG }} + + - name: Publish to Galaxy -- Code Checkout (published release) + if: inputs.WORKFLOW_DISPATCH == false + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + with: + fetch-depth: 0 + path: 'role' + + - name: Publish to Galaxy -- Setup Environment + run: | + source "./role/.github/scripts/workflow-setup-environment.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Publish to Galaxy -- Install Poetry + run: | + source "./role/.github/scripts/task-use-poetry.sh" "install-poetry" + + - name: Publish to Galaxy -- Set up Python ${{ inputs.PYTHON_VERSION }} + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} + with: + python-version: ${{ inputs.PYTHON_VERSION }} + + - name: Publish to Galaxy -- Initialize Cache Locations + run: | + mkdir -p ~/.cache/pypoetry/virtualenvs + + - name: Publish to Galaxy -- Mount Poetry Cache + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} + with: + key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} + path: ~/.cache/pypoetry/virtualenvs + + - name: Publish to Galaxy -- Install Requirements + run: | + cd role + source "./.github/scripts/task-use-poetry.sh" "install-project" + + - name: Publish to Galaxy -- Trigger Ansible Galaxy Import + run: | + cd role + poetry run ansible-galaxy role import "${USER_NAME}" "${PROJECT_NAME}" --token "${API_KEY}" | tee import.log + grep "0 errors" import.log + env: + API_KEY: ${{ secrets.GALAXY_API_KEY }} + + - name: Publish to Galaxy -- Report Job Status (Success) + run: | + ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":white_check_mark: automated ansible galaxy import has been completed!" + + - name: Publish to Galaxy -- Report Job Status (Failure) + if: failure() + run: | + ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":x: automated ansible galaxy import has failed!" +{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/push.yml b/{{cookiecutter.project_slug}}/.github/workflows/push.yml deleted file mode 100644 index 582c4f1d..00000000 --- a/{{cookiecutter.project_slug}}/.github/workflows/push.yml +++ /dev/null @@ -1,538 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-push - -# This workflow is configured by values found in the .github/config/workflows/push.json file. -# It's encouraged to explore the configuration before customizing this file. -# This will allow you to upgrade to future versions of this template without complications. - -# For further details please consult the documentation here: -# https://github.com/niall-byrne/ansible-workbench - -# Workflow Secrets: -# SLACK_WEBHOOK (Optional, for Slack notifications...) - -on: - push: - workflow_dispatch: - -env: - PROJECT_NAME: "{{ cookiecutter.project_slug }}" - USER_NAME: "{{ cookiecutter.github_handle }}" - VERBOSE_NOTIFICATIONS: 0 - -{% raw %} -jobs: - - _create_configuration: - - runs-on: ubuntu-latest - outputs: - commitizen-rev-range: ${{ steps.commitizen-rev-range.outputs.json_value }} - molecule-test-platforms: ${{ steps.molecule-test-platforms.outputs.json_value }} - molecule-scenarios: ${{ steps.molecule-scenarios.outputs.json_value }} - python-versions: ${{ steps.python-versions.outputs.json_value }} - trufflehog-args: ${{ steps.trufflehog-args.outputs.json_value }} - - - steps: - - name: Create Configuration -- Checkout Repository - uses: actions/checkout@v3 - - - name: Create Configuration -- Validate the 'push.json' File - run: | - python -m json.tool .github/config/workflows/push.json >> /dev/null - - - name: Create Configuration -- Set Commitzen Rev Range as Output - id: commitizen-rev-range - run: | - source .github/scripts/workflow_json_value.sh jq -rM .ci_commitzen_rev_range .github/config/workflows/push.json - - - name: Create Configuration -- Set Molecule Test Scenarios as Output - id: molecule-scenarios - run: | - EXCLUDED="$(jq -rM .ci_molecule_excluded_scenarios_regex .github/config/workflows/push.json)" - SCENARIOS=($(find molecule/* -maxdepth 0 -type d -not -name "default" -not -name "${EXCLUDED}" -exec basename {} \;)) - source .github/scripts/workflow_json_value.sh jq -M --null-input '$ARGS.positional' --args "${SCENARIOS[@]}" - - - name: Create Configuration -- Set Molecule Test Platforms as Output - id: molecule-test-platforms - run: | - source .github/scripts/workflow_json_value.sh jq -M .ci_molecule_test_platforms .github/config/workflows/push.json - - - name: Create Configuration -- Set Python Versions as Output - id: python-versions - run: | - source .github/scripts/workflow_json_value.sh jq -M .ci_python_versions .github/config/workflows/push.json - - - name: Create Configuration -- Set TruffleHog Extra Args as Output - id: trufflehog-args - run: | - source .github/scripts/workflow_json_value.sh jq -rM .ci_trufflehog_extra_scan_args .github/config/workflows/push.json - - _start_notification: - - runs-on: ubuntu-latest - - steps: - - name: Start -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Start -- Setup Environment - run: | - source ./.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Start -- Report Job Status on Success - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow has started!" - - - name: Start -- Report Job Status on Failure - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" - - _success_notification: - needs: [create_release] - - runs-on: ubuntu-latest - - steps: - - name: Success -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Success -- Setup Environment - run: | - source .github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Success -- Report Job Status on Success - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: all checks were successful!" - - - name: Success -- Report Job Status on Failure - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" - - commit_lint_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE: ${{ needs._create_configuration.outputs.commitizen-rev-range }} - strategy: - max-parallel: 4 - matrix: - python-version: ${{ fromJSON(needs._create_configuration.outputs.python-versions) }} - - steps: - - name: Commit Lint Test -- Checkout Repository - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Commit Lint Test -- Setup Environment - run: | - source ./.github/scripts/setup.sh - source ./.github/scripts/pushed_commit_range.sh - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Commit Lint Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Commit Lint Test -- Install Poetry - run: | - source ./.github/scripts/poetry.sh "install-poetry" - - - name: Commit Lint Test -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - - - name: Commit Lint Test -- Mount Poetry Cache - uses: actions/cache@v3 - with: - key: poetry-${{ hashFiles('./pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Commit Lint Test -- Install Requirements - run: | - source ./.github/scripts/poetry.sh "install-project" - - - name: Commit Lint Test -- Lint Pushed Commits - run: | - poetry run cz check --rev-range "${PUSHED_COMMIT_REV_RANGE}" - - - name: Commit Lint Test -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: commit lint checks succeeded!" - - - name: Commit Lint Test -- Report Job Status on Failure - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: commit lint checks failed!" - - create_release: - needs: {% endraw %}[_create_configuration, _start_notification, commit_lint_test, documentation_test, molecule_lint_test, molecule_test, security_test,{% if cookiecutter.optional_toml_linting == 'true' %} toml_lint_test,{% endif %} yaml_lint_test]{% raw %} - - runs-on: ubuntu-latest - - steps: - - name: Create Release -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Create Release -- Branch Filter - id: branch_filter - run: | - source .github/scripts/release_candidate.sh "${{ github.event.ref }}" - - - name: Create Release -- Checkout Repository (All Commits) - if: steps.branch_filter.outputs.release_candidate == 'TRUE' - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - - - name: Create Release -- Setup Environment - if: steps.branch_filter.outputs.release_candidate == 'TRUE' - run: | - source ./.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Create Release -- Install Poetry - if: steps.branch_filter.outputs.release_candidate == 'TRUE' - run: | - source ./.github/scripts/poetry.sh "install-poetry" - - - name: Create Release -- Check 'pyproject.toml' Matches Tag - if: steps.branch_filter.outputs.release_candidate == 'TRUE' - run: | - source ./.github/scripts/version.sh - - - name: Create Release -- Generate Changelog - if: steps.branch_filter.outputs.release_candidate == 'TRUE' - run: - source ./.github/scripts/changelog.sh - - - name: Create Release -- Generate GitHub Release Draft - if: steps.branch_filter.outputs.release_candidate == 'TRUE' - id: create_release - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_SCRIPT }}{% raw %} - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const script = require('./.github/scripts/release.js') - const body = process.env.CHANGE_LOG_CONTENT; - const tag = process.env.BRANCH_OR_TAG; - await script({ body, context, core, github, tag }) - - - name: Create Release -- Report Job Status (Success) - if: steps.branch_filter.outputs.release_candidate == 'TRUE' - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: automated release has been created:\nhttps://github.com/${USER_NAME}/${PROJECT_NAME}/releases" - - - name: Create Release -- Report Job Status (Failure) - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: automated release generation failed!" - - documentation_test: - - runs-on: ubuntu-latest - - steps: - - name: Documentation Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Documentation Test -- Setup Environment - run: | - source ./.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Documentation Test -- Documentation Validation - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_MARKDOWN_LINK_CHECK }}{% raw %} - with: - config-file: './.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json' - use-quiet-mode: 'no' - use-verbose-mode: 'yes' - - - name: Documentation Test -- Report Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: documentation test was successful!" - - - name: Documentation Test -- Report Failure - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: documentation test has failed!" - - molecule_lint_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - strategy: - max-parallel: {% endraw %}{{ cookiecutter._GITHUB_CI_DEFAULT_CONCURRENCY }}{% raw %} - matrix: - python-version: ${{ fromJSON(needs._create_configuration.outputs.python-versions) }} - - steps: - - - name: Molecule Lint Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - path: "role" - - - name: Molecule Lint Test -- Setup Environment - run: | - source ./role/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Molecule Lint Test -- Set up Python ${{ matrix.python-version }} - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} - with: - python-version: ${{ matrix.python-version }} - - - name: Molecule Lint Test -- Install Poetry - run: | - source ./role/.github/scripts/poetry.sh "install-poetry" - - - name: Molecule Lint Test -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - source ./role/.github/scripts/ansible_cache.sh \ - "$(pwd)/ansible_cache" \ - ~/.cache - - - name: Molecule Lint Test -- Mount Ansible Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: ansible-${{ hashFiles('./role/requirements.yml') }}-${{ env.CACHE_TTL }} - path: ansible_cache - - - name: Molecule Lint Test -- Mount Poetry Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Molecule Lint Test -- Install Requirements - run: | - cd role - source ./.github/scripts/poetry.sh "install-project" - - - name: Molecule Lint Test -- Run Linter - run: | - cd role - poetry run molecule lint - - - name: Molecule Lint Test -- Report Job Status (Success) - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./role/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule linting was successful!" - - - name: Molecule Lint Test -- Report Job Status (Failure) - if: failure() - run: | - ./role/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: molecule linting has failed!" - - molecule_test: - needs: [_create_configuration] - - runs-on: ${{ matrix.molecule-test-platform }} - strategy: - max-parallel: {% endraw %}{{ cookiecutter._GITHUB_CI_DEFAULT_CONCURRENCY }}{% raw %} - matrix: - molecule-test-platform: ${{ fromJSON(needs._create_configuration.outputs.molecule-test-platforms) }} - python-version: ${{ fromJSON(needs._create_configuration.outputs.python-versions) }} - scenario: ${{ fromJSON(needs._create_configuration.outputs.molecule-scenarios) }} - - steps: - - name: Molecule Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - path: "role" - - - name: Molecule Test -- Setup Environment - run: | - source ./role/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Molecule Test -- Set up Python ${{ matrix.python-version }} - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} - with: - python-version: ${{ matrix.python-version }} - - - name: Molecule Test -- Install Poetry - run: | - source ./role/.github/scripts/poetry.sh "install-poetry" - - - name: Molecule Test -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - source ./role/.github/scripts/ansible_cache.sh \ - "$(pwd)/ansible_cache" \ - ~/.cache - - - name: Molecule Test -- Mount Ansible Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: ansible-${{ hashFiles('./role/requirements.yml') }}-${{ env.CACHE_TTL }} - path: ansible_cache - - - name: Molecule Test -- Mount Poetry Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Molecule Test -- Install Requirements - run: | - cd role - source ./.github/scripts/poetry.sh "install-project" - - - name: Molecule Test -- Reuse Cached Dependencies as Scenario - run: | - cd role - poetry run molecule dependency - mv ~/.cache/molecule/role/default ~/.cache/molecule/role/"${SCENARIO}" - env: - SCENARIO: ${{ matrix.scenario }} - - - name: Molecule Test -- Run ${{ matrix.scenario }} Scenario - run: | - cd role - poetry run molecule test -s "${SCENARIO}" - env: - SCENARIO: ${{ matrix.scenario }} - - - name: Molecule Test -- Reuse Scenario Dependencies as Cache - run: | - mv ~/.cache/molecule/role/"${SCENARIO}" ~/.cache/molecule/role/default - env: - SCENARIO: ${{ matrix.scenario }} - - - name: Molecule Test -- Report Job Status (Success) - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./role/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule test scenario '${SCENARIO}' was successful!" - env: - SCENARIO: ${{ matrix.scenario }} - - - name: Molecule Test -- Report Job Status (Failure) - if: failure() - run: | - ./role/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: molecule test scenario '${SCENARIO}' has failed!" - env: - SCENARIO: ${{ matrix.scenario }} - - security_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - - steps: - - name: Security Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - - - name: Security Test -- Setup Environment - run: | - source ./.github/scripts/setup.sh - source ./.github/scripts/pushed_commit_range.sh - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Security Test -- Run Trufflehog - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_TRUFFLEHOG }}{% raw %} - with: - base: ${{ env.PUSHED_COMMIT_START }} - extra_args: ${{ needs._create_configuration.outputs.trufflehog-args }} - head: ${{ env.BRANCH_OR_TAG }} - path: . - - - name: Security Test -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: security checks were successful!" - - - name: Security Test -- Report Job Status on Failure - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: security checks failed!" - - {%- endraw %}{% if cookiecutter.optional_toml_linting == 'true' %} - - toml_lint_test: - - runs-on: ubuntu-latest - - steps: - - name: Toml Lint Test -- Checkout Repository - uses: {{ cookiecutter._GITHUB_ACTION_CHECKOUT }} - - - name: Toml Lint Test -- Setup Environment - run: | - source ./.github/scripts/setup.sh - sudo apt-get install -y golang-github-pelletier-go-toml - env: - WEBHOOK_URL: {{ '${{' }} secrets.SLACK_WEBHOOK {{ '}}' }} - - - name: Toml Lint Test -- Run Linter - run: | - find . -type f -name "*.toml" -exec tomll "{}" \; - git diff --exit-code - - - name: Toml Lint Test -- Report Job Status (Success) - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: toml linting was successful!" - - - name: Toml Lint Test -- Report Job Status (Failure) - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: toml linting has failed!" - - {%- endif %}{% raw %} - - yaml_lint_test: - - runs-on: ubuntu-latest - - steps: - - name: Yaml Lint Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Yaml Lint Test -- Setup Environment - run: | - source ./.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Yaml Lint Test -- Lint Rendered GitHub Workflows - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_YAMLLINT }}{% raw %} - with: - format: standard - file_or_dir: .github/workflows/ - config_file: .yamllint.yml - - - name: Yaml Lint Test -- Report Job Status (Success) - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow linting was successful!" - - - name: Yaml Lint Test -- Report Job Status (Failure) - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: workflow linting has failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/release.yml b/{{cookiecutter.project_slug}}/.github/workflows/release.yml deleted file mode 100644 index a5fd060a..00000000 --- a/{{cookiecutter.project_slug}}/.github/workflows/release.yml +++ /dev/null @@ -1,118 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-publish-to-galaxy - -# Workflow Secrets: -# SLACK_WEBHOOK (Optional, for Slack notifications...) -# GALAXY_API_KEY (Optional, for Ansible Galaxy Import...) - -on: - release: - types: [published] - workflow_dispatch: - inputs: - TAG: - description: 'Tag to Deploy' - required: true - default: '' - -env: - PROJECT_NAME: "{{ cookiecutter.project_slug }}" - USER_NAME: "{{ cookiecutter.github_handle }}" - -{% raw %} -jobs: - - _create_configuration: - - runs-on: ubuntu-latest - outputs: - publish-to-galaxy: ${{ steps.publish-to-galaxy.outputs.publish-to-galaxy }} - python-version: ${{ steps.python-versions.outputs.json_value }} - - steps: - - name: Create Configuration -- Checkout Repository - uses: actions/checkout@v3 - - - name: Create Configuration -- Set Publish to Galaxy as Output - id: publish-to-galaxy - run: | - [[ -n "${API_KEY}" ]] && PUBLISH_TO_GALAXY="true" || PUBLISH_TO_GALAXY="false" - echo "publish-to-galaxy=${PUBLISH_TO_GALAXY}" >> $GITHUB_OUTPUT - env: - API_KEY: ${{ secrets.GALAXY_API_KEY }} - - - name: Create Configuration -- Set Python Versions as Output - id: python-versions - run: | - source .github/scripts/workflow_json_value.sh jq -rM .ci_python_versions[0] .github/config/workflows/push.json - - publish_to_galaxy: - needs: [_create_configuration] - - if: needs._create_configuration.outputs.publish-to-galaxy == 'true' - runs-on: ubuntu-latest - - steps: - - - name: Publish to Galaxy -- Code Checkout (workflow dispatch) - if: github.event_name == 'workflow_dispatch' - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - path: 'role' - ref: ${{ github.event.inputs.TAG }} - - - name: Publish to Galaxy -- Code Checkout (published release) - if: github.event_name != 'workflow_dispatch' - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - path: 'role' - - - name: Publish to Galaxy -- Setup Environment - run: | - source ./role/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Publish to Galaxy -- Install Poetry - run: | - source ./role/.github/scripts/poetry.sh "install-poetry" - - - name: Publish to Galaxy -- Set up Python ${{ needs._create_configuration.outputs.python-version }} - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} - with: - python-version: ${{ needs._create_configuration.outputs.python-version }} - - - name: Publish to Galaxy -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - - - name: Publish to Galaxy -- Mount Poetry Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Publish to Galaxy -- Install Requirements - run: | - cd role - source ./.github/scripts/poetry.sh "install-project" - - - name: Publish to Galaxy -- Trigger Ansible Galaxy Import - run: | - cd role - poetry run ansible-galaxy role import ${USER_NAME} ${PROJECT_NAME} --token ${API_KEY} | tee import.log - grep "0 errors" import.log - env: - API_KEY: ${{ secrets.GALAXY_API_KEY }} - - - name: Publish to Galaxy -- Report Job Status (Success) - run: | - ./role/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: automated ansible galaxy import has been completed!" - - - name: Publish to Galaxy -- Report Job Status (Failure) - if: failure() - run: | - ./role/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: automated ansible galaxy import has failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml b/{{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml new file mode 100644 index 00000000..9a2a7b7f --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml @@ -0,0 +1,65 @@ +--- +name: {{ cookiecutter.project_slug }}-workflow-publish-to-galaxy + +# This workflow is configured by values found in the .github/config/workflows/workflow-publish-to-galaxy.json file. +# It's encouraged to explore the configuration before customizing this file. +# This will allow you to upgrade to future versions of this template without complications. + +# For further details please consult the documentation here: +# https://github.com/niall-byrne/ansible-workbench + +on: + release: + types: [published] + workflow_dispatch: + inputs: + TAG: + description: 'Tag to Deploy' + required: true + default: '' + +# secrets: +# SLACK_WEBHOOK: +# description: "Optional, enables Slack notifications." +# required: false + + +jobs: + + configuration: + + runs-on: ubuntu-latest + outputs: + configuration: {% raw %}${{ steps.configuration.outputs.value }}{% endraw %} + publish-to-galaxy: {% raw %}${{ steps.publish-to-galaxy.outputs.publish-to-galaxy }}{% endraw %} + + steps: + - name: Create Configuration -- Checkout Repository + uses: {{ cookiecutter._GITHUB_ACTION_CHECKOUT }} + + - name: Create Configuration -- Set Publish to Galaxy as Output + id: publish-to-galaxy + run: | + [[ -n "${API_KEY}" ]] && PUBLISH_TO_GALAXY="true" || PUBLISH_TO_GALAXY="false" + echo "publish-to-galaxy=${PUBLISH_TO_GALAXY}" >> "${GITHUB_OUTPUT}" + env: + API_KEY: {% raw %}${{ secrets.GALAXY_API_KEY }}{% endraw %} + + - name: Create Configuration -- Validate the 'workflow-publish-to-galaxy.json' File + run: | + python -m json.tool "./.github/config/workflows/workflow-publish-to-galaxy.json" >> /dev/null + + - name: Create Configuration -- Set the 'workflow-publish-to-galaxy.json' Configuration File as Output + id: configuration + run: | + source "./.github/scripts/workflow-set-value.sh" cat "./.github/config/workflows/workflow-publish-to-galaxy.json" + + publish_to_galaxy: + needs: [configuration] + if: needs.configuration.outputs.publish-to-galaxy == 'true' + uses: ./.github/workflows/.job-99-import-role.yml + with: + PYTHON_VERSION: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_python_version }}{% endraw %} + WORKFLOW_DISPATCH: {% raw %}${{ github.event_name == 'workflow_dispatch' }}{% endraw %} + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit diff --git a/{{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml b/{{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml new file mode 100644 index 00000000..31b6efde --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml @@ -0,0 +1,127 @@ +--- +name: {{ cookiecutter.project_slug }}-workflow-push + +# This workflow is configured by values found in the .github/config/workflows/workflow-push.json file. +# It's encouraged to explore the configuration before customizing this file. +# This will allow you to upgrade to future versions of this template without complications. + +# For further details please consult the documentation here: +# https://github.com/niall-byrne/ansible-workbench + +on: + push: + schedule: + - cron: "0 6 * * 1" + workflow_dispatch: + +# secrets: +# SLACK_WEBHOOK: +# description: "Optional, enables Slack notifications." +# required: false +# GALAXY_API_KEY: +# description: "Optional, enables importing the role into Ansible Galaxy." +# required: false + +jobs: + + configuration: + + runs-on: ubuntu-latest + outputs: + configuration: {% raw %}${{ steps.configuration.outputs.value }}{% endraw %} + molecule-scenarios: {% raw %}${{ steps.molecule-scenarios.outputs.value }}{% endraw %} + + steps: + - name: Create Configuration -- Checkout Repository + uses: {{ cookiecutter._GITHUB_ACTION_CHECKOUT }} + + - name: Create Configuration -- Validate the 'workflow-push.json' File + run: | + python -m json.tool "./.github/config/workflows/workflow-push.json" >> /dev/null + + - name: Create Configuration -- Set the Active Molecule Test Scenarios as Output + id: molecule-scenarios + run: | + source "./.github/scripts/workflow-identify-molecule-scenarios.sh" + + - name: Create Configuration -- Set the 'workflow-push.json' Configuration File as Output + id: configuration + run: | + source "./.github/scripts/workflow-set-value.sh" cat "./.github/config/workflows/workflow-push.json" + + start: + uses: ./.github/workflows/.job-00-start.yml + secrets: inherit + + success: + needs: [create_release] + uses: ./.github/workflows/.job-00-success.yml + secrets: inherit + + security_test: + needs: [configuration] + uses: ./.github/workflows/.job-10-security.yml + with: + TRUFFLEHOG_ARGS: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_trufflehog_extra_scan_args }}{% endraw %} + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit + + documentation_test: + needs: [configuration] + uses: ./.github/workflows/.job-30-documentation.yml + with: + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit + + molecule_lint_test: + needs: [configuration] + uses: ./.github/workflows/.job-40-molecule-lint.yml + with: + PYTHON_VERSIONS: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_python_versions) }}{% endraw %} + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit + + molecule_test: + needs: [configuration] + uses: ./.github/workflows/.job-40-molecule-test.yml + with: + MOLECULE_PLATFORMS: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_molecule_test_platforms) }}{% endraw %} + MOLECULE_SCENARIOS: {% raw %}${{ needs.configuration.outputs.molecule-scenarios }}{% endraw %} + PYTHON_VERSIONS: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_python_versions) }}{% endraw %} + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit + + commit_lint_test: + needs: [configuration] + uses: ./.github/workflows/.job-80-commit-lint.yml + with: + COMMITIZEN_REV_RANGE: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_commitzen_rev_range }}{% endraw %} + PYTHON_VERSIONS: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_python_versions) }}{% endraw %} + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit + + {%- if cookiecutter.optional_toml_linting == 'true' %} + + toml_lint_test: + needs: [configuration] + uses: ./.github/workflows/.job-80-toml-lint.yml + with: + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit + + {%- endif %} + + workflows_lint_test: + needs: [configuration] + uses: ./.github/workflows/.job-80-yaml-lint.yml + with: + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit + + create_release: + needs: [commit_lint_test, configuration, documentation_test, molecule_lint_test, molecule_test, security_test, start,{% if cookiecutter.optional_toml_linting == 'true' %} toml_lint_test,{% endif %} workflows_lint_test] + uses: ./.github/workflows/.job-99-create-release.yml + with: + EXTRA_RELEASE_CONTENT: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_extra_release_content) }}{% endraw %} + VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} + secrets: inherit diff --git a/{{cookiecutter.project_slug}}/README.md b/{{cookiecutter.project_slug}}/README.md index 5be4ec69..14a5be36 100644 --- a/{{cookiecutter.project_slug}}/README.md +++ b/{{cookiecutter.project_slug}}/README.md @@ -1,10 +1,10 @@ # {{cookiecutter.project_slug}} ### {{ cookiecutter._BRANCH_NAME_BASE | capitalize }} Branch CI: -- Github Actions: [![{{cookiecutter.project_slug}}](https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/actions/workflows/push.yml/badge.svg?branch={{ cookiecutter._BRANCH_NAME_BASE }})](https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/actions/workflows/push.yml) +- GitHub Actions: [![{{cookiecutter.project_slug}}](https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/actions/workflows/workflow-push.yml/badge.svg?branch={{ cookiecutter._BRANCH_NAME_BASE }})](https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/actions/workflows/workflow-push.yml) ### {{ cookiecutter._BRANCH_NAME_DEVELOPMENT | capitalize }} Branch CI: -- Github Actions: [![{{cookiecutter.project_slug}}](https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/actions/workflows/push.yml/badge.svg?branch={{ cookiecutter._BRANCH_NAME_DEVELOPMENT }})](https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/actions/workflows/push.yml) +- GitHub Actions: [![{{cookiecutter.project_slug}}](https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/actions/workflows/workflow-push.yml/badge.svg?branch={{ cookiecutter._BRANCH_NAME_DEVELOPMENT }})](https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/actions/workflows/workflow-push.yml) {{ cookiecutter.description }} diff --git a/{{cookiecutter.project_slug}}/pyproject.toml b/{{cookiecutter.project_slug}}/pyproject.toml index 464a97d9..a0f65bed 100644 --- a/{{cookiecutter.project_slug}}/pyproject.toml +++ b/{{cookiecutter.project_slug}}/pyproject.toml @@ -17,7 +17,7 @@ version = "0.1.0" [tool.poetry.dependencies] - python = ">={{ cookiecutter._GITHUB_CI_PYTHON_VERSIONS | first }}.0,<4.0" + python = ">={{ cookiecutter._GITHUB_CI_DEFAULT_PYTHON_VERSIONS | first }}.0,<4.0" [tool.poetry.dev-dependencies] ansible = "^7.2.0"