From 8cecaf679d2b470018ec23b01e84b49087690331 Mon Sep 17 00:00:00 2001 From: Niall Byrne <9848926+niall-byrne@users.noreply.github.com> Date: Wed, 10 May 2023 13:03:33 -0400 Subject: [PATCH] ci(GITHUB): integrate cicd-tools (internal) --- .github/workflows/workflow-template-test.yml | 2 +- README.md | 12 +- {{cookiecutter.project_slug}}/.ansible-lint | 2 +- .../.cicd-tools/configuration.json | 5 - .../workflows/workflow-publish-to-galaxy.json | 23 ++ .../schemas/workflows/workflow-push.json | 67 +++++ .../workflows/workflow-publish-to-galaxy.json | 2 +- .../config/workflows/workflow-push.json | 4 +- .../.github/deactivated/.job-00-start.yml | 35 --- .../.github/deactivated/.job-00-success.yml | 35 --- .../.github/deactivated/.job-10-security.yml | 57 ---- .../deactivated/.job-30-documentation.yml | 48 ---- .../deactivated/.job-40-molecule-lint.yml | 90 ------ .../deactivated/.job-40-molecule-test.yml | 120 -------- .../deactivated/.job-80-commit-lint.yml | 88 ------ .../.github/deactivated/.job-80-toml-lint.yml | 52 ---- .../deactivated/.job-80-workflow-lint.yml | 49 ---- .../.github/deactivated/.job-80-yaml-lint.yml | 48 ---- .../deactivated/.job-99-create-release.yml | 95 ------- .../deactivated/.job-99-import-role.yml | 95 ------- .../workflow-publish-to-galaxy.yml | 65 ----- .../.github/deactivated/workflow-push.yml | 137 --------- .../.github/scripts/job-50-test-precommit.sh | 141 ++++++++++ .../.github/scripts/job-99-check-version.sh | 21 -- .../scripts/job-99-create-changelog.sh | 24 -- .../.github/scripts/job-99-create-release.js | 29 -- .../scripts/job-99-release-candidate.sh | 25 -- .../scripts/task-setup-ansible-cache.sh | 33 --- .../scripts/task-slack-notification.sh | 19 -- .../.github/scripts/task-use-poetry.sh | 39 --- .../workflow-determine-pushed-commits.sh | 48 ---- .../workflow-identify-molecule-scenarios.sh | 20 -- .../.github/scripts/workflow-set-value.sh | 22 -- .../scripts/workflow-setup-environment.sh | 29 -- .../workflows/workflow-publish-to-galaxy.yml | 74 +++++ .../.github/workflows/workflow-push.yml | 261 ++++++++++++++++-- {{cookiecutter.project_slug}}/.gitignore | 2 + .../.markdownlint.yml | 12 + .../.pre-commit-config.yaml | 107 +++---- {{cookiecutter.project_slug}}/.vale.ini | 10 + .../{{cookiecutter.project_slug}}/accept.txt | 4 + .../{{cookiecutter.project_slug}}/reject.txt | 0 .../molecule/default/molecule.yml | 4 - {{cookiecutter.project_slug}}/pyproject.toml | 16 +- .../requirements.yml | 3 + {{cookiecutter.project_slug}}/tests/test.yml | 3 - 46 files changed, 651 insertions(+), 1426 deletions(-) delete mode 100644 {{cookiecutter.project_slug}}/.cicd-tools/configuration.json create mode 100644 {{cookiecutter.project_slug}}/.github/config/schemas/workflows/workflow-publish-to-galaxy.json create mode 100644 {{cookiecutter.project_slug}}/.github/config/schemas/workflows/workflow-push.json delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-00-start.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-00-success.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-10-security.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-30-documentation.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-40-molecule-lint.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-40-molecule-test.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-80-commit-lint.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-80-toml-lint.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-80-workflow-lint.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-80-yaml-lint.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-99-create-release.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/.job-99-import-role.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/workflow-publish-to-galaxy.yml delete mode 100644 {{cookiecutter.project_slug}}/.github/deactivated/workflow-push.yml create mode 100755 {{cookiecutter.project_slug}}/.github/scripts/job-50-test-precommit.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/job-99-check-version.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/job-99-create-release.js delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/job-99-release-candidate.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh delete mode 100755 {{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/workflow-identify-molecule-scenarios.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/workflow-set-value.sh delete mode 100644 {{cookiecutter.project_slug}}/.github/scripts/workflow-setup-environment.sh create mode 100644 {{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml create mode 100644 {{cookiecutter.project_slug}}/.markdownlint.yml create mode 100644 {{cookiecutter.project_slug}}/.vale.ini create mode 100644 {{cookiecutter.project_slug}}/.vale/Vocab/{{cookiecutter.project_slug}}/accept.txt create mode 100644 {{cookiecutter.project_slug}}/.vale/Vocab/{{cookiecutter.project_slug}}/reject.txt diff --git a/.github/workflows/workflow-template-test.yml b/.github/workflows/workflow-template-test.yml index 57dcc080..bd8a9fd8 100644 --- a/.github/workflows/workflow-template-test.yml +++ b/.github/workflows/workflow-template-test.yml @@ -216,7 +216,7 @@ jobs: CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS) }} REMOTE_TEST_TAG: "0.1.0" - REMOTE_RELEASE_WORKFLOW: "" + REMOTE_RELEASE_WORKFLOW: "flower-generator-github-workflow-publish-to-galaxy" SCENARIO_TRIGGER_BASE_BRANCH_PUSH: "0.toml_linting-0.workflow_linting" SCENARIO_TRIGGER_DEV_BRANCH_PUSH: "1.toml_linting-1.workflow_linting" SCENARIO_TRIGGER_TAG_PUSH: "0.toml_linting-0.workflow_linting" diff --git a/README.md b/README.md index e8315880..4bf35aea 100644 --- a/README.md +++ b/README.md @@ -25,6 +25,7 @@ This [cookiecutter](https://cookiecutter.readthedocs.io/) template generates a d - You'll need [Python](https://www.python.org/) **3.9** or later to use this template. ([Ansible](https://www.ansible.com/) now requires this.) ## Optional Requirements +- A container runtime environment such as [Docker](https://www.docker.com/) is recommended, to make use of the configured [pre-commit](https://pre-commit.com/) hooks. - An account on [Ansible Galaxy](https://galaxy.ansible.com/) is recommended if you intend to publish your role. - An account on [GitHub](https://github.com/) is recommended to make use of the [templated CI/CD]({{cookiecutter.project_slug}}/.github/workflows). - A configured [Slack Webhook](https://api.slack.com/messaging/webhooks) is also recommended for keeping tabs on the CI/CD. @@ -80,6 +81,9 @@ The template also presents the option to render a [pre-commit](https://pre-commi - This is the most robust TOML formatter I'm aware of right now. - However, it requires installing the binary on your local system. +This project makes use of the [CICD-Tools]() project, and leverages its utility container to provide this and other binaries. This simplifies and makes the experience mostly transparent to the end user. + + If you'd like to install it and give it a try: - You can download the latest binary [here](https://github.com/pelletier/go-toml/releases). - Alternatively, your OS's package manager may support this tool. @@ -93,7 +97,7 @@ A fundamental pillar of Ansible Workbench is the use of [Conventional Commits](h #### 1. Why Conventional Commits? - Following this standard has numerous advantages, but among the largest is its tight integration with [Semantic Versioning](https://semver.org/). -- For the Ansible Workbench CI/CD in particular, [changelog generation]({{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh) and [release automation]({{cookiecutter.project_slug}}/.github/deactivated/workflow-publish-to-galaxy.yml) is made possible through adherence to this format. +- For the Ansible Workbench CI/CD in particular, changelog generation [release automation]({{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml) is made possible through adherence to this format. - Being able to read commits from different people that conform to common standard also makes [interactive rebasing](https://git-scm.com/book/en/v2/Git-Tools-Rewriting-History) relatively painless. #### 2. Making A Conventional Commit With Commitizen @@ -141,7 +145,7 @@ To add tests to your role, create new scenarios with Molecule: #### iii. Add Your New Scenarios to CI/CD -If you are using the rendered [GitHub CI/CD]({{cookiecutter.project_slug}}/.github/deactivated/workflow-push.yml), make sure to add your new scenario to the list that are tested in the `molecule_test` step. +If you are using the rendered [GitHub CI/CD]({{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml), make sure to add your new scenario to the list that are tested in the `molecule_test` step. ### 2. The Recommended Ansible Galaxy Settings @@ -201,7 +205,7 @@ You'll need to create some [secrets](https://docs.github.com/en/actions/security To make the most out of your [templated CI/CD]({{cookiecutter.project_slug}}/.github/workflows), create the following secrets: - `SLACK_WEBHOOK`: This secret value can optionally be set to a [Slack Webhook](https://api.slack.com/messaging/webhooks) you can configure to get status updates on how your commit is proceeding through the CI/CD. - - The verbosity of this integration can be controlled by setting the `VERBOSE_NOTIFICATIONS` environment variable to 1 in [this]({{cookiecutter.project_slug}}/.github/deactivated/workflow-push.yml) workflow. + - The verbosity of this integration can be controlled by setting the `ci_verbose_notifications` setting in [this]({{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json) rendered json file. - See this documentation on how to create a [Slack Webhook](https://api.slack.com/messaging/webhooks) for your team. - `GALAXY_API_KEY`: This secret API key can be found on your [Ansible Galaxy](https://galaxy.ansible.com/) account page, and enables automated publishing to Galaxy. - If you do not wish to publish your role, simply leave this secret unset. @@ -269,7 +273,7 @@ Tag your release with [Semantic Versioning](https://semver.org/). (Avoid prefix #### iv. Publishing Your Release to Ansible Galaxy - If you have configured a [secret](#2-Setting-Up-Your-CICD) for Ansible Galaxy more automation will now begin **after** you've published your GitHub release. -- The [release workflow]({{cookiecutter.project_slug}}/.github/deactivated/workflow-publish-to-galaxy.yml) will be triggered, and will publish your release automatically to [Ansible Galaxy](https://galaxy.ansible.com/). +- The [release workflow]({{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml) will be triggered, and will publish your release automatically to [Ansible Galaxy](https://galaxy.ansible.com/). ## License diff --git a/{{cookiecutter.project_slug}}/.ansible-lint b/{{cookiecutter.project_slug}}/.ansible-lint index 8b87c8ce..d8329bc3 100644 --- a/{{cookiecutter.project_slug}}/.ansible-lint +++ b/{{cookiecutter.project_slug}}/.ansible-lint @@ -81,7 +81,7 @@ warn_list: # - all # Offline mode disables installation of requirements.yml and schema refreshing -offline: true +# offline: true # Return success if number of violations compared with previous git # commit has not increased. This feature works only in git diff --git a/{{cookiecutter.project_slug}}/.cicd-tools/configuration.json b/{{cookiecutter.project_slug}}/.cicd-tools/configuration.json deleted file mode 100644 index d3103cc6..00000000 --- a/{{cookiecutter.project_slug}}/.cicd-tools/configuration.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "SHFMT_OPTIONS": "{{ cookiecutter._CONFIG_DEFAULT_SHFMT_OPTIONS }}", - "SHELLCHECK_OPTIONS": "{{ cookiecutter._CONFIG_DEFAULT_SHELLCHECK_OPTIONS }}", - "CONTAINER": "{{ cookiecutter._DOCKER_DEFAULT_CONTAINER }}" -} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/config/schemas/workflows/workflow-publish-to-galaxy.json b/{{cookiecutter.project_slug}}/.github/config/schemas/workflows/workflow-publish-to-galaxy.json new file mode 100644 index 00000000..b43ee3d1 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/config/schemas/workflows/workflow-publish-to-galaxy.json @@ -0,0 +1,23 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "0.1.0", + "description": "Ansible Workbench GitHub Ansible Galaxy Publish Workflow Schema", + "additionalProperties": false, + "required": [ + "ci_python_version", + "ci_verbose_notifications" + ], + "type": "object", + "uniqueItems": true, + "properties": { + "ci_python_version": { + "description": "This array contains the list of Python versions the workflow steps will execute on.", + "pattern": "^3\\.[0-9]$", + "type": "string" + }, + "ci_verbose_notifications": { + "description": "This enables success notifications for each job in the GitHub workflows.", + "type": "boolean" + } + } +} diff --git a/{{cookiecutter.project_slug}}/.github/config/schemas/workflows/workflow-push.json b/{{cookiecutter.project_slug}}/.github/config/schemas/workflows/workflow-push.json new file mode 100644 index 00000000..268d7ab8 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/config/schemas/workflows/workflow-push.json @@ -0,0 +1,67 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "0.1.0", + "description": "Ansible Workbench GitHub Push Workflow Schema", + "additionalProperties": false, + "required": [ + "ci_commit_spelling_rev_range", + "ci_commitizen_rev_range", + "ci_concurrency_limit", + "ci_extra_release_content", + "ci_molecule_excluded_scenarios_regex", + "ci_molecule_test_platforms", + "ci_python_versions", + "ci_trufflehog_extra_scan_args", + "ci_verbose_notifications" + ], + "type": "object", + "uniqueItems": true, + "properties": { + "ci_commit_spelling_rev_range": { + "description": "This is the fallback commit range for commit spelling checks. This should contain the id of the first correctly spelled commit in this repo, or HEAD for all commits.", + "type": "string" + }, + "ci_commitizen_rev_range": { + "description": "This is the fallback commit range for commitizen to lint. This should contain the id of the first linted commit in this repo, or HEAD for all commits.", + "type": "string" + }, + "ci_concurrency_limit": { + "description": "This controls the concurrency of each matrix instance in GitHub Actions.", + "type": "number" + }, + "ci_extra_release_content": { + "description": "This controls the concurrency of each matrix instance in GitHub Actions.", + "type": "array", + "contains": { + "type": "string" + } + }, + "ci_molecule_excluded_scenarios_regex": { + "description": "This regex controls which molecule scenarios are NOT scheduled to execute in CI.", + "type": "string" + }, + "ci_molecule_test_platforms": { + "description": "This is the name of the GitHub Action platform the test scenarios will execute on. Please see https://docs.github.com/actions/using-github-hosted-runners/about-github-hosted-runners.", + "type": "array", + "contains": { + "type": "string" + } + }, + "ci_python_versions": { + "description": "This array contains the list of Python versions the workflow steps will execute on.", + "type": "array", + "contains": { + "pattern": "^3\\.[0-9]$", + "type": "string" + } + }, + "ci_trufflehog_extra_scan_args": { + "description": "This is a space separated list of extra arguments you can pass to the trufflehog binary.", + "type": "string" + }, + "ci_verbose_notifications": { + "description": "This enables success notifications for each job in the GitHub workflows.", + "type": "boolean" + } + } +} diff --git a/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-publish-to-galaxy.json b/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-publish-to-galaxy.json index 6f57b903..4877cfaf 100644 --- a/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-publish-to-galaxy.json +++ b/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-publish-to-galaxy.json @@ -1,4 +1,4 @@ { "ci_python_version": "{{ cookiecutter._GITHUB_CI_DEFAULT_PYTHON_VERSIONS | first }}", - "ci_verbose_notifications": {{ cookiecutter._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS | tojson }} + "ci_verbose_notifications": true } diff --git a/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json b/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json index b32df34a..318cdc2e 100644 --- a/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json +++ b/{{cookiecutter.project_slug}}/.github/config/workflows/workflow-push.json @@ -1,5 +1,7 @@ { - "ci_commitzen_rev_range": "HEAD", + "ci_commit_spelling_rev_range": "HEAD", + "ci_commitizen_rev_range": "HEAD", + "ci_concurrency_limit": 4, "ci_extra_release_content": [ "## Customizable Text.", "This message is appended to the changelog of your GitHub release." diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-00-start.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-00-start.yml deleted file mode 100644 index 08531405..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-00-start.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-start-notification -{% raw %} -on: - workflow_call: - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - start_notification: - - runs-on: ubuntu-latest - - steps: - - name: Start -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Start -- Setup Environment - run: | - source "./.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Start -- Report Job Status on Success - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: workflow has started!" - - - name: Start -- Report Job Status on Failure - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: error reporting job status!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-00-success.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-00-success.yml deleted file mode 100644 index 4329d050..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-00-success.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-success-notification -{% raw %} -on: - workflow_call: - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - success_notification: - - runs-on: ubuntu-latest - - steps: - - name: Success -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Success -- Setup Environment - run: | - source "./.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Success -- Report Job Status on Success - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: all checks were successful!" - - - name: Success -- Report Job Status on Failure - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: error reporting job status!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-10-security.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-10-security.yml deleted file mode 100644 index 2ae115cb..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-10-security.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-security -{% raw %} -on: - workflow_call: - inputs: - TRUFFLEHOG_ARGS: - description: "Extra arguments to pass to the trufflehog binary." - required: true - type: string - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - run_trufflehog: - - runs-on: ubuntu-latest - - steps: - - name: Security Test Repo -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - - - name: Security Test Repo -- Setup Environment - run: | - source "./.github/scripts/workflow-setup-environment.sh" - source "./.github/scripts/workflow-determine-pushed-commits.sh" - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Security Test -- Run Trufflehog - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_TRUFFLEHOG }}{% raw %} - with: - base: ${{ env.PUSHED_COMMIT_START }} - extra_args: ${{ inputs.TRUFFLEHOG_ARGS }} - head: ${{ env.BRANCH_OR_TAG }} - path: . - - - name: Security Test Repo -- Report Job Status on Success - if: inputs.VERBOSITY == true - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: security checks succeeded!" - - - name: Security Test Repo -- Report Job Status on Failure - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: security checks failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-30-documentation.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-30-documentation.yml deleted file mode 100644 index 13d2f8ac..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-30-documentation.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-documentation -{% raw %} -on: - workflow_call: - inputs: - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - check_markdown_links: - - runs-on: ubuntu-latest - - steps: - - name: Documentation Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Documentation Test -- Setup Environment - run: | - source "./.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Documentation Test -- Documentation Validation - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_MARKDOWN_LINK_CHECK }}{% raw %} - with: - config-file: './.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json' - use-quiet-mode: 'no' - use-verbose-mode: 'yes' - - - name: Documentation Test -- Report Success - if: inputs.VERBOSITY == true - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: documentation test was successful!" - - - name: Documentation Test -- Report Failure - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: documentation test has failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-40-molecule-lint.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-40-molecule-lint.yml deleted file mode 100644 index 390ef26e..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-40-molecule-lint.yml +++ /dev/null @@ -1,90 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-molecule-lint -{% raw %} -on: - workflow_call: - inputs: - PYTHON_VERSIONS: - description: "The versions of Python to use as a JSON array of string values." - required: true - type: string - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - required: false - -jobs: - - run_molecule_lint: - - runs-on: ubuntu-latest - strategy: - fail-fast: true - matrix: - python-version: ${{ fromJSON(inputs.PYTHON_VERSIONS) }} - max-parallel: {% endraw %}{{ cookiecutter._GITHUB_CI_DEFAULT_CONCURRENCY }}{% raw %} - - steps: - - - name: Molecule Lint Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - path: "role" - - - name: Molecule Lint Test -- Setup Environment - run: | - source "./role/.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Molecule Lint Test -- Set up Python ${{ matrix.python-version }} - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} - with: - python-version: ${{ matrix.python-version }} - - - name: Molecule Lint Test -- Install Poetry - run: | - source "./role/.github/scripts/task-use-poetry.sh" "install-poetry" - - - name: Molecule Lint Test -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - source "./role/.github/scripts/task-setup-ansible-cache.sh" \ - "$(pwd)/ansible_cache" \ - ~/.cache - - - name: Molecule Lint Test -- Mount Ansible Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: ansible-${{ hashFiles('./role/requirements.yml') }}-${{ env.CACHE_TTL }} - path: ansible_cache - - - name: Molecule Lint Test -- Mount Poetry Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Molecule Lint Test -- Install Requirements - run: | - cd role - source "./.github/scripts/task-use-poetry.sh" "install-project" - - - name: Molecule Lint Test -- Run Linter - run: | - cd role - poetry run molecule lint - - - name: Molecule Lint Test -- Report Job Status (Success) - if: inputs.VERBOSITY == true - run: | - ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":white_check_mark: molecule linting was successful!" - - - name: Molecule Lint Test -- Report Job Status (Failure) - if: failure() - run: | - ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":x: molecule linting has failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-40-molecule-test.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-40-molecule-test.yml deleted file mode 100644 index 4f749fa1..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-40-molecule-test.yml +++ /dev/null @@ -1,120 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-molecule-test -{% raw %} -on: - workflow_call: - inputs: - MOLECULE_PLATFORMS: - description: "The GitHub OS platforms to use for testing as a JSON array of string values." - required: true - type: string - MOLECULE_SCENARIOS: - description: "The molecule scenarios to test as a JSON array of string values." - required: true - type: string - PYTHON_VERSIONS: - description: "The versions of Python to use as a JSON array of string values." - required: true - type: string - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - run_molecule_test: - - runs-on: ${{ matrix.platform }} - strategy: - fail-fast: true - matrix: - platform: ${{ fromJSON(inputs.MOLECULE_PLATFORMS) }} - python-version: ${{ fromJSON(inputs.PYTHON_VERSIONS) }} - scenario: ${{ fromJSON(inputs.MOLECULE_SCENARIOS) }} - max-parallel: {% endraw %}{{ cookiecutter._GITHUB_CI_DEFAULT_CONCURRENCY }}{% raw %} - - steps: - - name: Molecule Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - path: "role" - - - name: Molecule Test -- Setup Environment - run: | - source "./role/.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Molecule Test -- Set up Python ${{ matrix.python-version }} - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} - with: - python-version: ${{ matrix.python-version }} - - - name: Molecule Test -- Install Poetry - run: | - source "./role/.github/scripts/task-use-poetry.sh" "install-poetry" - - - name: Molecule Test -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - source "./role/.github/scripts/task-setup-ansible-cache.sh" \ - "$(pwd)/ansible_cache" \ - ~/.cache - - - name: Molecule Test -- Mount Ansible Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: ansible-${{ hashFiles('./role/requirements.yml') }}-${{ env.CACHE_TTL }} - path: ansible_cache - - - name: Molecule Test -- Mount Poetry Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Molecule Test -- Install Requirements - run: | - cd role - source "./.github/scripts/task-use-poetry.sh" "install-project" - - - name: Molecule Test -- Reuse Cached Dependencies as Scenario - run: | - cd role - poetry run molecule dependency - mv ~/.cache/molecule/role/default ~/.cache/molecule/role/"${SCENARIO}" - env: - SCENARIO: ${{ matrix.scenario }} - - - name: Molecule Test -- Run ${{ matrix.scenario }} Scenario - run: | - cd role - poetry run molecule test -s "${SCENARIO}" - env: - SCENARIO: ${{ matrix.scenario }} - - - name: Molecule Test -- Reuse Scenario Dependencies as Cache - run: | - mv ~/.cache/molecule/role/"${SCENARIO}" ~/.cache/molecule/role/default - env: - SCENARIO: ${{ matrix.scenario }} - - - name: Molecule Test -- Report Job Status (Success) - if: inputs.VERBOSITY == true - run: | - ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":white_check_mark: molecule test scenario '${SCENARIO}' was successful!" - env: - SCENARIO: ${{ matrix.scenario }} - - - name: Molecule Test -- Report Job Status (Failure) - if: failure() - run: | - ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":x: molecule test scenario '${SCENARIO}' has failed!" - env: - SCENARIO: ${{ matrix.scenario }} -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-commit-lint.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-commit-lint.yml deleted file mode 100644 index a16ec66f..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-commit-lint.yml +++ /dev/null @@ -1,88 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-commit-lint -{% raw %} -on: - workflow_call: - inputs: - COMMITIZEN_REV_RANGE: - description: "The range of commits commitizen will enforce." - required: true - type: string - PYTHON_VERSIONS: - description: "The versions of Python to use as a JSON array of string values." - required: true - type: string - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -env: - ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE: ${{ inputs.COMMITIZEN_REV_RANGE }} - -jobs: - - run_commitizen: - - runs-on: ubuntu-latest - strategy: - fail-fast: true - matrix: - python-version: ${{ fromJSON(inputs.PYTHON_VERSIONS) }} - max-parallel: {% endraw %}{{ cookiecutter._GITHUB_CI_DEFAULT_CONCURRENCY }}{% raw %} - - steps: - - name: Commit Lint Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - - - name: Commit Lint Test -- Setup Environment - run: | - source "./.github/scripts/workflow-setup-environment.sh" - source "./.github/scripts/workflow-determine-pushed-commits.sh" - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Commit Lint Test -- Set up Python ${{ matrix.python-version }} - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} - with: - python-version: ${{ matrix.python-version }} - - - name: Commit Lint Test -- Install Poetry - run: | - source "./.github/scripts/task-use-poetry.sh" "install-poetry" - - - name: Commit Lint Test -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - - - name: Commit Lint Test -- Mount Poetry Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: poetry-${{ hashFiles('./pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Commit Lint Test -- Install Requirements - run: | - source "./.github/scripts/task-use-poetry.sh" "install-project" - - - name: Commit Lint Test -- Lint Pushed Commits - run: | - poetry run cz check --rev-range "${PUSHED_COMMIT_REV_RANGE}" - - - name: Commit Lint Test -- Report Job Status on Success - if: inputs.VERBOSITY == true - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: commit lint checks succeeded!" - - - name: Commit Lint Test -- Report Job Status on Failure - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: commit lint checks failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-toml-lint.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-toml-lint.yml deleted file mode 100644 index 11619b62..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-toml-lint.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-toml-lint -{% raw %} -on: - workflow_call: - inputs: - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - run_tomll: - - runs-on: ubuntu-latest - - steps: - - name: Toml Lint Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Toml Lint Test -- Setup Environment - run: | - source "./.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Toml Lint Test -- Install Linter - run: | - sudo apt-get install -y golang-github-pelletier-go-toml - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Toml Lint Test -- Run Linter - run: | - find . -type f -name "*.toml" -exec tomll "{}" \; - git diff --exit-code - - - name: Toml Lint Test -- Report Job Status (Success) - if: inputs.VERBOSITY == true - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: toml linting was successful!" - - - name: Toml Lint Test -- Report Job Status (Failure) - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: toml linting has failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-workflow-lint.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-workflow-lint.yml deleted file mode 100644 index c7d7fba0..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-workflow-lint.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-toml-lint -{% raw %} -on: - workflow_call: - inputs: - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - run_actionlint: - - runs-on: ubuntu-latest - - steps: - - name: Workflow Lint -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Workflow Lint -- Setup Environment - run: | - source "./.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Workflow Lint -- Install Binary - run: | - bash <(curl {% endraw %}"{{ cookiecutter._GITHUB_CI_ACTIONLINT_SCRIPT_URL }}"{% raw %}) - - - name: Workflow Lint -- Run Linter - run: | - ./actionlint -color - - - name: Workflow Lint -- Report Job Status (Success) - if: inputs.VERBOSITY == true - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: workflow linting was successful!" - - - name: Workflow Lint -- Report Job Status (Failure) - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: workflow linting has failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-yaml-lint.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-yaml-lint.yml deleted file mode 100644 index 256e10ab..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-80-yaml-lint.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-yaml-lint -{% raw %} -on: - workflow_call: - inputs: - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - run_yamllint: - - runs-on: ubuntu-latest - - steps: - - name: Workflows Lint Test -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Workflows Lint Test -- Setup Environment - run: | - source "./.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Workflows Lint Test -- Lint GitHub Workflows - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_YAMLLINT }}{% raw %} - with: - format: standard - file_or_dir: .github/workflows/ - config_file: .yamllint.yml - - - name: Workflows Lint Test -- Report Job Status (Success) - if: inputs.VERBOSITY == true - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: workflow linting was successful!" - - - name: Workflows Lint Test -- Report Job Status (Failure) - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: workflow linting has failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-99-create-release.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-99-create-release.yml deleted file mode 100644 index 1d5342d9..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-99-create-release.yml +++ /dev/null @@ -1,95 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-create-release -{% raw %} -on: - workflow_call: - inputs: - EXTRA_RELEASE_CONTENT: - default: "[]" - description: "A JSON array containing extra markdown content to append to the generated release." - required: false - type: string - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - outputs: - release: - description: "A JSON object representing the created release." - value: ${{ jobs.generate_github_release.outputs.release }} - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - -jobs: - - generate_github_release: - - outputs: - release: ${{ steps.create_release.outputs.result }} - runs-on: ubuntu-latest - - steps: - - name: Create Release -- Checkout Repository - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - - - name: Create Release -- Filter Release Candidates - id: filter - run: | - source ".github/scripts/job-99-release-candidate.sh" "${{ github.event.ref }}" - - - name: Create Release -- Checkout Repository (All Commits) - if: steps.filter.outputs.release_candidate == 'TRUE' - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - - - name: Create Release -- Setup Environment - if: steps.filter.outputs.release_candidate == 'TRUE' - run: | - source "./.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Create Release -- Install Poetry - if: steps.filter.outputs.release_candidate == 'TRUE' - run: | - source "./.github/scripts/task-use-poetry.sh" "install-poetry" - - - name: Create Release -- Check 'pyproject.toml' Matches Tag - if: steps.filter.outputs.release_candidate == 'TRUE' - run: | - source "./.github/scripts/job-99-check-version.sh" - - - name: Create Release -- Generate Changelog - if: steps.filter.outputs.release_candidate == 'TRUE' - run: - source "./.github/scripts/job-99-create-changelog.sh" - - - name: Create Release -- Generate GitHub Release Draft - if: steps.filter.outputs.release_candidate == 'TRUE' - id: create_release - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_SCRIPT }}{% raw %} - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - result-encoding: json - script: | - const script = require('./.github/scripts/job-99-create-release.js') - const extraContent = "\n" + JSON.parse(process.env.EXTRA_RELEASE_CONTENT).join("\n") - const body = process.env.CHANGE_LOG_CONTENT + extraContent - const tag = process.env.BRANCH_OR_TAG; - return await script({ body, context, core, github, tag }) - env: - EXTRA_RELEASE_CONTENT: ${{ inputs.EXTRA_RELEASE_CONTENT }} - - - name: Create Release -- Report Job Status (Success) - if: steps.filter.outputs.release_candidate == 'TRUE' - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":white_check_mark: automated release has been created:\nhttps://github.com/${USER_NAME}/${PROJECT_NAME}/releases" - - - name: Create Release -- Report Job Status (Failure) - if: failure() - run: | - "./.github/scripts/task-slack-notification.sh" "${NOTIFICATION}" ":x: automated release generation failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/.job-99-import-role.yml b/{{cookiecutter.project_slug}}/.github/deactivated/.job-99-import-role.yml deleted file mode 100644 index 81b9b618..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/.job-99-import-role.yml +++ /dev/null @@ -1,95 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-job-import-role -{% raw %} -on: - workflow_call: - inputs: - PYTHON_VERSION: - description: "The single version of Python that will be used as a string value." - required: true - type: string - WORKFLOW_DISPATCH: - description: "Indicates whether a 'workflow_dispatch' event triggered this workflow run." - required: true - type: boolean - VERBOSITY: - description: "Manages the types of Slack notifications." - required: true - type: boolean - secrets: - SLACK_WEBHOOK: - description: "Optional, enables Slack notifications." - required: false - GALAXY_API_KEY: - description: "Optional, enables importing the role into Ansible Galaxy." - required: false - -jobs: - - import_role: - - runs-on: ubuntu-latest - - steps: - - name: Publish to Galaxy -- Code Checkout (workflow dispatch) - if: inputs.WORKFLOW_DISPATCH == true - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - path: 'role' - ref: ${{ github.event.inputs.TAG }} - - - name: Publish to Galaxy -- Code Checkout (published release) - if: inputs.WORKFLOW_DISPATCH == false - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} - with: - fetch-depth: 0 - path: 'role' - - - name: Publish to Galaxy -- Setup Environment - run: | - source "./role/.github/scripts/workflow-setup-environment.sh" - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Publish to Galaxy -- Install Poetry - run: | - source "./role/.github/scripts/task-use-poetry.sh" "install-poetry" - - - name: Publish to Galaxy -- Set up Python ${{ inputs.PYTHON_VERSION }} - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_PYTHON }}{% raw %} - with: - python-version: ${{ inputs.PYTHON_VERSION }} - - - name: Publish to Galaxy -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - - - name: Publish to Galaxy -- Mount Poetry Cache - uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CACHE }}{% raw %} - with: - key: poetry-${{ hashFiles('./role/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Publish to Galaxy -- Install Requirements - run: | - cd role - source "./.github/scripts/task-use-poetry.sh" "install-project" - - - name: Publish to Galaxy -- Trigger Ansible Galaxy Import - run: | - cd role - poetry run ansible-galaxy role import "${USER_NAME}" "${PROJECT_NAME}" --token "${API_KEY}" | tee import.log - grep "0 errors" import.log - env: - API_KEY: ${{ secrets.GALAXY_API_KEY }} - - - name: Publish to Galaxy -- Report Job Status (Success) - run: | - ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":white_check_mark: automated ansible galaxy import has been completed!" - - - name: Publish to Galaxy -- Report Job Status (Failure) - if: failure() - run: | - ./role/.github/scripts/task-slack-notification.sh "${NOTIFICATION}" ":x: automated ansible galaxy import has failed!" -{% endraw %} \ No newline at end of file diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/workflow-publish-to-galaxy.yml b/{{cookiecutter.project_slug}}/.github/deactivated/workflow-publish-to-galaxy.yml deleted file mode 100644 index cfbe9492..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/workflow-publish-to-galaxy.yml +++ /dev/null @@ -1,65 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-github-workflow-publish-to-galaxy - -# This workflow is configured by values found in the .github/config/workflows/workflow-publish-to-galaxy.json file. -# It's encouraged to explore the configuration before customizing this file. -# This will allow you to upgrade to future versions of this template without complications. - -# For further details please consult the documentation here: -# https://github.com/niall-byrne/ansible-workbench - -on: - release: - types: [published] - workflow_dispatch: - inputs: - TAG: - description: 'Tag to Deploy' - required: true - default: '' - -# secrets: -# SLACK_WEBHOOK: -# description: "Optional, enables Slack notifications." -# required: false - - -jobs: - - configuration: - - runs-on: ubuntu-latest - outputs: - configuration: {% raw %}${{ steps.configuration.outputs.value }}{% endraw %} - publish-to-galaxy: {% raw %}${{ steps.publish-to-galaxy.outputs.publish-to-galaxy }}{% endraw %} - - steps: - - name: Create Configuration -- Checkout Repository - uses: {{ cookiecutter._GITHUB_ACTION_CHECKOUT }} - - - name: Create Configuration -- Set Publish to Galaxy as Output - id: publish-to-galaxy - run: | - [[ -n "${API_KEY}" ]] && PUBLISH_TO_GALAXY="true" || PUBLISH_TO_GALAXY="false" - echo "publish-to-galaxy=${PUBLISH_TO_GALAXY}" >> "${GITHUB_OUTPUT}" - env: - API_KEY: {% raw %}${{ secrets.GALAXY_API_KEY }}{% endraw %} - - - name: Create Configuration -- Validate the 'workflow-publish-to-galaxy.json' File - run: | - python -m json.tool "./.github/config/workflows/workflow-publish-to-galaxy.json" >> /dev/null - - - name: Create Configuration -- Set the 'workflow-publish-to-galaxy.json' Configuration File as Output - id: configuration - run: | - source "./.github/scripts/workflow-set-value.sh" cat "./.github/config/workflows/workflow-publish-to-galaxy.json" - - publish_to_galaxy: - needs: [configuration] - if: needs.configuration.outputs.publish-to-galaxy == 'true' - uses: ./.github/workflows/.job-99-import-role.yml - with: - PYTHON_VERSION: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_python_version }}{% endraw %} - WORKFLOW_DISPATCH: {% raw %}${{ github.event_name == 'workflow_dispatch' }}{% endraw %} - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit diff --git a/{{cookiecutter.project_slug}}/.github/deactivated/workflow-push.yml b/{{cookiecutter.project_slug}}/.github/deactivated/workflow-push.yml deleted file mode 100644 index e64c5710..00000000 --- a/{{cookiecutter.project_slug}}/.github/deactivated/workflow-push.yml +++ /dev/null @@ -1,137 +0,0 @@ ---- -name: {{ cookiecutter.project_slug }}-github-workflow-push - -# This workflow is configured by values found in the .github/config/workflows/workflow-push.json file. -# It's encouraged to explore the configuration before customizing this file. -# This will allow you to upgrade to future versions of this template without complications. - -# For further details please consult the documentation here: -# https://github.com/niall-byrne/ansible-workbench - -on: - push: - schedule: - - cron: "0 6 * * 1" - workflow_dispatch: - -# secrets: -# SLACK_WEBHOOK: -# description: "Optional, enables Slack notifications." -# required: false -# GALAXY_API_KEY: -# description: "Optional, enables importing the role into Ansible Galaxy." -# required: false - -jobs: - - configuration: - - runs-on: ubuntu-latest - outputs: - configuration: {% raw %}${{ steps.configuration.outputs.value }}{% endraw %} - molecule-scenarios: {% raw %}${{ steps.molecule-scenarios.outputs.value }}{% endraw %} - - steps: - - name: Create Configuration -- Checkout Repository - uses: {{ cookiecutter._GITHUB_ACTION_CHECKOUT }} - - - name: Create Configuration -- Validate the 'workflow-push.json' File - run: | - python -m json.tool "./.github/config/workflows/workflow-push.json" >> /dev/null - - - name: Create Configuration -- Set the Active Molecule Test Scenarios as Output - id: molecule-scenarios - run: | - source "./.github/scripts/workflow-identify-molecule-scenarios.sh" - - - name: Create Configuration -- Set the 'workflow-push.json' Configuration File as Output - id: configuration - run: | - source "./.github/scripts/workflow-set-value.sh" cat "./.github/config/workflows/workflow-push.json" - - start: - uses: ./.github/workflows/.job-00-start.yml - secrets: inherit - - success: - needs: [create_release] - uses: ./.github/workflows/.job-00-success.yml - secrets: inherit - - security_test: - needs: [configuration] - uses: ./.github/workflows/.job-10-security.yml - with: - TRUFFLEHOG_ARGS: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_trufflehog_extra_scan_args }}{% endraw %} - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit - - documentation_test: - needs: [configuration] - uses: ./.github/workflows/.job-30-documentation.yml - with: - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit - - molecule_lint_test: - needs: [configuration] - uses: ./.github/workflows/.job-40-molecule-lint.yml - with: - PYTHON_VERSIONS: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_python_versions) }}{% endraw %} - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit - - molecule_test: - needs: [configuration] - uses: ./.github/workflows/.job-40-molecule-test.yml - with: - MOLECULE_PLATFORMS: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_molecule_test_platforms) }}{% endraw %} - MOLECULE_SCENARIOS: {% raw %}${{ needs.configuration.outputs.molecule-scenarios }}{% endraw %} - PYTHON_VERSIONS: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_python_versions) }}{% endraw %} - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit - - commit_lint_test: - needs: [configuration] - uses: ./.github/workflows/.job-80-commit-lint.yml - with: - COMMITIZEN_REV_RANGE: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_commitzen_rev_range }}{% endraw %} - PYTHON_VERSIONS: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_python_versions) }}{% endraw %} - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit - - {%- if cookiecutter.optional_toml_linting == 'true' %} - - toml_lint_test: - needs: [configuration] - uses: ./.github/workflows/.job-80-toml-lint.yml - with: - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit - - {%- endif %} - {%- if cookiecutter.optional_workflow_linting == 'true' %} - - workflow_lint_test: - needs: [configuration] - uses: ./.github/workflows/.job-80-workflow-lint.yml - with: - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit - - {%- endif %} - - yaml_lint_test: - needs: [configuration] - uses: ./.github/workflows/.job-80-yaml-lint.yml - with: - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit - - create_release: - needs: [commit_lint_test, configuration, documentation_test, molecule_lint_test, molecule_test, security_test, start,{% if cookiecutter.optional_toml_linting == 'true' %} toml_lint_test,{% endif %} yaml_lint_test] - uses: ./.github/workflows/.job-99-create-release.yml - with: - EXTRA_RELEASE_CONTENT: {% raw %}${{ toJSON(fromJSON(needs.configuration.outputs.configuration).ci_extra_release_content) }}{% endraw %} - VERBOSITY: {% raw %}${{ fromJSON(needs.configuration.outputs.configuration).ci_verbose_notifications }}{% endraw %} - secrets: inherit diff --git a/{{cookiecutter.project_slug}}/.github/scripts/job-50-test-precommit.sh b/{{cookiecutter.project_slug}}/.github/scripts/job-50-test-precommit.sh new file mode 100755 index 00000000..9c9d08f4 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/scripts/job-50-test-precommit.sh @@ -0,0 +1,141 @@ +#!/bin/bash + +# Performs tests on the pre-commit hooks. + +# Implementation: +# Templates implementing this script will likely also have to customize their .job-50-precommit.yml workflow. +# The API demonstrated here is more for example purposes. + +# 1: The name of a pre-commit test scenario. (See 'main' below.) +# TEST_PROJECT_NAME: The name of the rendered test project. + +# CI only script. + +set -eo pipefail + +main() { + pushd "${TEST_PROJECT_NAME}" >> /dev/null + scenario "${1}" + popd >> /dev/null +} + +scenario() { + + local TEMP_FILE + + test_ansible_lint_fails() { + util "git_reset" + echo "" >> tasks/main.yml + git stage tasks/main.yml + git commit -m 'test(PRE-COMMIT): fail due to ansible-lint' > error.log 2>&1 || grep "empty-lines" error.log > /dev/null && exit 0 + util "fail" + } + + test_commit_lint_fails() { + util "git_reset" + TEMP_FILE=$(util "create_tmp") + touch "${TEMP_FILE}" + git stage "${TEMP_FILE}" + git commit -m 'test - pre-commit: improperly formatted commit with bad ssspelling' || exit 0 + util "fail" + } + + test_commit_spelling_fails() { + util "git_reset" + TEMP_FILE=$(util "create_tmp") + touch "${TEMP_FILE}" + git stage "${TEMP_FILE}" + git commit -m 'test(PRE-COMMIT): ssspelling error' || exit 0 + util "fail" + } + + test_toml_lint_fails() { + util "git_reset" + sed -i.bak 's/authors =/ authors = /g' pyproject.toml + git stage pyproject.toml + git commit -m 'test(PRE-COMMIT): fail due to tomll' || exit 0 + util "fail" + } + + test_toml_lint_passes() { + util "git_reset" + sed -i.bak "s/description = '.*'/description = 'updated description'/g" pyproject.toml + git stage pyproject.toml + git commit -m 'test(PRE-COMMIT): modify python config without issue' + } + + test_shell_lint_fails() { + util "git_reset" + TEMP_FILE=$(util "create_tmp") + echo -e "#!/bin/bash\nls *.bash" > "${TEMP_FILE}.sh" + git stage "${TEMP_FILE}.sh" + git commit -m 'test(PRE-COMMIT): fail due to shellcheck' || exit 0 + util "fail" + } + + test_shell_format_fails() { + util "git_reset" + TEMP_FILE=$(util "create_tmp") + echo -e "#!/bin/bash\nls bash_scripts;ls shell_scripts" > "${TEMP_FILE}.sh" + git stage "${TEMP_FILE}.sh" + git commit -m 'test(PRE-COMMIT): fail due to shfmt' || exit 0 + util "fail" + } + + test_workflow_lint_fails() { + util "git_reset" + find .github/workflows -type f -name '*.yml' -exec sed -i.bak 's/uses:/illegal-yaml-key:/g' {} \; + git stage .github + git commit -m 'test(PRE-COMMIT): fail due to actionlint' || exit 0 + util "fail" + } + + test_workflow_header_lint_fails() { + util "git_reset" + sed -i.bak 's,-github-workflow,-github-wrong-name,g' .github/workflows/workflow-*.yml + git stage .github + git commit -m 'test(PRE-COMMIT): fail due to workflow header lint' || exit 0 + util fail + } + + "$@" + +} + +util() { + + local COMMAND + local PREFIX + + _util_create_tmp() { + mktemp tmp.XXXXXXX + } + + _util_fail() { + echo "This commit should have failed." + exit 127 + } + + _util_git_reset() { + git reset HEAD + git clean -fd + git checkout . + } + + _util_unknown_command() { + echo "Unknown utility command: '${COMMAND}'" + exit 127 + } + + PREFIX="_util" + COMMAND="${PREFIX}_${1}" + if [[ $(type -t "${COMMAND}") == function ]]; then + shift + "${COMMAND}" "$@" + else + "${PREFIX}_unknown_command" + fi + +} + +main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/job-99-check-version.sh b/{{cookiecutter.project_slug}}/.github/scripts/job-99-check-version.sh deleted file mode 100644 index 4774a377..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/job-99-check-version.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -# .github/scripts/job-99-check-version.sh -# Ensures the 'pyproject.toml' version matches the current Git Tag. - -# BRANCH_OR_TAG: The name of the current Git Branch or Tag. - -# CI only script. - -set -eo pipefail - -main() { - - if [[ "$(poetry version -s)" != "${BRANCH_OR_TAG}" ]]; then - echo "The 'pyproject.toml' file does not match the version tag!" - exit 127 - fi - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh b/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh deleted file mode 100644 index 0e69ea64..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-changelog.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -# .github/scripts/job-99-create-changelog.sh -# Generates a changelog for the specified ${BRANCH_OR_TAG}. - -# BRANCH_OR_TAG: The new git tag the changelog is being generated for. - -# CI only script - -set -eo pipefail - -main() { - - CHANGE_LOG_CONTENT="$(npx -q conventional-changelog-cli -t "${BRANCH_OR_TAG}")" - - { - echo "CHANGE_LOG_CONTENT<> "${GITHUB_ENV}" - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-release.js b/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-release.js deleted file mode 100644 index 116b7d99..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/job-99-create-release.js +++ /dev/null @@ -1,29 +0,0 @@ -// CI only script. - -/** - * @description Generates a GitHub release from the provided parameters. - * (See the {@link https://github.com/actions/github-script|script action} repository for details.) - * - * @param {string} args.body - The content to attach to the release. - * @param {object} args.context - An object containing the context of the workflow run. - * @param {object} args.core - A reference to the @actions/core package. - * @param {object} args.github - A pre-authenticated octokit/rest.js client with pagination plugins. - * @param {string} args.tag - The name of the tag the release is for. - * - */ -module.exports = async ({ body, context, core, github, tag }) => { - try { - const result = await github.rest.repos.createRelease({ - body, - draft: true, - name: 'Release ' + tag, - owner: context.repo.owner, - prerelease: false, - repo: context.repo.repo, - tag_name: tag, - }) - return result - } catch (error) { - core.setFailed(error.message) - } -} diff --git a/{{cookiecutter.project_slug}}/.github/scripts/job-99-release-candidate.sh b/{{cookiecutter.project_slug}}/.github/scripts/job-99-release-candidate.sh deleted file mode 100644 index 7456fd86..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/job-99-release-candidate.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -# .github/scripts/job-99-release-candidate.sh -# Evaluates if the current git reference is a release candidate. - -# 1: The git reference that created the workflow flow. - -# CI only script. - -set -eo pipefail - -MATCH="FALSE" - -main() { - - if [[ "${1}" =~ ^refs/tags/[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+$ ]] && - [[ "${1}" != "refs/tags/0.0.0" ]]; then - MATCH="TRUE" - fi - - echo "release_candidate=${MATCH}" >> "${GITHUB_OUTPUT}" - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh b/{{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh deleted file mode 100644 index ae80892e..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/task-setup-ansible-cache.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -# .github/scripts/task-setup-ansible-cache.sh -# Creates symlinks for attaching an external cache folder for Ansible. -# Separate folders for Ansible-Compat, and Molecule are maintained. - -# 1: The absolute path of the mount point of the external cache folder. -# 2: The absolute path of the usage point of the cache on the system. - -# CI only script - -set -eo pipefail - -main() { - - MOUNT_FOLDER="${1}" - USAGE_FOLDER="${2}" - - mkdir -p "${MOUNT_FOLDER}/ansible-compat" - mkdir -p "${MOUNT_FOLDER}/molecule" - - mkdir -p "${USAGE_FOLDER}" - - ln -sf "${MOUNT_FOLDER}/ansible-compat" "${USAGE_FOLDER}/ansible-compat" - ln -sf "${MOUNT_FOLDER}/molecule" "${USAGE_FOLDER}/molecule" - - echo "Cache Symlinks Created:" - echo "${MOUNT_FOLDER}/ansible-compat -> ${USAGE_FOLDER}/ansible-compat" - echo "${MOUNT_FOLDER}/molecule -> ${USAGE_FOLDER}/molecule" - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh b/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh deleted file mode 100755 index 238e56ac..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/task-slack-notification.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -# .github/scripts/task-slack-notification.sh -# Sends a notification to slack. - -# 1: The branch information to display. -# 2: The notification message to send. -# WEBHOOK_URL: The slack webhook url to use. - -# CI only script. - -main() { - - [[ -z ${WEBHOOK_URL} ]] && exit 0 - curl -X POST -H 'Content-type: application/json' --data "{\"text\":\"${1}: ${2}\"}" "${WEBHOOK_URL}" - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh b/{{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh deleted file mode 100644 index f7280763..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/task-use-poetry.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash - -# .github/scripts/task-use-poetry.sh -# Centralized management of poetry installs. - -# CI only script - -set -eo pipefail - -install_poetry() { - - python -m pip install poetry --verbose - -} - -install_project() { - - poetry install --verbose - -} - -main() { - - case $1 in - install-poetry) - install_poetry - ;; - install-project) - install_project - ;; - *) - echo "Invalid option." - exit 127 - ;; - esac - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh b/{{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh deleted file mode 100644 index 070799f4..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/workflow-determine-pushed-commits.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash - -# .github/scripts/workflow-determine-pushed-commits.sh -# Retrieves the range of the commits in a push, and sets the PUSHED_COMMIT_START, PUSHED_COMMIT_REV_RANGE variables. - -# ANSIBLE_WORKBENCH_PUSH_FALLBACK_INDEX: Optionally set fallback behaviour when no changed commits are detected. (Default is the first commit in the project.) -# ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE: Optionally set fallback behaviour when no changed commits are detected. (Default is HEAD, all commits.) -# GITHUB_CONTEXT: The github action context object as an environment variable. - -# CI only script - -set -eo pipefail - -ANSIBLE_WORKBENCH_PUSH_FALLBACK_INDEX="${ANSIBLE_WORKBENCH_PUSH_FALLBACK_INDEX-$(git rev-list --max-parents=0 HEAD)}" -ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE="${ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE-HEAD}" - -fallback_behaviour() { - echo "WARNING: Unable to determine number of changed commits." - echo "WARNING: Fallback values are being used instead." - PUSHED_COMMIT_START="${ANSIBLE_WORKBENCH_PUSH_FALLBACK_INDEX}" - PUSHED_COMMIT_REV_RANGE="${ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE}" -} - -main() { - - COMMIT_COUNT="$(echo "${GITHUB_CONTEXT}" | jq '.event.commits | length')" - - PUSHED_COMMIT_START="HEAD~${COMMIT_COUNT}" - PUSHED_COMMIT_REV_RANGE="${PUSHED_COMMIT_START}..HEAD" - - echo "DEBUG: GitHub reports ${COMMIT_COUNT} commit(s) have changed." - - if [[ "${PUSHED_COMMIT_START}" == "HEAD~0" ]]; then - fallback_behaviour - fi - - if ! git rev-parse "${PUSHED_COMMIT_START}" >> /dev/null 2>&1; then - fallback_behaviour - fi - - { - echo "PUSHED_COMMIT_REV_RANGE=${PUSHED_COMMIT_REV_RANGE}" - echo "PUSHED_COMMIT_START=${PUSHED_COMMIT_START}" - } >> "${GITHUB_ENV}" - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/workflow-identify-molecule-scenarios.sh b/{{cookiecutter.project_slug}}/.github/scripts/workflow-identify-molecule-scenarios.sh deleted file mode 100644 index 89e363e7..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/workflow-identify-molecule-scenarios.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -# .github/scripts/task-identify-molecule-scenarios.sh -# Creates a workflow configuration value containing an array of active molecule scenarios for testing. - -# CI only script - -set -eo pipefail - -main() { - - EXCLUDED="$(jq -rM ".ci_molecule_excluded_scenarios_regex" ".github/config/workflows/workflow-push.json")" - SCENARIOS=() - while IFS='' read -r SCENARIO; do SCENARIOS+=("${SCENARIO}"); done < <(find molecule/* -maxdepth 0 -type d -not -name "default" -not -name "${EXCLUDED}" -exec basename {} \;) - - source ".github/scripts/workflow-set-value.sh" jq -M --null-input "\$ARGS.positional" --args "${SCENARIOS[@]}" - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/workflow-set-value.sh b/{{cookiecutter.project_slug}}/.github/scripts/workflow-set-value.sh deleted file mode 100644 index d8d73c3f..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/workflow-set-value.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# .github/scripts/workflow-set-value.sh -# Create configuration for a workflow run dynamically. - -# @ An array of commands to execute to generate the JSON value. - -# CI only script - -set -eo pipefail - -main() { - - { - echo "value<> "${GITHUB_OUTPUT}" - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/scripts/workflow-setup-environment.sh b/{{cookiecutter.project_slug}}/.github/scripts/workflow-setup-environment.sh deleted file mode 100644 index 43633133..00000000 --- a/{{cookiecutter.project_slug}}/.github/scripts/workflow-setup-environment.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -# .github/scripts/workflow-setup-environment.sh -# Configures environment variables for GitHub Workflows. - -# CI only script. - -set -eo pipefail - -main() { - - PROJECT_NAME="{{ cookiecutter.project_slug }}" - USER_NAME="{{ cookiecutter.github_handle }}" - - BRANCH_OR_TAG="$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///g' | sed 's/refs\/tags\///g')" - WORKFLOW_URL="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" - - { - echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" - echo "CACHE_TTL=$(date +%d)" - echo "NOTIFICATION=${PROJECT_NAME} [<${WORKFLOW_URL}|${BRANCH_OR_TAG}>]" - echo "PROJECT_NAME=${PROJECT_NAME}" - echo "USER_NAME=${USER_NAME}" - echo "WEBHOOK_URL=${WEBHOOK_URL}" - } >> "${GITHUB_ENV}" - -} - -main "$@" diff --git a/{{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml b/{{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml new file mode 100644 index 00000000..160db357 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.github/workflows/workflow-publish-to-galaxy.yml @@ -0,0 +1,74 @@ +--- +name: {{ cookiecutter.project_slug }}-github-workflow-publish-to-galaxy + +# For further details please consult the documentation here: +# https://github.com/niall-byrne/ansible-workbench + +# Begin Cookiecutter Template Content{% raw %} + +on: + release: + types: [published] + workflow_dispatch: + inputs: + TAG: + description: 'Tag to Deploy' + required: true + default: '' + +# secrets: +# GALAXY_API_KEY: +# description: "Optional, enables importing the role into Ansible Galaxy." +# required: false +# SLACK_WEBHOOK: +# description: "Optional, enables Slack notifications." +# required: false + +jobs: + + configuration: + uses: cicd-tools-org/cicd-tools/.github/workflows/job-00-generic-read_json_file.yml@master + with: + JSON_FILE_PATH: ".github/config/workflows/workflow-publish-to-galaxy.json" + + api_key_exists: + secrets: + SECRET: ${{ secrets.GALAXY_API_KEY }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-00-generic-identify_secret_exists.yml@master + + start: + if: needs.api_key_exists.outputs.EXISTS == 'true' + needs: [api_key_exists] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-00-generic-notification.yml@master + with: + NOTIFICATION_EMOJI: ":vertical_traffic_light:" + NOTIFICATION_MESSAGE: "Ansible Galaxy release workflow has started!" + WORKFLOW_NAME: "galaxy" + + publish_to_galaxy: + if: needs.api_key_exists.outputs.EXISTS == 'true' + needs: [api_key_exists, configuration, start] + secrets: + GALAXY_API_KEY: ${{ secrets.GALAXY_API_KEY }} + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-95-poetry-galaxy_import_role.yml@master + with: + PYTHON_VERSION: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_version }} + WORKFLOW_DISPATCH: ${{ github.event_name == 'workflow_dispatch' }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + WORKFLOW_NAME: "galaxy" + + success: + if: needs.api_key_exists.outputs.EXISTS == 'true' + needs: [api_key_exists, publish_to_galaxy] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-00-generic-notification.yml@master + with: + NOTIFICATION_EMOJI: ":checkered_flag:" + NOTIFICATION_MESSAGE: "Ansible Galaxy release workflow has completed successfully!" + WORKFLOW_NAME: "galaxy" + +# End Cookiecutter Template Content{% endraw %} diff --git a/{{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml b/{{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml index f9b42033..6b0cf544 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/workflow-push.yml @@ -1,13 +1,11 @@ --- name: {{ cookiecutter.project_slug }}-github-workflow-push -# This workflow is configured by values found in the .github/config/workflows/workflow-push.json file. -# It's encouraged to explore the configuration before customizing this file. -# This will allow you to upgrade to future versions of this template without complications. - # For further details please consult the documentation here: # https://github.com/niall-byrne/ansible-workbench +# Begin Cookiecutter Template Content{% raw %} + on: push: schedule: @@ -18,33 +16,246 @@ on: # SLACK_WEBHOOK: # description: "Optional, enables Slack notifications." # required: false -# GALAXY_API_KEY: -# description: "Optional, enables importing the role into Ansible Galaxy." -# required: false jobs: configuration: + uses: cicd-tools-org/cicd-tools/.github/workflows/job-00-generic-read_json_file.yml@master + with: + JSON_FILE_PATH: ".github/config/workflows/workflow-push.json" + + scenarios: + needs: [configuration] + uses: cicd-tools-org/cicd-tools/.github/workflows/job-00-generic-identify_molecule_scenarios.yml@master + with: + MOLECULE_EXCLUSION_REGEX: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_molecule_excluded_scenarios_regex }} + MOLECULE_SCENARIO_PATH: "molecule" + + start: + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-00-generic-notification.yml@master + with: + NOTIFICATION_EMOJI: ":vertical_traffic_light:" + NOTIFICATION_MESSAGE: "workflow has started!" + + security: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-10-generic-security_scan_credentials.yml@master + with: + EXTRA_BINARY_ARGS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_trufflehog_extra_scan_args }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + markdown_links: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-30-generic-markdown_links.yml@master + with: + CONFIG_FILE: ".github/config/actions/gaurav-nelson-github-action-markdown-link-check.json" + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + ansible_lint: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-40-poetry-ansible_lint.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + molecule_test: + needs: [configuration, scenarios] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + strategy: + fail-fast: true + matrix: + scenario: ${{ fromJSON(needs.scenarios.outputs.SCENARIOS) }} + platform: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_molecule_test_platforms }} + max-parallel: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-40-poetry-molecule_command.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + MOLECULE_COMMAND: "test" + MOLECULE_SCENARIO: ${{ matrix.scenario }} + PLATFORM: ${{ matrix.platform }} + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + pre-commit_hooks: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-50-poetry-test_basic_precommit_hooks.yml@master + with: + CHECK_TOML: {% endraw %}{{ cookiecutter.optional_toml_linting }}{% raw %} + CHECK_WORKFLOW: {% endraw %}{{ cookiecutter.optional_workflow_linting }}{% raw %} + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + commit_lint: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-rev_range_command.yml@master + with: + COMMAND: | + poetry run cz check --rev-range "${PUSHED_COMMIT_REV_RANGE}" + COMMAND_NAME: "Commit Message Lint" + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + REV_RANGE: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_commitizen_rev_range }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + commit_spell_check: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-rev_range_command.yml@master + with: + COMMAND: | + CICD_COMMIT_MESSAGES_FILE="$(mktemp XXXXXXXX.git_history_file)" + git log --pretty=format:%s "${PUSHED_COMMIT_REV_RANGE}" > "${CICD_COMMIT_MESSAGES_FILE}" + poetry run pre-commit run --hook-stage commit-msg spelling-commit-message --commit-msg-filename "${CICD_COMMIT_MESSAGES_FILE}" + COMMAND_NAME: "Commit Message Spelling" + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + REV_RANGE: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_commit_spelling_rev_range }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + json_schema_lint: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PRECOMMIT_HOOK_ID: "check-jsonschema" + PRECOMMIT_HOOK_NAME: "Workflow Config JSON Schema Linting" + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + markdown_lint: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PRECOMMIT_HOOK_ID: "lint-markdown" + PRECOMMIT_HOOK_NAME: "Markdown Linting" + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + markdown_spelling: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PRECOMMIT_HOOK_ID: "spelling-markdown" + PRECOMMIT_HOOK_NAME: "Markdown Spelling" + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + shell_lint: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + strategy: + fail-fast: true + matrix: + hook: + - id: "format-shell" + name: "Shell Formatting" + - id: "lint-shell" + name: "Shell Linting" + max-parallel: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PRECOMMIT_HOOK_ID: ${{ matrix.hook.id }} + PRECOMMIT_HOOK_NAME: ${{ matrix.hook.name }} + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + {%- endraw %}{% if cookiecutter.optional_toml_linting == 'true' %}{% raw %} + + toml_lint: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PRECOMMIT_HOOK_ID: "format-toml" + PRECOMMIT_HOOK_NAME: "TOML Formatting" + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} + + {%- endraw %}{% endif %} + {%- if cookiecutter.optional_workflow_linting == 'true' %}{% raw %} + + workflow_lint: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + strategy: + fail-fast: true + matrix: + hook: + - id: "lint-github-workflow" + name: "Workflow Linting" + - id: "lint-github-workflow-header" + name: "Workflow Header Linting" + max-parallel: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PRECOMMIT_HOOK_ID: ${{ matrix.hook.id }} + PRECOMMIT_HOOK_NAME: ${{ matrix.hook.name }} + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} - runs-on: ubuntu-latest - outputs: - configuration: {% raw %}${{ steps.configuration.outputs.value }}{% endraw %} - molecule-scenarios: {% raw %}${{ steps.molecule-scenarios.outputs.value }}{% endraw %} + {%- endraw %}{% endif %}{% raw %} - steps: - - name: Create Configuration -- Checkout Repository - uses: {{ cookiecutter._GITHUB_ACTION_CHECKOUT }} + yaml_lint: + needs: [configuration] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-80-poetry-precommit_commit_stage_hook.yml@master + with: + CONCURRENCY: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_concurrency_limit }} + PRECOMMIT_HOOK_ID: "yamllint" + PRECOMMIT_HOOK_NAME: "YAML Linting" + PYTHON_VERSIONS: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_python_versions) }} + VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_verbose_notifications }} - - name: Create Configuration -- Validate the 'workflow-push.json' File - run: | - python -m json.tool "./.github/config/workflows/workflow-push.json" >> /dev/null + create_release: + permissions: + contents: write + {%- endraw %} + needs: [ansible_lint, configuration, commit_lint, commit_spell_check, json_schema_lint, markdown_links, markdown_lint, markdown_spelling, molecule_test, pre-commit_hooks, security, shell_lint, start, {%- if cookiecutter.optional_toml_linting == 'true' %} toml_lint, {%- endif %} {%- if cookiecutter.optional_workflow_linting == 'true' %} workflow_lint, {%- endif %} yaml_lint] + {%- raw %} + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-99-poetry-create_release.yml@master + with: + JSON_APPENDED_CONTENT: ${{ toJSON(fromJSON(needs.configuration.outputs.JSON_FILE_DATA).ci_extra_release_content) }} - - name: Create Configuration -- Set the Active Molecule Test Scenarios as Output - id: molecule-scenarios - run: | - source "./.github/scripts/workflow-identify-molecule-scenarios.sh" + success: + needs: [create_release] + secrets: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + uses: cicd-tools-org/cicd-tools/.github/workflows/job-00-generic-notification.yml@master + with: + NOTIFICATION_EMOJI: ":checkered_flag:" + NOTIFICATION_MESSAGE: "workflow has completed successfully!" - - name: Create Configuration -- Set the 'workflow-push.json' Configuration File as Output - id: configuration - run: | - source "./.github/scripts/workflow-set-value.sh" cat "./.github/config/workflows/workflow-push.json" +# End Cookiecutter Template Content{% endraw %} diff --git a/{{cookiecutter.project_slug}}/.gitignore b/{{cookiecutter.project_slug}}/.gitignore index b34e5f40..5a992103 100644 --- a/{{cookiecutter.project_slug}}/.gitignore +++ b/{{cookiecutter.project_slug}}/.gitignore @@ -1,6 +1,8 @@ *.retry .ansible .cache +.cicd-tools/boxes/* +!.cicd-tools/boxes/bootstrap .idea .tool-versions poetry.lock diff --git a/{{cookiecutter.project_slug}}/.markdownlint.yml b/{{cookiecutter.project_slug}}/.markdownlint.yml new file mode 100644 index 00000000..886c2310 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.markdownlint.yml @@ -0,0 +1,12 @@ +--- +default: true + +MD001: false +MD003: false +MD007: false +MD013: false +MD022: false +MD029: + style: ordered +MD032: false +MD033: false diff --git a/{{cookiecutter.project_slug}}/.pre-commit-config.yaml b/{{cookiecutter.project_slug}}/.pre-commit-config.yaml index ab7cd074..d4b74186 100644 --- a/{{cookiecutter.project_slug}}/.pre-commit-config.yaml +++ b/{{cookiecutter.project_slug}}/.pre-commit-config.yaml @@ -3,6 +3,34 @@ default_install_hook_types: - pre-commit - commit-msg repos: + - repo: https://github.com/python-jsonschema/check-jsonschema + rev: 0.22.0 + hooks: + - id: check-jsonschema + name: check-cookiecutter-schema + files: "^\\.cookiecutter/cookiecutter\\.json$" + args: + - "--schemafile" + - ".cicd-tools/boxes/bootstrap/schemas/cookiecutter.json" + stages: [commit] + - id: check-jsonschema + name: check-github-workflow-push-schema + files: "^\\.github/config/workflows/workflow-push.json$" + args: + - "--schemafile" + - ".github/config/schemas/workflows/workflow-push.json" + stages: [commit] + - id: check-jsonschema + name: check-github-workflow-publish-to-galaxy-schema + files: "^\\.github/config/workflows/workflow-publish-to-galaxy.json$" + args: + - "--schemafile" + - ".github/config/schemas/workflows/workflow-publish-to-galaxy.json" + stages: [commit] + - id: check-metaschema + name: check-github-workflow-metaschemas + files: "^\\.github/config/schemas/.*\\.json$" + stages: [commit] - repo: https://github.com/commitizen-tools/commitizen rev: v2.42.1 hooks: @@ -12,61 +40,36 @@ repos: rev: v1.29.0 hooks: - id: yamllint - args: ["-c", "./.yamllint.yml"] + args: + - "-c" + - "./.yamllint.yml" stages: [commit] - - repo: local + - repo: https://github.com/cicd-tools-org/pre-commit.git + rev: 0.1.0 hooks: - - id: ansible-lint - name: ansible-lint - description: "Check the profile for Ansible best practices." - entry: ./.cicd-tools/boxes/bootstrap/pre-commit/ansible-lint.sh - files: "^.+\\.(yaml|yml)$" - language: system - pass_filenames: false - stages: [commit] - - id: shell-fmt - name: shell-fmt - description: "Format the project's shell scripts." - entry: ./.cicd-tools/boxes/bootstrap/pre-commit/shell-fmt.sh - exclude: "^\\.cicd-tools/ci/.+$" - files: "^.+\\.(bash|sh)$" - language: system - pass_filenames: true - stages: [commit] - - id: shell-lint - name: shell-lint - description: "Lint the project's shell scripts." - entry: ./.cicd-tools/boxes/bootstrap/pre-commit/shell-lint.sh - exclude: "^\\.cicd-tools/ci/.+$" - files: "^.+\\.(bash|sh)$" - language: system - pass_filenames: true - stages: [commit] + - id: format-shell + args: + - "-w" + - "--indent=2" + - "-ci" + - "-sr" {%- if cookiecutter.optional_toml_linting == 'true' %} - - id: toml-lint - name: toml-lint - description: "Lint the project's TOML files." - entry: ./.cicd-tools/boxes/bootstrap/pre-commit/toml-lint.sh - files: "^.+\\.toml$" - language: system - stages: [commit] - pass_filenames: true + - id: format-toml {%- endif %} + - id: lint-ansible {%- if cookiecutter.optional_workflow_linting == 'true' %} - - id: workflow-lint - name: workflow-lint - description: "Lint the project's GitHub workflow files." - entry: ./.cicd-tools/boxes/bootstrap/pre-commit/workflow-lint.sh - files: "^.github/workflows/.+\\.(yaml|yml)$" - language: system - pass_filenames: false - stages: [commit] - - id: workflow-header-lint - name: workflow-header-lint - description: "Lint the headers of the project's GitHub workflow files." - entry: ./.cicd-tools/boxes/bootstrap/pre-commit/workflow-header-lint.sh - files: "^.github/workflows/.+\\.(yaml|yml)$" - language: system - pass_filenames: true - stages: [commit] + - id: lint-github-workflow + - id: lint-github-workflow-header {%- endif %} + - id: lint-markdown + args: + - "-c" + - ".markdownlint.yml" + - id: lint-shell + args: + - "--color=always" + - "--source-path=SCRIPTDIR" + - "--exclude=SC2317" + - "-x" + - id: spelling-commit-message + - id: spelling-markdown diff --git a/{{cookiecutter.project_slug}}/.vale.ini b/{{cookiecutter.project_slug}}/.vale.ini new file mode 100644 index 00000000..eec77217 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.vale.ini @@ -0,0 +1,10 @@ +StylesPath = ".vale" +Vocab = "{{cookiecutter.project_slug}}" + +[*] +BasedOnStyles = Vale +Vale.Terms = NO + +[*.md] +BasedOnStyles = Vale +Vale.Terms = YES diff --git a/{{cookiecutter.project_slug}}/.vale/Vocab/{{cookiecutter.project_slug}}/accept.txt b/{{cookiecutter.project_slug}}/.vale/Vocab/{{cookiecutter.project_slug}}/accept.txt new file mode 100644 index 00000000..6332fcd2 --- /dev/null +++ b/{{cookiecutter.project_slug}}/.vale/Vocab/{{cookiecutter.project_slug}}/accept.txt @@ -0,0 +1,4 @@ +(B|b)yrne +(D|d)ev +(N|n)iall +config diff --git a/{{cookiecutter.project_slug}}/.vale/Vocab/{{cookiecutter.project_slug}}/reject.txt b/{{cookiecutter.project_slug}}/.vale/Vocab/{{cookiecutter.project_slug}}/reject.txt new file mode 100644 index 00000000..e69de29b diff --git a/{{cookiecutter.project_slug}}/molecule/default/molecule.yml b/{{cookiecutter.project_slug}}/molecule/default/molecule.yml index a3ae4ffe..6e6a6cf9 100644 --- a/{{cookiecutter.project_slug}}/molecule/default/molecule.yml +++ b/{{cookiecutter.project_slug}}/molecule/default/molecule.yml @@ -13,10 +13,6 @@ driver: ansible_connection_options: ansible_connection: local ansible_sudo_pass: "${ANSIBLE_SUDO_PASSWORD}" -lint: | - set -e - yamllint -f standard . - ansible-lint platforms: - name: instance provisioner: diff --git a/{{cookiecutter.project_slug}}/pyproject.toml b/{{cookiecutter.project_slug}}/pyproject.toml index 91c5a6e8..db35350f 100644 --- a/{{cookiecutter.project_slug}}/pyproject.toml +++ b/{{cookiecutter.project_slug}}/pyproject.toml @@ -17,18 +17,22 @@ name = '{{cookiecutter.project_slug}}' version = '0.1.0' [tool.poetry.dependencies] -python = '^{{ cookiecutter._GITHUB_CI_DEFAULT_PYTHON_VERSIONS | first }}.0,<4.0' +python = '^{{ cookiecutter._GITHUB_CI_DEFAULT_PYTHON_VERSIONS | first }}' -[tool.poetry.dev-dependencies] +[tool.poetry.group] +[tool.poetry.group.dev] +[tool.poetry.group.dev.dependencies] ansible = '^7.5.0' commitizen = '^3.0.0' pre-commit = '^3.1.1' -yamllint = '^1.29.0' -[tool.poetry.dev-dependencies.ansible-lint] +[tool.poetry.group.dev.dependencies.ansible-lint] markers = "platform_system != 'Windows'" version = '^6.12.2' -[tool.poetry.dev-dependencies.molecule] +[tool.poetry.group.dev.dependencies.molecule] +version = '^5.0.0' + +[tool.poetry.group.dev.dependencies.molecule-plugins] extras = ['docker'] -version = '^4.0.4' +version = '^23.4.1' diff --git a/{{cookiecutter.project_slug}}/requirements.yml b/{{cookiecutter.project_slug}}/requirements.yml index 6d7199bb..51367ca3 100644 --- a/{{cookiecutter.project_slug}}/requirements.yml +++ b/{{cookiecutter.project_slug}}/requirements.yml @@ -1,4 +1,7 @@ --- +collections: + - name: community.general + version: ">=6.3.0,<7.0.0" roles: - name: osx_provisioner.homebrew_retry version: 0.3.0 diff --git a/{{cookiecutter.project_slug}}/tests/test.yml b/{{cookiecutter.project_slug}}/tests/test.yml index ef38c06d..775f7541 100644 --- a/{{cookiecutter.project_slug}}/tests/test.yml +++ b/{{cookiecutter.project_slug}}/tests/test.yml @@ -2,6 +2,3 @@ - name: Default test for {{ cookiecutter.galaxy_namespace_slug }}.{{ cookiecutter.galaxy_role_slug }} hosts: localhost remote_user: root - - roles: - - {{ cookiecutter.galaxy_namespace_slug }}.{{ cookiecutter.galaxy_role_slug }}