Skip to content
This repository has been archived by the owner on Nov 7, 2023. It is now read-only.

Commit

Permalink
ci(GITHUB): upgrade notifications and refactor workflows
Browse files Browse the repository at this point in the history
niall-byrne committed Jun 22, 2021
1 parent c0da14f commit 525b34d
Showing 7 changed files with 173 additions and 75 deletions.
9 changes: 4 additions & 5 deletions .github/scripts/setup.sh
Original file line number Diff line number Diff line change
@@ -2,15 +2,14 @@

# shellcheck disable=SC2129

set -eo pipefail

main() {
BRANCH_OR_TAG="$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///g' | sed 's/refs\/tags\///g')"
PROJECT_NAME="ansible-workbench"
WORKFLOW_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" >> "$GITHUB_ENV"
echo "WEBHOOK_URL=${WEBHOOK_URL}" >> "$GITHUB_ENV"
echo "PROJECT_NAME=${PROJECT_NAME}" >> "$GITHUB_ENV"
echo "NOTIFICATION=${PROJECT_NAME} [${BRANCH_OR_TAG}]" >> "$GITHUB_ENV"
echo "USERNAME=shared-vision-solutions" >> "$GITHUB_ENV"
echo "TEMPLATED_NAME=flower-generator" >> "$GITHUB_ENV"
echo "NOTIFICATION=${PROJECT_NAME} [<${WORKFLOW_URL}|${BRANCH_OR_TAG}>]" >> "$GITHUB_ENV"
}

main
2 changes: 2 additions & 0 deletions .github/scripts/template.sh
Original file line number Diff line number Diff line change
@@ -3,6 +3,8 @@
NAME=${1:-"Pro Buddy Dev"}
EMAIL=${2:-"somedude@coolstartup.com"}

set -eo pipefail

main() {
pip install cookiecutter poetry
git config --global user.name "${NAME}"
37 changes: 28 additions & 9 deletions .github/workflows/self-test.yml
Original file line number Diff line number Diff line change
@@ -12,6 +12,11 @@ on:
- cron: "0 6 * * 1"
workflow_dispatch:

env:
PROJECT_NAME: "ansible-workbench"
USERNAME: "shared-vision-solutions"
TEMPLATED_NAME: "flower-generator"

jobs:

documentation_test:
@@ -23,7 +28,6 @@ jobs:
python-version: [3.7]

steps:

- name: Documentation Test -- Checkout Repository
uses: actions/checkout@v2
with:
@@ -41,14 +45,15 @@ jobs:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Documentation Test -- Check Markdown Links For Readme
uses: gaurav-nelson/github-action-markdown-link-check@1.0.11
uses: gaurav-nelson/github-action-markdown-link-check@1.0.12
with:
use-quiet-mode: 'no'
use-verbose-mode: 'yes'
folder-path: 'template, template/.github/workflows'
max-depth: 1

- name: Documentation Test -- Check Markdown Links For Rendered Template
uses: gaurav-nelson/github-action-markdown-link-check@1.0.11
uses: gaurav-nelson/github-action-markdown-link-check@1.0.12
with:
use-quiet-mode: 'no'
use-verbose-mode: 'yes'
@@ -58,6 +63,7 @@ jobs:
- name: Documentation Test -- Report Job Status on Success
run: |
./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: documentation checks succeeded!"
- name: Documentation Test -- Report Job Status on Failure
if: failure()
run: |
@@ -72,11 +78,11 @@ jobs:
python-version: [3.7]

steps:

- name: Molecule Lint -- Checkout Repository
uses: actions/checkout@v2
with:
path: 'template'

- name: Molecule Lint -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
@@ -97,6 +103,7 @@ jobs:
- name: Molecule Lint -- Report Job Status on Success
run: |
./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule linting checks succeeded!"
- name: Molecule Lint -- Report Job Status on Failure
if: failure()
run: |
@@ -112,12 +119,12 @@ jobs:
python-version: [3.7]

steps:

- name: Push Test -- Checkout Repository
uses: actions/checkout@v2
with:
path: 'template'
persist-credentials: false

- name: Push Test -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
@@ -136,6 +143,7 @@ jobs:
git checkout master
git tag --delete v0.0.0 # Don't Repush
git tag v1.0.0
- name: Push Test -- Push To Test Repository (master)
uses: ad-m/github-push-action@v0.6.0
with:
@@ -145,6 +153,7 @@ jobs:
directory: ${{ env.TEMPLATED_NAME }}
repository: ${{ secrets.REMOTE_ORIGIN }}
force: true

- name: Push Test -- Push To Test Repository (production)
uses: ad-m/github-push-action@v0.6.0
with:
@@ -154,6 +163,7 @@ jobs:
directory: ${{ env.TEMPLATED_NAME }}
repository: ${{ secrets.REMOTE_ORIGIN }}
force: true

- name: Push Test -- Push To Test Repository (release tag)
uses: ad-m/github-push-action@v0.6.0
with:
@@ -167,6 +177,7 @@ jobs:
- name: Push Test -- Report Job Status on Success
run: |
./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: push has been triggered!"
- name: Push Test -- Report Job Status on Failure
if: failure()
run: |
@@ -179,7 +190,9 @@ jobs:

steps:
- name: Create Release -- Checkout Repository
if: contains(github.ref, '/tags/v')
uses: actions/checkout@v1

- name: Create Release -- Setup Environment
if: contains(github.ref, '/tags/v')
run: |
@@ -190,10 +203,11 @@ jobs:

- name: Create Release -- Generate Changelog
if: contains(github.ref, '/tags/v')
uses: scottbrenner/generate-changelog-action@1.0.3
uses: scottbrenner/generate-changelog-action@v1.3.3
id: Changelog
env:
REPO: ${{ github.repository }}

- name: Create Release -- Create Github Release
if: contains(github.ref, '/tags/v')
uses: actions/create-release@v1
@@ -215,6 +229,7 @@ jobs:
if: contains(github.ref, '/tags/v')
run: |
./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: automated release has been created!\nhttps://github.com/${USERNAME}/${PROJECT_NAME}/releases"
- name: Create Release -- Report Job Status on Failure
if: failure()
run: |
@@ -229,7 +244,6 @@ jobs:
python-version: [3.7]

steps:

- name: Security Test -- Checkout Repository
uses: actions/checkout@v2
with:
@@ -247,7 +261,7 @@ jobs:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Security Test -- Run Gitleaks
uses: zricethezav/gitleaks-action@master
uses: zricethezav/gitleaks-action@v1.6.0

- name: Security Test -- Check Dependencies
run: |
@@ -260,6 +274,7 @@ jobs:
- name: Security Test -- Report Job Status on Success
run: |
./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: security checks succeeded!"
- name: Security Test -- Report Job Status on Failure
if: failure()
run: |
@@ -278,6 +293,7 @@ jobs:
uses: actions/checkout@v2
with:
path: 'template'

- name: Shellcheck -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
@@ -295,13 +311,15 @@ jobs:
shellcheck ./template/hooks/*.sh
shellcheck ./template/scripts/*.sh
shellcheck ./template/.github/scripts/*.sh
- name: Shellcheck -- Shellcheck Rendered Scripts
run: |
shellcheck ${TEMPLATED_NAME}/.github/scripts/*.sh
- name: Shellcheck -- Report Job Status on Success
run: |
./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: shellcheck checks succeeded!"
- name: Shellcheck -- Report Job Status on Failure
if: failure()
run: |
@@ -316,11 +334,11 @@ jobs:
python-version: [3.7]

steps:

- name: Workflow Lint -- Checkout Repository
uses: actions/checkout@v2
with:
path: 'template'

- name: Workflow Lint -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
@@ -344,6 +362,7 @@ jobs:
- name: Workflow Lint -- Report Job Status on Success
run: |
./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow linting checks succeeded!"
- name: Workflow Lint -- Report Job Status on Failure
if: failure()
run: |
6 changes: 5 additions & 1 deletion cookiecutter.json
Original file line number Diff line number Diff line change
@@ -7,5 +7,9 @@
"description": "Not the baking kind.",
"author": "Niall Byrne",
"company": "Shared Vision Solutions",
"email": "niall@niallbyrne.ca"
"email": "niall@niallbyrne.ca",
"_GITHUB_ACTION_MARKDOWN_LINK_CHECK": "gaurav-nelson/github-action-markdown-link-check@1.0.12",
"_GITHUB_GENERATE_CHANGELOG_ACTION": "scottbrenner/generate-changelog-action@v1.3.3",
"_GITHUB_GITLEAKS_ACTION": "zricethezav/gitleaks-action@v1.6.0",
"_GITHUB_PUSH_ACTION": "ad-m/github-push-action@v0.6.0"
}
8 changes: 4 additions & 4 deletions {{cookiecutter.project_slug}}/.github/scripts/setup.sh
Original file line number Diff line number Diff line change
@@ -2,14 +2,14 @@

# shellcheck disable=SC2129

set -eo pipefail

main() {
BRANCH_OR_TAG="$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///g' | sed 's/refs\/tags\///g')"
PROJECT_NAME="{{ cookiecutter.project_slug }}"
WORKFLOW_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" >> "$GITHUB_ENV"
echo "WEBHOOK_URL=${WEBHOOK_URL}" >> "$GITHUB_ENV"
echo "PROJECT_NAME=${PROJECT_NAME}" >> "$GITHUB_ENV"
echo "NOTIFICATION=${PROJECT_NAME} [${BRANCH_OR_TAG}]" >> "$GITHUB_ENV"
echo "USERNAME={{ cookiecutter.github_handle }}" >> "$GITHUB_ENV"
echo "NOTIFICATION=${PROJECT_NAME} [<${WORKFLOW_URL}|${BRANCH_OR_TAG}>]" >> "$GITHUB_ENV"
}

main
177 changes: 122 additions & 55 deletions {{cookiecutter.project_slug}}/.github/workflows/push.yml
Original file line number Diff line number Diff line change
@@ -1,15 +1,69 @@
---
name: {{ cookiecutter.project_slug }}-push
{% raw %}

# Workflow Secrets:
# SLACK_WEBHOOK (Required, for slack notifications...)

on:
push:
workflow_dispatch:

env:
PROJECT_NAME: "{{ cookiecutter.project_slug }}"
USERNAME: "{{ cookiecutter.github_handle }}"
VERBOSE_NOTIFICATIONS: 0

{% raw %}
jobs:

create_release:
needs: [molecule_test, molecule_lint, documentation_test, security_test, start_notification]

runs-on: ubuntu-latest

steps:
- name: Release -- Checkout Repository
if: contains(github.ref, '/tags/v')
uses: actions/checkout@v1

- name: Release -- Setup Environment
if: contains(github.ref, '/tags/v')
run: |
source ./.github/scripts/setup.sh
echo "{}" > package.json
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Release -- Generate Changelog
if: contains(github.ref, '/tags/v')
uses: {% endraw %}{{ cookiecutter._GITHUB_GENERATE_CHANGELOG_ACTION }}{% raw %}
id: Changelog
env:
REPO: ${{ github.repository }}

- name: Release -- Create Github Release
if: contains(github.ref, '/tags/v')
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ env.BRANCH_OR_TAG }}
release_name: Release ${{ env.BRANCH_OR_TAG }}
body: |
${{ steps.Changelog.outputs.changelog }}
draft: true
prerelease: false

- name: Release -- Report Job Status (Success)
if: contains(github.ref, '/tags/v')
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: automated release has been created:\nhttps://github.com/${USERNAME}/${PROJECT_NAME}/releases"
- name: Release -- Report Job Status (Failure)
if: failure() && contains(github.ref, '/tags/v')
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: automated release generation failed!"
documentation_test:

runs-on: ubuntu-latest
@@ -26,14 +80,16 @@ jobs:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Documentation Test -- Documentation Validation
uses: gaurav-nelson/github-action-markdown-link-check@1.0.11
uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_MARKDOWN_LINK_CHECK }}{% raw %}
with:
use-quiet-mode: 'no'
use-verbose-mode: 'yes'

- name: Documentation Test -- Report Success
if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }}
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: documentation test was successful!"
- name: Documentation Test -- Report Failure
if: failure()
run: |
@@ -51,6 +107,7 @@ jobs:

- name: Molecule Lint -- Checkout Repository
uses: actions/checkout@v1

- name: Molecule Lint -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
@@ -61,6 +118,7 @@ jobs:
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Molecule Lint -- Install Requirements
run: |
pip install poetry
@@ -71,8 +129,10 @@ jobs:
poetry run molecule lint
- name: Molecule Lint -- Report Job Status (Success)
if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }}
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule linting was successful!"
- name: Molecule Lint -- Report Job Status (Failure)
if: failure()
run: |
@@ -87,9 +147,9 @@ jobs:
python-version: [3.7]

steps:

- name: Molecule Test -- Checkout Repository
uses: actions/checkout@v1

- name: Molecule Test -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
@@ -100,6 +160,7 @@ jobs:
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Molecule Test -- Install Requirements
run: |
pip install poetry
@@ -110,62 +171,15 @@ jobs:
poetry run molecule test -s docker1
- name: Molecule Test -- Report Job Status (Success)
if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }}
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule test was successful!"
- name: Molecule Test -- Report Job Status (Failure)
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: molecule test has failed!"
release:
needs: [molecule_test, molecule_lint, documentation_test, security_test]

runs-on: ubuntu-latest

steps:

- name: Release -- Checkout Repository
if: contains(github.ref, '/tags/v')
uses: actions/checkout@v1

- name: Release -- Setup Environment
if: contains(github.ref, '/tags/v')
run: |
source ./.github/scripts/setup.sh
NEWTAG=${BRANCH_OR_TAG}
echo "NEWTAG=${NEWTAG}" >> $GITHUB_ENV
echo "{}" > package.json
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Release -- Generate Changelog
if: contains(github.ref, '/tags/v')
uses: scottbrenner/generate-changelog-action@1.0.3
id: Changelog
env:
REPO: ${{ github.repository }}
- name: Release -- Create Github Release
if: contains(github.ref, '/tags/v')
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ env.NEWTAG }}
release_name: Release ${{ env.NEWTAG }}
body: |
${{ steps.Changelog.outputs.changelog }}
draft: true
prerelease: false

- name: Release -- Report Job Status (Success)
if: contains(github.ref, '/tags/v')
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: automated release has been created:\nhttps://github.com/${USERNAME}/${PROJECT_NAME}/releases"
- name: Release -- Report Job Status (Failure)
if: failure() && contains(github.ref, '/tags/v')
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: automated release generation failed!"
security_test:

runs-on: ubuntu-latest
@@ -175,9 +189,9 @@ jobs:
python-version: [3.7]

steps:

- name: Security Test -- Checkout Repository
uses: actions/checkout@v1

- name: Security Test -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
@@ -190,7 +204,7 @@ jobs:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Security Test -- Run Gitleaks
uses: zricethezav/gitleaks-action@master
uses: {% endraw %}{{ cookiecutter._GITHUB_GITLEAKS_ACTION }}{% raw %}

- name: Security Test -- Check Dependencies
run: |
@@ -200,13 +214,62 @@ jobs:
safety check
- name: Security Test -- Report Job Status on Success
if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }}
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: security checks were successful!"
- name: Security Test -- Report Job Status on Failure
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: security checks failed!"
start_notification:

runs-on: ubuntu-latest

steps:
- name: Start -- Checkout Repository
uses: actions/checkout@v1

- name: Start -- Setup Environment
run: |
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Start -- Report Job Status on Success
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow has started!"
- name: Start -- Report Job Status on Failure
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!"
success_notification:
needs: [create_release]

runs-on: ubuntu-latest

steps:
- name: Success -- Checkout Repository
uses: actions/checkout@v1

- name: Success -- Setup Environment
run: |
source .github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Success -- Report Job Status on Success
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: all checks were successful!"
- name: Success -- Report Job Status on Failure
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!"
workflow_lint:

runs-on: ubuntu-latest
@@ -216,9 +279,9 @@ jobs:
python-version: [3.7]

steps:

- name: Workflow Lint -- Checkout Repository
uses: actions/checkout@v1

- name: Workflow Lint -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
@@ -229,17 +292,21 @@ jobs:
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Workflow Lint -- Install Requirements
run: |
pip install yamllint
- name: Workflow Lint -- Run Linter
run: |
yamllint .github/workflows
shellcheck .github/scripts/*
- name: Workflow Lint -- Report Job Status (Success)
if: ${{ env.VERBOSE_NOTIFICATIONS == '1' }}
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow linting was successful!"
- name: Workflow Lint -- Report Job Status (Failure)
if: failure()
run: |
9 changes: 8 additions & 1 deletion {{cookiecutter.project_slug}}/.github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
name: {{ cookiecutter.project_slug }}-publish-to-galaxy
{% raw %}

# Workflow Secrets:
# SLACK_WEBHOOK (Required, for slack notifications...)
# GALAXY_API_KEY (Required, for Ansible Galaxy Import...)
@@ -15,6 +15,11 @@ on:
required: true
default: ''

env:
PROJECT_NAME: "{{ cookiecutter.project_slug }}"
USERNAME: "{{ cookiecutter.github_handle }}"

{% raw %}
jobs:
publish_to_galaxy:

@@ -32,6 +37,7 @@ jobs:
with:
fetch-depth: 0
ref: ${{ github.event.inputs.TAG }}

- name: Publish to Galaxy -- Code Checkout (published release)
if: github.event_name != 'workflow_dispatch'
uses: actions/checkout@v2
@@ -62,6 +68,7 @@ jobs:
- name: Publish to Galaxy -- Report Job Status (Success)
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: automated ansible galaxy import has been completed!"
- name: Publish to Galaxy -- Report Job Status (Failure)
if: failure()
run: |

0 comments on commit 525b34d

Please sign in to comment.