From 4cf00776ffbcaf3440f7680e921bee8e36799b33 Mon Sep 17 00:00:00 2001 From: Niall Byrne <9848926+niall-byrne@users.noreply.github.com> Date: Thu, 23 Feb 2023 17:10:54 -0500 Subject: [PATCH] ci(GITHUB): reorder, upgrade action versions --- .github/workflows/self-test.yml | 245 ++++++++++-------- cookiecutter.json | 13 +- hooks/post_gen_project.sh | 38 ++- scripts/test.sh | 23 ++ scripts/update.sh | 12 +- .../.github/config/markdown.link.check.json | 17 +- .../.github/scripts/changelog.sh | 2 +- .../.github/scripts/setup.sh | 2 +- .../.github/workflows/push.yml | 173 ++++++------- .../.github/workflows/release.yml | 6 +- .../{.yamllint => .yamllint.yml} | 0 11 files changed, 308 insertions(+), 223 deletions(-) create mode 100755 scripts/test.sh rename {{cookiecutter.project_slug}}/{.yamllint => .yamllint.yml} (100%) diff --git a/.github/workflows/self-test.yml b/.github/workflows/self-test.yml index a23c4230..1494ef4a 100644 --- a/.github/workflows/self-test.yml +++ b/.github/workflows/self-test.yml @@ -13,7 +13,8 @@ on: workflow_dispatch: env: - CONFIGURE_PYTHON_VERSIONS: "[3.9]" + ANSIBLE_WORKBENCH_BRANCH_NAME_BASE: "master" + ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT: "dev" PROJECT_NAME: "ansible-workbench" USERNAME: "niall-byrne" TEMPLATED_NAME: "flower-generator" @@ -21,35 +22,96 @@ env: jobs: - _create_python_versions: + _create_configuration: runs-on: ubuntu-latest outputs: - python-versions: ${{ steps.create_matrix.outputs.python-versions }} + configuration: ${{ steps.read_configuration.outputs.configuration }} steps: - - name: Create Python Versions -- Set Configured Python Versions as Output - id: create_matrix + - name: Create Configuration -- Checkout Repository + uses: actions/checkout@v3 + + - name: Create Configuration -- Set Cookiecutter Configuration as Output + id: read_configuration + run: | + { + echo "configuration<> $GITHUB_OUTPUT + + _start_notification: + + runs-on: ubuntu-latest + + steps: + - name: Start -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Start -- Setup Environment + run: | + source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Start -- Report Job Status on Success + run: | + ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow has started!" + + - name: Start -- Report Job Status on Failure + if: failure() + run: | + ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" + + _success_notification: + needs: [create_release] + + runs-on: ubuntu-latest + + steps: + - name: Success -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Success -- Setup Environment run: | - echo "python-versions=${CONFIGURE_PYTHON_VERSIONS}" >> $GITHUB_OUTPUT + source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Success -- Report Job Status on Success + run: | + ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: all checks were successful!" + + - name: Success -- Report Job Status on Failure + if: failure() + run: | + ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" + documentation_test: - needs: [_create_python_versions] + needs: [_create_configuration] runs-on: ubuntu-latest + env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 strategy: max-parallel: 4 matrix: - python-version: ${{ fromJson(needs._create_python_versions.outputs.python-versions) }} + python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} steps: - name: Documentation Test -- Checkout Repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: 'template' - name: Documentation Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} @@ -60,8 +122,8 @@ jobs: env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - name: Documentation Test -- Check Markdown Links For Readme - uses: gaurav-nelson/github-action-markdown-link-check@1.0.13 + - name: Documentation Test -- Check Markdown Links For Template + uses: gaurav-nelson/github-action-markdown-link-check@v1 with: config-file: 'template/{{cookiecutter.project_slug}}/.github/config/markdown.link.check.json' use-quiet-mode: 'no' @@ -70,7 +132,7 @@ jobs: max-depth: 1 - name: Documentation Test -- Check Markdown Links For Rendered Template - uses: gaurav-nelson/github-action-markdown-link-check@1.0.12 + uses: gaurav-nelson/github-action-markdown-link-check@v1 with: use-quiet-mode: 'no' use-verbose-mode: 'yes' @@ -78,7 +140,7 @@ jobs: max-depth: -1 - name: Documentation Test -- Report Job Status on Success - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: documentation checks succeeded!" @@ -88,65 +150,67 @@ jobs: ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: documentation checks failed!" molecule_lint_test: - needs: [_create_python_versions] + needs: [_create_configuration] runs-on: ubuntu-latest strategy: max-parallel: 4 matrix: - python-version: ${{ fromJson(needs._create_python_versions.outputs.python-versions) }} + python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} steps: - - name: Molecule Lint -- Checkout Repository - uses: actions/checkout@v2 + - name: Molecule Lint Test -- Checkout Repository + uses: actions/checkout@v3 with: path: 'template' - - name: Molecule Lint -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + - name: Molecule Lint Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - - name: Molecule Lint -- Setup Environment / Render Template + - name: Molecule Lint Test -- Setup Environment / Render Template run: | source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh source ./template/.github/scripts/template.sh env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - name: Molecule Lint -- Lint Rendered Template With Default Scenario + - name: Molecule Lint Test -- Lint Rendered Template With Default Scenario run: | cd ${TEMPLATED_NAME} poetry run molecule lint - - name: Molecule Lint -- Report Job Status on Success - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + - name: Molecule Lint Test -- Report Job Status on Success + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule linting checks succeeded!" - - name: Molecule Lint -- Report Job Status on Failure + - name: Molecule Lint Test -- Report Job Status on Failure if: failure() run: | ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: molecule linting checks failed!" push_repository_test: - needs: [_create_python_versions, documentation_test, molecule_lint_test, security_test, shellcheck_test, workflow_lint_test] + needs: [_create_configuration, _start_notification, documentation_test, molecule_lint_test, security_test, shellcheck_test, yaml_lint_test] runs-on: ubuntu-latest + env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 strategy: max-parallel: 4 matrix: - python-version: ${{ fromJson(needs._create_python_versions.outputs.python-versions) }} + python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} steps: - name: Push Test -- Checkout Repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: 'template' persist-credentials: false - name: Push Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} @@ -195,7 +259,7 @@ jobs: force: true - name: Push Test -- Report Job Status on Success - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: push has been triggered!" @@ -212,7 +276,7 @@ jobs: steps: - name: Create Release -- Checkout Repository if: contains(github.ref, '/tags/v') - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 @@ -256,22 +320,22 @@ jobs: ./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: automated release creation has failed!" security_test: - needs: [_create_python_versions] + needs: [_create_configuration] runs-on: ubuntu-latest strategy: max-parallel: 4 matrix: - python-version: ${{ fromJson(needs._create_python_versions.outputs.python-versions) }} + python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} steps: - name: Security Test -- Checkout Repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: 'template' - name: Security Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} @@ -294,7 +358,7 @@ jobs: cd .. - name: Security Test -- Report Job Status on Success - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: security checks succeeded!" @@ -304,22 +368,24 @@ jobs: ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: security checks failed!" shellcheck_test: - needs: [_create_python_versions] + needs: [_create_configuration] runs-on: ubuntu-latest + env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 strategy: max-parallel: 4 matrix: - python-version: ${{ fromJson(needs._create_python_versions.outputs.python-versions) }} + python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} steps: - name: Shellcheck -- Checkout Repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: 'template' - name: Shellcheck -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} @@ -341,7 +407,7 @@ jobs: shellcheck ${TEMPLATED_NAME}/.github/scripts/*.sh - name: Shellcheck -- Report Job Status on Success - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: shellcheck checks succeeded!" @@ -350,98 +416,55 @@ jobs: run: | ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: shellcheck checks failed!" - start_notification: - - runs-on: ubuntu-latest - - steps: - - name: Start -- Checkout Repository - uses: actions/checkout@v2 - with: - path: 'template' - - - name: Start -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Start -- Report Job Status on Success - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow has started!" - - - name: Start -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" - - success_notification: - needs: [create_release] - - runs-on: ubuntu-latest - - steps: - - name: Success -- Checkout Repository - uses: actions/checkout@v2 - with: - path: 'template' - - - name: Success -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Success -- Report Job Status on Success - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: all checks were successful!" - - - name: Success -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" - - workflow_lint_test: - needs: [_create_python_versions] + yaml_lint_test: + needs: [_create_configuration] runs-on: ubuntu-latest + env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 strategy: max-parallel: 4 matrix: - python-version: ${{ fromJson(needs._create_python_versions.outputs.python-versions) }} + python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} steps: - - name: Workflow Lint -- Checkout Repository - uses: actions/checkout@v2 + - name: Yaml Lint Test -- Checkout Repository + uses: actions/checkout@v3 with: path: 'template' - - name: Workflow Lint -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + - name: Yaml Lint Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} - - name: Workflow Lint -- Setup Environment / Render Template + - name: Yaml Lint Test -- Setup Environment / Render Template run: | source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh source ./template/.github/scripts/template.sh env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - name: Workflow Lint -- Lint Workflows - run: | - yamllint -f standard ./template/.github/workflows -c ./${TEMPLATED_NAME}/.yamllint + - name: Yaml Lint Test -- Lint Template GitHub Workflows + uses: ibiqlik/action-yamllint@v3 + with: + format: standard + file_or_dir: ./template/.github/workflows + config_file: ./${{ env.TEMPLATED_NAME }}/.yamllint.yml - - name: Workflow Lint -- Lint Rendered Template Workflows - run: | - yamllint -f standard ./${TEMPLATED_NAME}/.github/workflows/*.yml -c ./${TEMPLATED_NAME}/.yamllint + - name: Yaml Lint Test -- Lint Rendered GitHub Workflows + uses: ibiqlik/action-yamllint@v3 + with: + format: standard + file_or_dir: ./${{ env.TEMPLATED_NAME }}/.github/workflows/*.yml -c ./${{ env.TEMPLATED_NAME }}/.yamllint.yml + config_file: ./${{ env.TEMPLATED_NAME }}/.yamllint.yml - - name: Workflow Lint -- Report Job Status on Success - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + - name: Yaml Lint Test -- Report Job Status on Success + if: env.VERBOSE_NOTIFICATIONS == '1' run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow linting checks succeeded!" + ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: YAML linting checks succeeded!" - - name: Workflow Lint -- Report Job Status on Failure + - name: Yaml Lint Test -- Report Job Status on Failure if: failure() run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: workflow linting checks failed!" + ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: YAML linting checks failed!" diff --git a/cookiecutter.json b/cookiecutter.json index 40af60a7..0bc07d53 100644 --- a/cookiecutter.json +++ b/cookiecutter.json @@ -8,8 +8,15 @@ "author": "Niall Byrne", "company": "Shared Vision Solutions", "email": "niall@niallbyrne.ca", + "_BRANCH_NAME_BASE": "master", + "_BRANCH_NAME_DEVELOPMENT": "dev", "_GITHUB_CI_PYTHON_VERSIONS": ["3.9"], - "_GITHUB_ACTION_MARKDOWN_LINK_CHECK": "gaurav-nelson/github-action-markdown-link-check@1.0.13", - "_GITHUB_GITLEAKS_ACTION": "zricethezav/gitleaks-action@v1.6.0", - "_GITHUB_PUSH_ACTION": "ad-m/github-push-action@v0.6.0" + "_GITHUB_ACTION_CACHE": "actions/cache@v3", + "_GITHUB_ACTION_CHECKOUT": "actions/checkout@v3", + "_GITHUB_ACTION_GITLEAKS": "zricethezav/gitleaks-action@v1.6.0", + "_GITHUB_ACTION_MARKDOWN_LINK_CHECK": "gaurav-nelson/github-action-markdown-link-check@v1", + "_GITHUB_ACTION_PYTHON": "actions/setup-python@v4", + "_GITHUB_ACTION_SCRIPT": "actions/github-script@v6", + "_GITHUB_ACTION_TRUFFLEHOG": "trufflesecurity/trufflehog@v3.28.0", + "_GITHUB_ACTION_YAMLLINT": "ibiqlik/action-yamllint@v3" } diff --git a/hooks/post_gen_project.sh b/hooks/post_gen_project.sh index 736a32d3..807bbcb4 100644 --- a/hooks/post_gen_project.sh +++ b/hooks/post_gen_project.sh @@ -1,33 +1,55 @@ #!/bin/bash +# hooks/post_gen_project.sh +# Configures the templated profile for use. + +# ANSIBLE_WORKBENCH_BRANCH_NAME_BASE: Optional alternate base branch name. +# ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT: Optional alternate development branch name. +# ANSIBLE_WORKBENCH_SKIP_POETRY: Optionally set to 1 to skip installing dependencies. + +# cookiecutter only script. + +ANSIBLE_WORKBENCH_BRANCH_NAME_BASE="${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE-"{{ cookiecutter._BRANCH_NAME_BASE }}"}" +ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT="${ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT-"{{ cookiecutter._BRANCH_NAME_DEVELOPMENT }}"}" +ANSIBLE_WORKBENCH_TEMPLATE_URL="https://github.com/niall-byrne/ansible-workbench.git" + initialize_git() { + git init - git checkout -b master + git checkout -b "${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE}" git stage . git commit -m "build(COOKIECUTTER): initial generation" - git symbolic-ref HEAD refs/heads/master + git symbolic-ref HEAD "refs/heads/${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE}" git tag v0.0.0 - git checkout -b production - git checkout master + git checkout -b "${ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT}" mkdir -p files templates + } initialize_poetry() { - if [[ -z "$(poetry env list)" ]]; then + + if [[ "${ANSIBLE_WORKBENCH_SKIP_POETRY}" != "1" ]]; then poetry install fi + } update_template_values() { - # Compatible with Linux and BSD sed - sed -i.bak 's/ansible-workbench\//https:\/\/github.com\/niall-byrne\/ansible-workbench.git/' .cookiecutter/cookiecutter.json - rm .cookiecutter/cookiecutter.json.bak + + if ! grep "${ANSIBLE_WORKBENCH_TEMPLATE_URL}" .cookiecutter/cookiecutter.json; then + # sed compatible with Linux and BSD + sed -i.bak 's,"_template": ".*","_template": "'"${ANSIBLE_WORKBENCH_TEMPLATE_URL}"'",g' .cookiecutter/cookiecutter.json + rm .cookiecutter/cookiecutter.json.bak + fi + } main() { + update_template_values initialize_git initialize_poetry + } main diff --git a/scripts/test.sh b/scripts/test.sh new file mode 100755 index 00000000..3210b20d --- /dev/null +++ b/scripts/test.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# scripts/test.sh +# Templates and builds the example role with default values for testing. + +# Development only script. + +set -eo pipefail + +main() { + + rm -rf ../flower-generator + + pushd .. + echo -e "\n\n\n\n\n\n\n\n\n" | cookiecutter ansible-workbench + cd flower-generator + echo -e "\nExit from this shell when finished testing ..." + bash + popd + +} + +main "$@" diff --git a/scripts/update.sh b/scripts/update.sh index 691d8bae..354892bd 100755 --- a/scripts/update.sh +++ b/scripts/update.sh @@ -6,6 +6,15 @@ # Requires: https://pypi.org/project/cookiecutter-project-upgrader/ +# 1: The path to the role folder you'll be upgrading. +# 2: The tag or branch of this repository you'll be using to perform the upgrade. + +# Development only script. + +set -eo pipefail + +ANSIBLE_WORKBENCH_TEMPLATE_URL="https://github.com/niall-byrne/ansible-workbench.git" + error() { echo "USAGE: ./update.sh [ROLE FOLDER] [TEMPLATE TAG or BRANCH]" exit 127 @@ -21,7 +30,7 @@ main() { -c .cookiecutter/cookiecutter.json \ -b "update-template" \ -u "$2" \ - -f https://github.com/niall-byrne/ansible-workbench.git \ + -f "${ANSIBLE_WORKBENCH_TEMPLATE_URL}" \ -e "defaults" \ -e "handlers" \ -e "meta" \ @@ -29,7 +38,6 @@ main() { -e "tasks" \ -e "tests" \ -e "vars" \ - -e ".ansible-lint" \ -e ".gitignore" \ -e "pyproject.toml" \ -e "requirements.yml" \ diff --git a/{{cookiecutter.project_slug}}/.github/config/markdown.link.check.json b/{{cookiecutter.project_slug}}/.github/config/markdown.link.check.json index 09943681..b686dd1c 100644 --- a/{{cookiecutter.project_slug}}/.github/config/markdown.link.check.json +++ b/{{cookiecutter.project_slug}}/.github/config/markdown.link.check.json @@ -1,7 +1,20 @@ { + "httpHeaders": [ + { + "urls": [ + "https://github.com/", + "https://guides.github.com/", + "https://help.github.com/", + "https://docs.github.com/" + ], + "headers": { + "Accept-Encoding": "zstd, br, gzip, deflate" + } + } + ], "ignorePatterns": [ { - "pattern": "^https://docs.github.com/" + "pattern": "^https://github.com/{{cookiecutter.github_handle}}/{{cookiecutter.project_slug}}/" } ] -} \ No newline at end of file +} diff --git a/{{cookiecutter.project_slug}}/.github/scripts/changelog.sh b/{{cookiecutter.project_slug}}/.github/scripts/changelog.sh index 0017f5a0..5c76aae5 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/changelog.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/changelog.sh @@ -12,7 +12,7 @@ main() { echo "CHANGE_LOG_CONTENT<> "$GITHUB_ENV" + } >> "${GITHUB_ENV}" rm package.json diff --git a/{{cookiecutter.project_slug}}/.github/scripts/setup.sh b/{{cookiecutter.project_slug}}/.github/scripts/setup.sh index e9aa5cb4..d17fb027 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/setup.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/setup.sh @@ -10,7 +10,7 @@ main() { echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" echo "WEBHOOK_URL=${WEBHOOK_URL}" echo "NOTIFICATION=${PROJECT_NAME} [<${WORKFLOW_URL}|${BRANCH_OR_TAG}>]" - } >> "$GITHUB_ENV" + } >> "${GITHUB_ENV}" } diff --git a/{{cookiecutter.project_slug}}/.github/workflows/push.yml b/{{cookiecutter.project_slug}}/.github/workflows/push.yml index 5e6592ec..e74ed0c7 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/push.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/push.yml @@ -28,15 +28,62 @@ jobs: run: | echo 'python-versions={% endraw %}{{ cookiecutter._GITHUB_CI_PYTHON_VERSIONS | tojson }}{% raw %}' >> $GITHUB_OUTPUT + _start_notification: + + runs-on: ubuntu-latest + + steps: + - name: Start -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + + - name: Start -- Setup Environment + run: | + source ./.github/scripts/setup.sh + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Start -- Report Job Status on Success + run: | + ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow has started!" + + - name: Start -- Report Job Status on Failure + if: failure() + run: | + ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" + + _success_notification: + needs: [create_release] + + runs-on: ubuntu-latest + + steps: + - name: Success -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} + + - name: Success -- Setup Environment + run: | + source .github/scripts/setup.sh + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Success -- Report Job Status on Success + run: | + ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: all checks were successful!" + + - name: Success -- Report Job Status on Failure + if: failure() + run: | + ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" + create_release: - needs: [molecule_test, molecule_lint, documentation_test, security_test, start_notification] + needs: [_create_python_versions, _start_notification, documentation_test, molecule_lint_test, molecule_test, security_test, yaml_lint_test] runs-on: ubuntu-latest steps: - name: Release -- Checkout Repository if: contains(github.ref, '/tags/v') - uses: actions/checkout@v2 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} with: fetch-depth: 0 @@ -82,7 +129,7 @@ jobs: steps: - name: Documentation Test -- Checkout Repository - uses: actions/checkout@v2 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - name: Documentation Test -- Setup Environment run: | @@ -98,7 +145,7 @@ jobs: use-verbose-mode: 'yes' - name: Documentation Test -- Report Success - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: documentation test was successful!" @@ -107,7 +154,7 @@ jobs: run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: documentation test has failed!" - molecule_lint: + molecule_lint_test: needs: [_create_python_versions] runs-on: ubuntu-latest @@ -118,35 +165,35 @@ jobs: steps: - - name: Molecule Lint -- Checkout Repository - uses: actions/checkout@v2 + - name: Molecule Lint Test -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - name: Molecule Lint -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + - name: Molecule Lint Test -- Set up Python ${{ matrix.python-version }} + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} with: python-version: ${{ matrix.python-version }} - - name: Molecule Lint -- Setup Environment + - name: Molecule Lint Test -- Setup Environment run: | source ./.github/scripts/setup.sh env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - name: Molecule Lint -- Install Requirements + - name: Molecule Lint Test -- Install Requirements run: | pip install poetry poetry install - - name: Molecule Lint -- Run Linter + - name: Molecule Lint Test -- Run Linter run: | poetry run molecule lint - - name: Molecule Lint -- Report Job Status (Success) - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + - name: Molecule Lint Test -- Report Job Status (Success) + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule linting was successful!" - - name: Molecule Lint -- Report Job Status (Failure) + - name: Molecule Lint Test -- Report Job Status (Failure) if: failure() run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: molecule linting has failed!" @@ -162,10 +209,10 @@ jobs: steps: - name: Molecule Test -- Checkout Repository - uses: actions/checkout@v2 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - name: Molecule Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} with: python-version: ${{ matrix.python-version }} @@ -185,7 +232,7 @@ jobs: poetry run molecule test -s docker1 - name: Molecule Test -- Report Job Status (Success) - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule test was successful!" @@ -205,12 +252,12 @@ jobs: steps: - name: Security Test -- Checkout Repository - uses: actions/checkout@v2 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} with: fetch-depth: 0 - name: Security Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} with: python-version: ${{ matrix.python-version }} @@ -221,7 +268,7 @@ jobs: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - name: Security Test -- Run Gitleaks - uses: {% endraw %}{{ cookiecutter._GITHUB_GITLEAKS_ACTION }}{% raw %} + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_GITLEAKS }}{% raw %} - name: Security Test -- Check Dependencies run: | @@ -231,7 +278,7 @@ jobs: poetry export -f requirements.txt --without-hashes | safety check --stdin - name: Security Test -- Report Job Status on Success - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: security checks were successful!" @@ -240,91 +287,33 @@ jobs: run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: security checks failed!" - start_notification: + yaml_lint_test: runs-on: ubuntu-latest steps: - - name: Start -- Checkout Repository - uses: actions/checkout@v2 + - name: Yaml Lint Test -- Checkout Repository + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - name: Start -- Setup Environment + - name: Yaml Lint Test -- Setup Environment run: | source ./.github/scripts/setup.sh env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - name: Start -- Report Job Status on Success - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow has started!" - - - name: Start -- Report Job Status on Failure - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" - - success_notification: - needs: [create_release] - - runs-on: ubuntu-latest - - steps: - - name: Success -- Checkout Repository - uses: actions/checkout@v2 - - - name: Success -- Setup Environment - run: | - source .github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Success -- Report Job Status on Success - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: all checks were successful!" - - - name: Success -- Report Job Status on Failure - if: failure() - run: | - ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" - - workflow_lint: - - runs-on: ubuntu-latest - strategy: - max-parallel: 4 - matrix: - python-version: [3.8] - - steps: - - name: Workflow Lint -- Checkout Repository - uses: actions/checkout@v2 - - - name: Workflow Lint -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 + - name: Yaml Lint Test -- Lint Rendered GitHub Workflows + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_YAMLLINT }}{% raw %} with: - python-version: ${{ matrix.python-version }} - - - name: Workflow Lint -- Setup Environment - run: | - source ./.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Workflow Lint -- Install Requirements - run: | - pip install yamllint - - - name: Workflow Lint -- Run Linter - run: | - yamllint .github/workflows - shellcheck .github/scripts/* + format: standard + file_or_dir: .github/workflows/ + config_file: .yamllint.yml - - name: Workflow Lint -- Report Job Status (Success) - if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }} + - name: Yaml Lint Test -- Report Job Status (Success) + if: env.VERBOSE_NOTIFICATIONS == '1' run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow linting was successful!" - - name: Workflow Lint -- Report Job Status (Failure) + - name: Yaml Lint Test -- Report Job Status (Failure) if: failure() run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: workflow linting has failed!" diff --git a/{{cookiecutter.project_slug}}/.github/workflows/release.yml b/{{cookiecutter.project_slug}}/.github/workflows/release.yml index a1e968e1..31e4b490 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/release.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/release.yml @@ -31,19 +31,19 @@ jobs: - name: Publish to Galaxy -- Code Checkout (workflow dispatch) if: github.event_name == 'workflow_dispatch' - uses: actions/checkout@v2 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} with: fetch-depth: 0 ref: ${{ github.event.inputs.TAG }} - name: Publish to Galaxy -- Code Checkout (published release) if: github.event_name != 'workflow_dispatch' - uses: actions/checkout@v2 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} with: fetch-depth: 0 - name: Publish to Galaxy -- Set up Python ${{ toJSON(env.PYTHON_VERSIONS)[0] }} - uses: actions/setup-python@v1 + uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} with: python-version: ${{ toJSON(env.PYTHON_VERSIONS)[0] }} diff --git a/{{cookiecutter.project_slug}}/.yamllint b/{{cookiecutter.project_slug}}/.yamllint.yml similarity index 100% rename from {{cookiecutter.project_slug}}/.yamllint rename to {{cookiecutter.project_slug}}/.yamllint.yml