From bd7f2596ec28a8104b3138b9dd528f45caff0bd8 Mon Sep 17 00:00:00 2001 From: Niall Byrne <9848926+niall-byrne@users.noreply.github.com> Date: Wed, 8 Mar 2023 10:55:17 -0500 Subject: [PATCH] ci(GITHUB): refactor outer workflow --- ..._precommit.sh => job-50-test-precommit.sh} | 2 +- ...eases.sh => job-60-prune-test-releases.sh} | 2 +- .../{test_push.sh => job-60-test-push.sh} | 2 +- .../{template.sh => task-render-template.sh} | 2 +- ...ments.sh => task-template-requirements.sh} | 2 +- .github/scripts/workflow-setup-environment.sh | 30 + .github/workflows/.job-00-start.yml | 37 + .github/workflows/.job-00-success.yml | 37 + .github/workflows/.job-10-security.yml | 56 ++ .github/workflows/.job-30-documentation.yml | 83 ++ .github/workflows/.job-40-molecule.yml | 89 ++ .github/workflows/.job-50-precommit.yml | 109 +++ .github/workflows/.job-60-remote-push.yml | 116 +++ .github/workflows/.job-80-commit-lint.yml | 82 ++ .github/workflows/.job-80-shell-lint.yml | 77 ++ .github/workflows/.job-80-toml-lint.yml | 81 ++ .github/workflows/.job-80-yaml-lint.yml | 82 ++ .github/workflows/.job-99-create-release.yml | 84 ++ .github/workflows/self-test.yml | 762 ------------------ .github/workflows/workflow-template-test.yml | 115 +++ cookiecutter.json | 3 +- ...{branch_filter.sh => release_candidate.sh} | 4 +- .../.github/scripts/setup.sh | 2 +- .../.github/workflows/push.yml | 16 +- 24 files changed, 1096 insertions(+), 779 deletions(-) rename .github/scripts/{test_precommit.sh => job-50-test-precommit.sh} (97%) rename .github/scripts/{prune_test_releases.sh => job-60-prune-test-releases.sh} (91%) rename .github/scripts/{test_push.sh => job-60-test-push.sh} (97%) rename .github/scripts/{template.sh => task-render-template.sh} (91%) rename .github/scripts/{requirements.sh => task-template-requirements.sh} (79%) create mode 100644 .github/scripts/workflow-setup-environment.sh create mode 100644 .github/workflows/.job-00-start.yml create mode 100644 .github/workflows/.job-00-success.yml create mode 100644 .github/workflows/.job-10-security.yml create mode 100644 .github/workflows/.job-30-documentation.yml create mode 100644 .github/workflows/.job-40-molecule.yml create mode 100644 .github/workflows/.job-50-precommit.yml create mode 100644 .github/workflows/.job-60-remote-push.yml create mode 100644 .github/workflows/.job-80-commit-lint.yml create mode 100644 .github/workflows/.job-80-shell-lint.yml create mode 100644 .github/workflows/.job-80-toml-lint.yml create mode 100644 .github/workflows/.job-80-yaml-lint.yml create mode 100644 .github/workflows/.job-99-create-release.yml delete mode 100644 .github/workflows/self-test.yml create mode 100644 .github/workflows/workflow-template-test.yml rename {{cookiecutter.project_slug}}/.github/scripts/{branch_filter.sh => release_candidate.sh} (78%) diff --git a/.github/scripts/test_precommit.sh b/.github/scripts/job-50-test-precommit.sh similarity index 97% rename from .github/scripts/test_precommit.sh rename to .github/scripts/job-50-test-precommit.sh index eea96f7b..edd222af 100644 --- a/.github/scripts/test_precommit.sh +++ b/.github/scripts/job-50-test-precommit.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/test_precommit.sh +# .github/scripts/job-50-test-precommit.sh # Performs tests on the pre-commit hooks. # 1: The name of a pre-commit test scenario. (See 'main' below.) diff --git a/.github/scripts/prune_test_releases.sh b/.github/scripts/job-60-prune-test-releases.sh similarity index 91% rename from .github/scripts/prune_test_releases.sh rename to .github/scripts/job-60-prune-test-releases.sh index 4bf5ac48..d72f568d 100644 --- a/.github/scripts/prune_test_releases.sh +++ b/.github/scripts/job-60-prune-test-releases.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/prune_test_releases.sh +# .github/scripts/job-60-prune-test-releases.sh # Remove existing releases on the test repository. # GITHUB_TOKEN: The token used to authorize the call. diff --git a/.github/scripts/test_push.sh b/.github/scripts/job-60-test-push.sh similarity index 97% rename from .github/scripts/test_push.sh rename to .github/scripts/job-60-test-push.sh index dedae1d4..b1e797f2 100644 --- a/.github/scripts/test_push.sh +++ b/.github/scripts/job-60-test-push.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/test_push.sh +# .github/scripts/job-60-test-push.sh # Performs pushes against the test repository to trigger rendered workflows. # 1: The name of the branch you wish to push. diff --git a/.github/scripts/template.sh b/.github/scripts/task-render-template.sh similarity index 91% rename from .github/scripts/template.sh rename to .github/scripts/task-render-template.sh index e7c1fa4f..8491852a 100644 --- a/.github/scripts/template.sh +++ b/.github/scripts/task-render-template.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/template.sh +# .github/scripts/task-render-template.sh # Perform automated templating. # 1: Optional TOML Formatting diff --git a/.github/scripts/requirements.sh b/.github/scripts/task-template-requirements.sh similarity index 79% rename from .github/scripts/requirements.sh rename to .github/scripts/task-template-requirements.sh index 5dc0fcdf..a1467dbc 100644 --- a/.github/scripts/requirements.sh +++ b/.github/scripts/task-template-requirements.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/requirements.sh +# .github/scripts/task-template-requirements.sh # Centralized management of template requirements installs. # CI only script diff --git a/.github/scripts/workflow-setup-environment.sh b/.github/scripts/workflow-setup-environment.sh new file mode 100644 index 00000000..15a93b8d --- /dev/null +++ b/.github/scripts/workflow-setup-environment.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# .github/scripts/workflow-setup-environment.sh +# Configures environment variables for GitHub Workflows. + +# CI only script. + +set -eo pipefail + +main() { + + ANSIBLE_WORKBENCH_BRANCH_NAME_BASE="master" + ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT="dev" + PROJECT_NAME="ansible-workbench" + USER_NAME="niall-byrne" + TEMPLATED_NAME="flower-generator" + VERBOSE_NOTIFICATIONS="${VERBOSE_NOTIFICATIONS:-0}" + + { + echo "ANSIBLE_WORKBENCH_BRANCH_NAME_BASE=${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE}" + echo "ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT=${ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT}" + echo "PROJECT_NAME=${PROJECT_NAME}" + echo "USER_NAME=${USER_NAME}" + echo "TEMPLATED_NAME=${TEMPLATED_NAME}" + echo "VERBOSE_NOTIFICATIONS=${VERBOSE_NOTIFICATIONS}" + } >> "${GITHUB_ENV}" + +} + +main "$@" diff --git a/.github/workflows/.job-00-start.yml b/.github/workflows/.job-00-start.yml new file mode 100644 index 00000000..af6ebbe0 --- /dev/null +++ b/.github/workflows/.job-00-start.yml @@ -0,0 +1,37 @@ +--- +name: ansible-workbench-job-start-notification + +on: + workflow_call: + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + start_notification: + + runs-on: ubuntu-latest + + steps: + - name: Start -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Start -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Start -- Report Job Status on Success + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: workflow has started!" + + - name: Start -- Report Job Status on Failure + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: error reporting job status!" diff --git a/.github/workflows/.job-00-success.yml b/.github/workflows/.job-00-success.yml new file mode 100644 index 00000000..9ac28439 --- /dev/null +++ b/.github/workflows/.job-00-success.yml @@ -0,0 +1,37 @@ +--- +name: ansible-workbench-job-start-notification + +on: + workflow_call: + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + start_notification: + + runs-on: ubuntu-latest + + steps: + - name: Success -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Success -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Success -- Report Job Status on Success + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: all checks were successful!" + + - name: Success -- Report Job Status on Failure + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: error reporting job status!" diff --git a/.github/workflows/.job-10-security.yml b/.github/workflows/.job-10-security.yml new file mode 100644 index 00000000..e5a59a3c --- /dev/null +++ b/.github/workflows/.job-10-security.yml @@ -0,0 +1,56 @@ +--- +name: ansible-workbench-job-security + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 + +jobs: + + run_trufflehog: + + runs-on: ubuntu-latest + + steps: + - name: Security Test Repo -- Checkout Repository + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Security Test Repo -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh" + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Security Test -- Run Trufflehog + uses: trufflesecurity/trufflehog@v3.27.1 + with: + path: . + base: ${{ env.PUSHED_COMMIT_START }} + head: ${{ env.BRANCH_OR_TAG }} + + - name: Security Test Repo -- Report Job Status on Success + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: security checks succeeded!" + + - name: Security Test Repo -- Report Job Status on Failure + if: failure() + run: | + "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: security checks failed!" diff --git a/.github/workflows/.job-30-documentation.yml b/.github/workflows/.job-30-documentation.yml new file mode 100644 index 00000000..56b07e94 --- /dev/null +++ b/.github/workflows/.job-30-documentation.yml @@ -0,0 +1,83 @@ +--- +name: ansible-workbench-job-documentation + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 + +jobs: + + check_markdown_links: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + python-version: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS }} + max-parallel: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} + + steps: + - name: Documentation Test -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Documentation Test -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Documentation Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Documentation Test -- Install Template Requirements + run: | + source "./template/.github/scripts/task-template-requirements.sh" + + - name: Documentation Test -- Render Template + run: | + source "./template/.github/scripts/task-render-template.sh" + + - name: Documentation Test -- Check Markdown Links For Template + uses: gaurav-nelson/github-action-markdown-link-check@v1 + with: + config-file: 'template/{{cookiecutter.project_slug}}/.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json' + use-quiet-mode: 'no' + use-verbose-mode: 'yes' + folder-path: 'template, template/.github/workflows' + max-depth: 1 + + - name: Documentation Test -- Check Markdown Links For Rendered Template + uses: gaurav-nelson/github-action-markdown-link-check@v1 + with: + config-file: 'template/{{cookiecutter.project_slug}}/.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json' + use-quiet-mode: 'no' + use-verbose-mode: 'yes' + folder-path: ${{ env.TEMPLATED_NAME }} + max-depth: -1 + + - name: Documentation Test -- Report Job Status on Success + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: documentation checks succeeded!" + + - name: Documentation Test -- Report Job Status on Failure + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: documentation checks failed!" diff --git a/.github/workflows/.job-40-molecule.yml b/.github/workflows/.job-40-molecule.yml new file mode 100644 index 00000000..dbc44116 --- /dev/null +++ b/.github/workflows/.job-40-molecule.yml @@ -0,0 +1,89 @@ +--- +name: ansible-workbench-job-molecule + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 0 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 0 + +jobs: + + run_molecule_lint: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + python-version: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS }} + max-parallel: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} + + steps: + - name: Molecule Lint Test -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Molecule Lint Test -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Molecule Lint Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Molecule Lint Test -- Install Template Requirements + run: | + source "./template/.github/scripts/task-template-requirements.sh" + + - name: Molecule Lint Test -- Initialize Cache Locations + run: | + mkdir -p ~/.cache/pypoetry/virtualenvs + source "./template/{{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh" \ + "$(pwd)/ansible_cache" \ + ~/.cache + + - name: Molecule Lint Test -- Mount Ansible Cache + uses: actions/cache@v3 + with: + key: ansible-${{ hashFiles('./template/{{cookiecutter.project_slug}}/requirements.yml') }}-${{ env.CACHE_TTL }} + path: ansible_cache + + - name: Molecule Lint Test -- Mount Poetry Cache + uses: actions/cache@v3 + with: + key: poetry-${{ hashFiles('./template/{{cookiecutter.project_slug}}/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} + path: ~/.cache/pypoetry/virtualenvs + + - name: Molecule Lint Test -- Render Template + run: | + source "./template/.github/scripts/task-render-template.sh" + + - name: Molecule Lint Test -- Lint Rendered Template With Default Scenario + run: | + cd "${TEMPLATED_NAME}" + poetry run molecule lint + + - name: Molecule Lint Test -- Report Job Status on Success + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: molecule linting checks succeeded!" + + - name: Molecule Lint Test -- Report Job Status on Failure + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: molecule linting checks failed!" diff --git a/.github/workflows/.job-50-precommit.yml b/.github/workflows/.job-50-precommit.yml new file mode 100644 index 00000000..99769ebc --- /dev/null +++ b/.github/workflows/.job-50-precommit.yml @@ -0,0 +1,109 @@ +--- +name: ansible-workbench-job-precommit + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 0 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 0 + +jobs: + + precommit_hook_tests: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + cookiecutter-toml-selection: [1, 2] + python-version: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS }} + max-parallel: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} + + steps: + - name: Pre-Commit Test -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Pre-Commit Test -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Pre-Commit Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Pre-Commit Test -- Install Template Requirements + run: | + source "./template/.github/scripts/task-template-requirements.sh" + + - name: Pre-Commit Test -- Install tomll + run: | + sudo apt-get install -y golang-github-pelletier-go-toml + + - name: Pre-Commit -- Initialize Cache Locations + run: | + mkdir -p ~/.cache/pypoetry/virtualenvs + source "./template/{{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh" \ + "$(pwd)/ansible_cache" \ + ~/.cache + + - name: Pre-Commit -- Mount Ansible Cache + uses: actions/cache@v3 + with: + key: ansible-${{ hashFiles('./template/{{cookiecutter.project_slug}}/requirements.yml') }}-${{ env.CACHE_TTL }} + path: ansible_cache + + - name: Pre-Commit Test -- Mount Poetry Cache + uses: actions/cache@v3 + with: + key: poetry-${{ hashFiles('./template/{{cookiecutter.project_slug}}/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} + path: ~/.cache/pypoetry/virtualenvs + + - name: Pre-Commit Test -- Render Template + run: | + source "./template/.github/scripts/task-render-template.sh" "${SELECTION_TOML}" "GitHub Action" "action@github.com" + env: + SELECTION_TOML: ${{ matrix.cookiecutter-toml-selection }} + + - name: Pre-Commit Test -- Test Commit Lint -- Expect Failure + run: | + source "./template/.github/scripts/job-50-test-precommit.sh" "commit-lint" + + - name: Pre-Commit Test -- Test Molecule Lint -- Expect Failure + run: | + source "./template/.github/scripts/job-50-test-precommit.sh" "molecule-lint" + + - name: Pre-Commit Test -- Test TOML Lint -- Expect Failure + if: matrix.cookiecutter-toml-selection == 1 + run: | + source "./template/.github/scripts/job-50-test-precommit.sh" "toml-lint-1" + + - name: Pre-Commit Test -- Test TOML Lint -- Expect Success + if: matrix.cookiecutter-toml-selection == 1 + run: | + source "./template/.github/scripts/job-50-test-precommit.sh" "toml-lint-2" + + - name: Pre-Commit Test -- Report Job Status on Success + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: pre-commit hook test has passed!" + + - name: Pre-Commit Test -- Report Job Status on Failure + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: pre-commit hook test has failed!" diff --git a/.github/workflows/.job-60-remote-push.yml b/.github/workflows/.job-60-remote-push.yml new file mode 100644 index 00000000..a11f7c41 --- /dev/null +++ b/.github/workflows/.job-60-remote-push.yml @@ -0,0 +1,116 @@ +--- +name: ansible-workbench-job-remote-push + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + REMOTE_TOKEN: + description: "GitHub token with access to the test repository." + required: true + REMOTE_ORIGIN: + description: "Identifies the test repository as: owner/repository" + required: true + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 + TEST_PUSH_TAG: "0.1.0" + +jobs: + + push_to_test_repository: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + cookiecutter-toml-selection: [1, 2] + python-version: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS }} + max-parallel: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} + + steps: + - name: Push Test -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + persist-credentials: false + + - name: Push Test -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Push Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Push Test -- Install Template Requirements + run: | + source "./template/.github/scripts/task-template-requirements.sh" + + - name: Push Test -- Render Template + run: | + source "./template/.github/scripts/task-render-template.sh" "${SELECTION_TOML}" "GitHub Action" "action@github.com" + env: + SELECTION_TOML: ${{ matrix.cookiecutter-toml-selection }} + + - name: Push Test -- Clean Up Test Releases + if: matrix.cookiecutter-toml-selection == 1 + run: | + source "./template/.github/scripts/job-60-prune-test-releases.sh" + env: + GITHUB_TOKEN: ${{ secrets.REMOTE_TOKEN }} + REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} + + - name: Push Test -- Push To Test Repository (${{ env.ANSIBLE_WORKBENCH_BRANCH_NAME_BASE }}) + if: matrix.cookiecutter-toml-selection == 1 + run: | + source "./template/.github/scripts/job-60-test-push.sh" "${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE}" + env: + REMOTE_TOKEN: ${{ secrets.REMOTE_TOKEN }} + REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} + + - name: Push Test -- Push To Test Repository (${{ env.TEST_PUSH_TAG }}) + if: matrix.cookiecutter-toml-selection == 1 + run: | + source "./template/.github/scripts/job-60-test-push.sh" "${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE}" "${TEST_PUSH_TAG}" + env: + REMOTE_TOKEN: ${{ secrets.REMOTE_TOKEN }} + REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} + + - name: Push Test -- Trigger Release Workflow Test + if: matrix.cookiecutter-toml-selection == 1 + run: | + gh workflow run -r "${TEST_PUSH_TAG}" -R "${REMOTE_ORIGIN}" release.yml -f "TAG=${TEST_PUSH_TAG}" + env: + GITHUB_TOKEN: ${{ secrets.REMOTE_TOKEN }} + REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} + + - name: Push Test -- Push To Test Repository (${{ env.ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT }}) + if: matrix.cookiecutter-toml-selection == 2 + run: | + source "./template/.github/scripts/job-60-test-push.sh" "${ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT}" + env: + REMOTE_TOKEN: ${{ secrets.REMOTE_TOKEN }} + REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} + + - name: Push Test -- Report Job Status on Success + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: push has been triggered!" + + - name: Push Test -- Report Job Status on Failure + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: push failed to trigger!" diff --git a/.github/workflows/.job-80-commit-lint.yml b/.github/workflows/.job-80-commit-lint.yml new file mode 100644 index 00000000..70258328 --- /dev/null +++ b/.github/workflows/.job-80-commit-lint.yml @@ -0,0 +1,82 @@ +--- +name: ansible-workbench-job-commit-lint + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 0 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 + ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE: "8f9a7c315416747257b3ef2adfc425c63d85adf8..HEAD" + +jobs: + + run_commitizen: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + python-version: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS }} + max-parallel: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} + + steps: + - name: Commit Lint Test -- Checkout Repository + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Commit Lint Test -- Setup Environment + run: | + source "./.github/scripts/workflow-setup-environment.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh" + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Commit Lint Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Commit Lint Test -- Install Poetry + run: | + source "./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh" "install-poetry" + + - name: Commit Lint Test -- Initialize Cache Locations + run: | + mkdir -p ~/.cache/pypoetry/virtualenvs + + - name: Commit Lint Test -- Mount Poetry Cache + uses: actions/cache@v3 + with: + key: poetry-${{ hashFiles('./pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} + path: ~/.cache/pypoetry/virtualenvs + + - name: Commit Lint Test -- Install Requirements + run: | + source "./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh" "install-project" + + - name: Commit Lint Test -- Lint Pushed Commits + run: | + poetry run cz check --rev-range "${PUSHED_COMMIT_REV_RANGE}" + + - name: Commit Lint Test -- Report Job Status on Success + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: commit lint checks succeeded!" + + - name: Commit Lint Test -- Report Job Status on Failure + if: failure() + run: | + "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: commit lint checks failed!" diff --git a/.github/workflows/.job-80-shell-lint.yml b/.github/workflows/.job-80-shell-lint.yml new file mode 100644 index 00000000..c2aac789 --- /dev/null +++ b/.github/workflows/.job-80-shell-lint.yml @@ -0,0 +1,77 @@ +--- +name: ansible-workbench-job-shell-lint + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 + +jobs: + + run_shellcheck: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + python-version: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS }} + max-parallel: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} + + steps: + - name: Shell Lint Test -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Shell Lint Test -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Shell Lint Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Shell Lint Test -- Install Template Requirements + run: | + source "./template/.github/scripts/task-template-requirements.sh" + + - name: Shell Lint Test -- Render Template + run: | + source "./template/.github/scripts/task-render-template.sh" + + - name: Shell Lint Test -- Shellcheck Scripts + run: | + shellcheck ./template/hooks/*.sh + shellcheck ./template/scripts/*.sh + shellcheck ./template/.github/scripts/*.sh + + - name: Shell Lint Test -- Shellcheck Rendered Scripts + run: | + cd "${TEMPLATED_NAME}" + shellcheck ./.github/scripts/*.sh + shellcheck -x ./.pre-commit/*.sh + + - name: Shell Lint Test -- Report Job Status on Success + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: shellcheck checks succeeded!" + + - name: Shell Lint Test -- Report Job Status on Failure + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: shellcheck checks failed!" diff --git a/.github/workflows/.job-80-toml-lint.yml b/.github/workflows/.job-80-toml-lint.yml new file mode 100644 index 00000000..c981d676 --- /dev/null +++ b/.github/workflows/.job-80-toml-lint.yml @@ -0,0 +1,81 @@ +--- +name: ansible-workbench-job-toml-lint + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 + +jobs: + + run_tomll: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + python-version: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS }} + max-parallel: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} + + steps: + - name: Toml Lint Test -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Toml Lint Test -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Toml Lint Test -- Install Linter + run: | + sudo apt-get install -y golang-github-pelletier-go-toml + + - name: Toml Lint Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Toml Lint Test -- Install Template Requirements + run: | + source "./template/.github/scripts/task-template-requirements.sh" + + - name: Toml Lint Test -- Render Template + run: | + source "./template/.github/scripts/task-render-template.sh" + + - name: Toml Lint Test -- Run Linter (Template) + run: | + cd template + find . -type f -name "*.toml" -exec tomll "{}" \; + git diff --exit-code + + - name: Toml Lint -- Run Linter (Rendered Tempalte) + run: | + cd "${TEMPLATED_NAME}" + find . -type f -name "*.toml" -exec tomll "{}" \; + git diff --exit-code + + - name: Toml Lint Test -- Report Job Status (Success) + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: toml linting was successful!" + + - name: Toml Lint Test -- Report Job Status (Failure) + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: toml linting has failed!" diff --git a/.github/workflows/.job-80-yaml-lint.yml b/.github/workflows/.job-80-yaml-lint.yml new file mode 100644 index 00000000..ab320685 --- /dev/null +++ b/.github/workflows/.job-80-yaml-lint.yml @@ -0,0 +1,82 @@ +--- +name: ansible-workbench-job-yaml-lint + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +env: + ANSIBLE_WORKBENCH_SKIP_POETRY: 1 + ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 + +jobs: + + run_yamllint: + + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + cookiecutter-toml-selection: [1, 2] + python-version: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_PYTHON_VERSIONS }} + max-parallel: ${{ fromJSON(inputs.CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }} + + steps: + - name: Yaml Lint Test -- Checkout Repository + uses: actions/checkout@v3 + with: + path: 'template' + + - name: Yaml Lint Test -- Setup Environment + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Yaml Lint Test -- Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Yaml Lint Test-- Install Template Requirements + run: | + source "./template/.github/scripts/task-template-requirements.sh" + + - name: Yaml Lint Test -- Render Template + run: | + source "./template/.github/scripts/task-render-template.sh" "${SELECTION_TOML}" + env: + SELECTION_TOML: ${{ matrix.cookiecutter-toml-selection }} + + - name: Yaml Lint Test -- Lint Template GitHub Workflows + uses: ibiqlik/action-yamllint@v3 + with: + format: standard + file_or_dir: ./template/.github/workflows + config_file: ./${{ env.TEMPLATED_NAME }}/.yamllint.yml + + - name: Yaml Lint Test -- Lint Rendered GitHub Workflows + uses: ibiqlik/action-yamllint@v3 + with: + format: standard + file_or_dir: ./${{ env.TEMPLATED_NAME }}/.github/workflows/*.yml -c ./${{ env.TEMPLATED_NAME }}/.yamllint.yml + config_file: ./${{ env.TEMPLATED_NAME }}/.yamllint.yml + + - name: Yaml Lint Test -- Report Job Status on Success + if: fromJSON(inputs.CONFIGURATION)._GITHUB_CI_VERBOSE_NOTIFICATIONS == true + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: YAML linting checks succeeded!" + + - name: Yaml Lint Test -- Report Job Status on Failure + if: failure() + run: | + "./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: YAML linting checks failed!" diff --git a/.github/workflows/.job-99-create-release.yml b/.github/workflows/.job-99-create-release.yml new file mode 100644 index 00000000..4898f435 --- /dev/null +++ b/.github/workflows/.job-99-create-release.yml @@ -0,0 +1,84 @@ +--- +name: ansible-workbench-job-release + +on: + workflow_call: + inputs: + CONFIGURATION: + description: "The 'cookiecutter.json' file as a configuration object." + required: true + type: string + secrets: + SLACK_WEBHOOK: + description: "Optional, enables Slack notifications." + required: false + +jobs: + + generate_github_release: + + runs-on: ubuntu-latest + + steps: + - name: Create Release -- Checkout Repository + uses: actions/checkout@v3 + + - name: Create Release -- Filter Release Candidates + id: filter + run: | + source "./{{cookiecutter.project_slug}}/.github/scripts/release_candidate.sh" "${{ github.event.ref }}" + + - name: Create Release -- Checkout Repository (All Commits) + if: steps.filter.outputs.release_candidate == 'TRUE' + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Create Release -- Setup Environment + if: steps.filter.outputs.release_candidate == 'TRUE' + run: | + source "./template/.github/scripts/workflow-setup-environment.sh" + source "./{{cookiecutter.project_slug}}/.github/scripts/setup.sh" + env: + WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} + + - name: Create Release -- Install Poetry + if: steps.filter.outputs.release_candidate == 'TRUE' + run: | + source "./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh" "install-poetry" + + - name: Create Release -- Check 'pyproject.toml' Matches Tag + if: steps.filter.outputs.release_candidate == 'TRUE' + run: | + source "./{{cookiecutter.project_slug}}/.github/scripts/version.sh" + + - name: Create Release -- Generate Changelog + if: steps.filter.outputs.release_candidate == 'TRUE' + run: + source "./{{cookiecutter.project_slug}}/.github/scripts/changelog.sh" + + - name: Create Release -- Generate GitHub Release Draft + if: steps.filter.outputs.release_candidate == 'TRUE' + id: create_release + uses: actions/github-script@v6 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + const script = require('./{{cookiecutter.project_slug}}/.github/scripts/release.js'); + const body = process.env.CHANGE_LOG_CONTENT + "\n" + process.env.CHECK_LIST_CONTENT; + const tag = process.env.BRANCH_OR_TAG; + await script({ body, context, core, github, tag }) + env: + CHECK_LIST_CONTENT: | + ## Deployment Checklist + - [] Ensure master points to new tag + + - name: Create Release -- Report Job Status on Success + if: steps.filter.outputs.release_candidate == 'TRUE' + run: | + "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":white_check_mark: automated release has been created!\nhttps://github.com/${USER_NAME}/${PROJECT_NAME}/releases" + + - name: Create Release -- Report Job Status on Failure + if: failure() + run: | + "./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh" "${NOTIFICATION}" ":x: automated release creation has failed!" diff --git a/.github/workflows/self-test.yml b/.github/workflows/self-test.yml deleted file mode 100644 index d2c08bc7..00000000 --- a/.github/workflows/self-test.yml +++ /dev/null @@ -1,762 +0,0 @@ ---- -name: ansible-workbench-self-test - -# Required GitHub Repository Secrets: -# REMOTE_ORIGIN (Required, to identify the test repository: organization/repo.) -# REMOTE_TOKEN (Required, for GitHub token with access to the test repository.) -# SLACK_WEBHOOK (Optional, for Slack notifications...) - -on: - push: - schedule: - - cron: "0 6 * * 1" - workflow_dispatch: - -env: - ANSIBLE_WORKBENCH_BRANCH_NAME_BASE: "master" - ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT: "dev" - ANSIBLE_WORKBENCH_PUSH_FALLBACK_REV_RANGE: "8f9a7c315416747257b3ef2adfc425c63d85adf8..HEAD" - PROJECT_NAME: "ansible-workbench" - USER_NAME: "niall-byrne" - TEMPLATED_NAME: "flower-generator" - VERBOSE_NOTIFICATIONS: 0 - -jobs: - - _create_configuration: - - runs-on: ubuntu-latest - outputs: - configuration: ${{ steps.cookiecutter_configuration.outputs.json_value }} - - steps: - - name: Create Configuration -- Checkout Repository - uses: actions/checkout@v3 - - - name: Create Configuration -- Set Cookiecutter Configuration as Output - id: cookiecutter_configuration - run: | - { - echo "json_value<> $GITHUB_OUTPUT - - _start_notification: - - runs-on: ubuntu-latest - - steps: - - name: Start -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - - - name: Start -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Start -- Report Job Status on Success - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow has started!" - - - name: Start -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" - - _success_notification: - needs: [create_release] - - runs-on: ubuntu-latest - - steps: - - name: Success -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - - - name: Success -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Success -- Report Job Status on Success - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: all checks were successful!" - - - name: Success -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: error reporting job status!" - - commit_lint_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_SKIP_POETRY: 0 - ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 - strategy: - max-parallel: 4 - matrix: - python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} - - steps: - - name: Commit Lint Test -- Checkout Repository - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Commit Lint Test -- Setup Environment - run: | - source ./{{cookiecutter.project_slug}}/.github/scripts/setup.sh - source ./{{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Commit Lint Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Commit Lint Test -- Install Poetry - run: | - source ./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh "install-poetry" - - - name: Commit Lint Test -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - - - name: Commit Lint Test -- Mount Poetry Cache - uses: actions/cache@v3 - with: - key: poetry-${{ hashFiles('./pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Commit Lint Test -- Install Requirements - run: | - source ./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh "install-project" - - - name: Commit Lint Test -- Lint Pushed Commits - run: | - poetry run cz check --rev-range "${PUSHED_COMMIT_REV_RANGE}" - - - name: Commit Lint Test -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: commit lint checks succeeded!" - - - name: Commit Lint Test -- Report Job Status on Failure - if: failure() - run: | - ./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: commit lint checks failed!" - - create_release: - needs: [push_repository_test] - - runs-on: ubuntu-latest - - steps: - - name: Create Release -- Checkout Repository - uses: actions/checkout@v3 - - - name: Create Release -- Branch Filter - id: branch_filter - run: | - source ./{{cookiecutter.project_slug}}/.github/scripts/branch_filter.sh "${{ github.event.ref }}" - - - name: Create Release -- Checkout Repository (All Commits) - if: steps.branch_filter.outputs.match == 'TRUE' - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Create Release -- Setup Environment - if: steps.branch_filter.outputs.match == 'TRUE' - run: | - source ./{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Create Release -- Install Poetry - if: steps.branch_filter.outputs.match == 'TRUE' - run: | - source ./{{cookiecutter.project_slug}}/.github/scripts/poetry.sh "install-poetry" - - - name: Create Release -- Check 'pyproject.toml' Matches Tag - if: steps.branch_filter.outputs.match == 'TRUE' - run: | - source ./{{cookiecutter.project_slug}}/.github/scripts/version.sh - - - name: Create Release -- Generate Changelog - if: steps.branch_filter.outputs.match == 'TRUE' - run: - source ./{{cookiecutter.project_slug}}/.github/scripts/changelog.sh - - - name: Create Release -- Generate GitHub Release Draft - if: steps.branch_filter.outputs.match == 'TRUE' - id: create_release - uses: actions/github-script@v6 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const script = require('./{{cookiecutter.project_slug}}/.github/scripts/release.js'); - const body = process.env.CHANGE_LOG_CONTENT + "\n" + process.env.CHECK_LIST_CONTENT; - const tag = process.env.BRANCH_OR_TAG; - await script({ body, context, core, github, tag }) - env: - CHECK_LIST_CONTENT: | - ## Deployment Checklist - - [] Ensure master points to new tag - - - name: Create Release -- Report Job Status on Success - if: steps.branch_filter.outputs.match == 'TRUE' - run: | - ./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: automated release has been created!\nhttps://github.com/${USER_NAME}/${PROJECT_NAME}/releases" - - - name: Create Release -- Report Job Status on Failure - if: failure() - run: | - ./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: automated release creation has failed!" - - documentation_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_SKIP_POETRY: 1 - ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 - strategy: - max-parallel: 4 - matrix: - python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} - - steps: - - name: Documentation Test -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - - - name: Documentation Test -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Documentation Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Documentation Test -- Install Template Requirements - run: | - source ./template/.github/scripts/requirements.sh - - - name: Documentation Test -- Render Template - run: | - source ./template/.github/scripts/template.sh - - - name: Documentation Test -- Check Markdown Links For Template - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: - config-file: 'template/{{cookiecutter.project_slug}}/.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json' - use-quiet-mode: 'no' - use-verbose-mode: 'yes' - folder-path: 'template, template/.github/workflows' - max-depth: 1 - - - name: Documentation Test -- Check Markdown Links For Rendered Template - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: - config-file: 'template/{{cookiecutter.project_slug}}/.github/config/actions/gaurav-nelson-github-action-markdown-link-check.json' - use-quiet-mode: 'no' - use-verbose-mode: 'yes' - folder-path: ${{ env.TEMPLATED_NAME }} - max-depth: -1 - - - name: Documentation Test -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: documentation checks succeeded!" - - - name: Documentation Test -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: documentation checks failed!" - - molecule_lint_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_SKIP_POETRY: 0 - ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 0 - strategy: - max-parallel: 4 - matrix: - python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} - - steps: - - name: Molecule Lint Test -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - - - name: MMolecule Lint Test -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Molecule Lint Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Molecule Lint Test -- Install Template Requirements - run: | - source ./template/.github/scripts/requirements.sh - - - name: Molecule Lint Test -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - source ./template/{{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh \ - "$(pwd)/ansible_cache" \ - ~/.cache - - - name: Molecule Lint Test -- Mount Ansible Cache - uses: actions/cache@v3 - with: - key: ansible-${{ hashFiles('./template/{{cookiecutter.project_slug}}/requirements.yml') }}-${{ env.CACHE_TTL }} - path: ansible_cache - - - name: Molecule Lint Test -- Mount Poetry Cache - uses: actions/cache@v3 - with: - key: poetry-${{ hashFiles('./template/{{cookiecutter.project_slug}}/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Molecule Lint Test -- Render Template - run: | - source ./template/.github/scripts/template.sh - - - name: Molecule Lint Test -- Lint Rendered Template With Default Scenario - run: | - cd "${TEMPLATED_NAME}" - poetry run molecule lint - - - name: Molecule Lint Test -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: molecule linting checks succeeded!" - - - name: Molecule Lint Test -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: molecule linting checks failed!" - - precommit_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_SKIP_POETRY: 0 - ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 0 - strategy: - matrix: - python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} - cookiecutter-toml-selection: [1, 2] - - steps: - - - name: Pre-Commit Test -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - - - name: Pre-Commit Test -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Pre-Commit Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Pre-Commit Test -- Install Template Requirements - run: | - source ./template/.github/scripts/requirements.sh - - - name: Pre-Commit Test -- Install tomll - run: | - sudo apt-get install -y golang-github-pelletier-go-toml - - - name: Pre-Commit -- Initialize Cache Locations - run: | - mkdir -p ~/.cache/pypoetry/virtualenvs - source ./template/{{cookiecutter.project_slug}}/.github/scripts/ansible_cache.sh \ - "$(pwd)/ansible_cache" \ - ~/.cache - - - name: Pre-Commit -- Mount Ansible Cache - uses: actions/cache@v3 - with: - key: ansible-${{ hashFiles('./template/{{cookiecutter.project_slug}}/requirements.yml') }}-${{ env.CACHE_TTL }} - path: ansible_cache - - - name: Pre-Commit Test -- Mount Poetry Cache - uses: actions/cache@v3 - with: - key: poetry-${{ hashFiles('./template/{{cookiecutter.project_slug}}/pyproject.toml') }}-${{ runner.os }}-${{ env.CACHE_TTL }} - path: ~/.cache/pypoetry/virtualenvs - - - name: Pre-Commit Test -- Render Template - run: | - source ./template/.github/scripts/template.sh "${SELECTION_TOML}" "GitHub Action" "action@github.com" - env: - SELECTION_TOML: ${{ matrix.cookiecutter-toml-selection }} - - - name: Pre-Commit Test -- Test Commit Lint -- Expect Failure - run: | - source ./template/.github/scripts/test_precommit.sh "commit-lint" - - - name: Pre-Commit Test -- Test Molecule Lint -- Expect Failure - run: | - source ./template/.github/scripts/test_precommit.sh "molecule-lint" - - - name: Pre-Commit Test -- Test TOML Lint -- Expect Failure - if: matrix.cookiecutter-toml-selection == 1 - run: | - source ./template/.github/scripts/test_precommit.sh "toml-lint-1" - - - name: Pre-Commit Test -- Test TOML Lint -- Expect Success - if: matrix.cookiecutter-toml-selection == 1 - run: | - source ./template/.github/scripts/test_precommit.sh "toml-lint-2" - - - name: Pre-Commit Test -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: pre-commit hook test has passed!" - - - name: Pre-Commit Test -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: pre-commit hook test has failed!" - - push_repository_test: - needs: [_create_configuration, _start_notification, commit_lint_test, documentation_test, molecule_lint_test, precommit_test, security_test, shellcheck_test, toml_lint_test, yaml_lint_test] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_SKIP_POETRY: 1 - ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 - TEST_PUSH_TAG: "0.1.0" - strategy: - max-parallel: 4 - matrix: - cookiecutter-toml-selection: [1, 2] - python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} - - steps: - - name: Push Test -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - persist-credentials: false - - - name: Push Test -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Push Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Push Test -- Install Template Requirements - run: | - source ./template/.github/scripts/requirements.sh - - - name: Push Test -- Render Template - run: | - source ./template/.github/scripts/template.sh "${SELECTION_TOML}" "GitHub Action" "action@github.com" - env: - SELECTION_TOML: ${{ matrix.cookiecutter-toml-selection }} - - - name: Push Test -- Clean Up Test Releases - if: matrix.cookiecutter-toml-selection == 1 - run: | - source ./template/.github/scripts/prune_test_releases.sh - env: - GITHUB_TOKEN: ${{ secrets.REMOTE_TOKEN }} - REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} - - - name: Push Test -- Push To Test Repository (${{ env.ANSIBLE_WORKBENCH_BRANCH_NAME_BASE }}) - if: matrix.cookiecutter-toml-selection == 1 - run: | - source ./template/.github/scripts/test_push.sh "${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE}" - env: - REMOTE_TOKEN: ${{ secrets.REMOTE_TOKEN }} - REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} - - - name: Push Test -- Push To Test Repository (${{ env.TEST_PUSH_TAG }}) - if: matrix.cookiecutter-toml-selection == 1 - run: | - source ./template/.github/scripts/test_push.sh "${ANSIBLE_WORKBENCH_BRANCH_NAME_BASE}" "${TEST_PUSH_TAG}" - env: - REMOTE_TOKEN: ${{ secrets.REMOTE_TOKEN }} - REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} - - - name: Push Test -- Trigger Release Workflow Test - if: matrix.cookiecutter-toml-selection == 1 - run: | - gh workflow run -r "${TEST_PUSH_TAG}" -R "${REMOTE_ORIGIN}" release.yml -f "TAG=${TEST_PUSH_TAG}" - env: - GITHUB_TOKEN: ${{ secrets.REMOTE_TOKEN }} - REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} - - - name: Push Test -- Push To Test Repository (${{ env.ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT }}) - if: matrix.cookiecutter-toml-selection == 2 - run: | - source ./template/.github/scripts/test_push.sh "${ANSIBLE_WORKBENCH_BRANCH_NAME_DEVELOPMENT}" - env: - REMOTE_TOKEN: ${{ secrets.REMOTE_TOKEN }} - REMOTE_ORIGIN: ${{ secrets.REMOTE_ORIGIN }} - - - name: Push Test -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: push has been triggered!" - - - name: Push Test -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: push failed to trigger!" - - security_test: - - runs-on: ubuntu-latest - - steps: - - name: Security Test Repo -- Checkout Repository - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Security Test Repo -- Setup Environment - run: | - source ./{{cookiecutter.project_slug}}/.github/scripts/setup.sh - source ./{{cookiecutter.project_slug}}/.github/scripts/pushed_commit_range.sh - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Security Test -- Run Trufflehog - uses: trufflesecurity/trufflehog@v3.27.1 - with: - path: . - base: ${{ env.PUSHED_COMMIT_START }} - head: ${{ env.BRANCH_OR_TAG }} - - - name: Security Test Repo -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: security checks succeeded!" - - - name: Security Test Repo -- Report Job Status on Failure - if: failure() - run: | - ./{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: security checks failed!" - - shellcheck_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_SKIP_POETRY: 1 - ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 - strategy: - max-parallel: 4 - matrix: - python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} - - steps: - - name: Shellcheck -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - - - name: Shellcheck -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Shellcheck -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Shellcheck -- Install Template Requirements - run: | - source ./template/.github/scripts/requirements.sh - - - name: Shellcheck -- Render Template - run: | - source ./template/.github/scripts/template.sh - - - name: Shellcheck -- Shellcheck Scripts - run: | - shellcheck ./template/hooks/*.sh - shellcheck ./template/scripts/*.sh - shellcheck ./template/.github/scripts/*.sh - - - name: Shellcheck -- Shellcheck Rendered Scripts - run: | - cd "${TEMPLATED_NAME}" - shellcheck ./.github/scripts/*.sh - shellcheck -x ./.pre-commit/*.sh - - - name: Shellcheck -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: shellcheck checks succeeded!" - - - name: Shellcheck -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: shellcheck checks failed!" - - toml_lint_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_SKIP_POETRY: 1 - ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 - strategy: - max-parallel: 4 - matrix: - python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} - - steps: - - name: Toml Lint Test -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - - - name: Toml Lint Test -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - sudo apt-get install -y golang-github-pelletier-go-toml - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Toml Lint Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Toml Lint Test -- Install Template Requirements - run: | - source ./template/.github/scripts/requirements.sh - - - name: Toml Lint Test -- Render Template - run: | - source ./template/.github/scripts/template.sh - - - name: Toml Lint Test -- Run Linter On Template - run: | - cd "template" - find . -type f -name "*.toml" -exec tomll "{}" \; - git diff --exit-code - - - name: Toml Lint -- Run Linter On Rendered Template - run: | - cd "${TEMPLATED_NAME}" - find . -type f -name "*.toml" -exec tomll "{}" \; - git diff --exit-code - - - name: Toml Lint Test -- Report Job Status (Success) - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: toml linting was successful!" - - - name: Toml Lint Test -- Report Job Status (Failure) - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: toml linting has failed!" - - yaml_lint_test: - needs: [_create_configuration] - - runs-on: ubuntu-latest - env: - ANSIBLE_WORKBENCH_SKIP_POETRY: 1 - ANSIBLE_WORKBENCH_SKIP_PRECOMMIT: 1 - strategy: - max-parallel: 4 - matrix: - python-version: ${{ fromJson(needs._create_configuration.outputs.configuration)._GITHUB_CI_PYTHON_VERSIONS }} - cookiecutter-toml-selection: [1, 2] - - steps: - - name: Yaml Lint Test -- Checkout Repository - uses: actions/checkout@v3 - with: - path: 'template' - - - name: Yaml Lint Test -- Setup Environment - run: | - source ./template/{{cookiecutter.project_slug}}/.github/scripts/setup.sh - env: - WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - - name: Yaml Lint Test -- Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - - name: Yaml Lint Test-- Install Template Requirements - run: | - source ./template/.github/scripts/requirements.sh - - - name: Yaml Lint Test -- Render Template - run: | - source ./template/.github/scripts/template.sh "${SELECTION_TOML}" - env: - SELECTION_TOML: ${{ matrix.cookiecutter-toml-selection }} - - - name: Yaml Lint Test -- Lint Template GitHub Workflows - uses: ibiqlik/action-yamllint@v3 - with: - format: standard - file_or_dir: ./template/.github/workflows - config_file: ./${{ env.TEMPLATED_NAME }}/.yamllint.yml - - - name: Yaml Lint Test -- Lint Rendered GitHub Workflows - uses: ibiqlik/action-yamllint@v3 - with: - format: standard - file_or_dir: ./${{ env.TEMPLATED_NAME }}/.github/workflows/*.yml -c ./${{ env.TEMPLATED_NAME }}/.yamllint.yml - config_file: ./${{ env.TEMPLATED_NAME }}/.yamllint.yml - - - name: Yaml Lint Test -- Report Job Status on Success - if: env.VERBOSE_NOTIFICATIONS == '1' - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: YAML linting checks succeeded!" - - - name: Yaml Lint Test -- Report Job Status on Failure - if: failure() - run: | - ./template/{{cookiecutter.project_slug}}/.github/scripts/notifications.sh "${NOTIFICATION}" ":x: YAML linting checks failed!" diff --git a/.github/workflows/workflow-template-test.yml b/.github/workflows/workflow-template-test.yml new file mode 100644 index 00000000..3a7587e8 --- /dev/null +++ b/.github/workflows/workflow-template-test.yml @@ -0,0 +1,115 @@ +--- +name: ansible-workbench-workflow-template-test + +on: + push: + schedule: + - cron: "0 6 * * 1" + workflow_dispatch: + +# secrets: +# REMOTE_TOKEN: +# description: "GitHub token with access to the test repository." +# required: true +# REMOTE_ORIGIN: +# description: "Identifies the test repository as: owner/repository" +# required: true +# SLACK_WEBHOOK: +# description: "Optional, enables Slack notifications." +# required: false + +jobs: + + configuration: + + runs-on: ubuntu-latest + outputs: + configuration: ${{ steps.cookiecutter_configuration.outputs.json_value }} + + steps: + - name: Create Configuration -- Checkout Repository + uses: actions/checkout@v3 + + - name: Create Configuration -- Set Cookiecutter Configuration as Output + id: cookiecutter_configuration + run: | + source "./{{cookiecutter.project_slug}}/.github/scripts/workflow_json_value.sh" cat "cookiecutter.json" + + start: + uses: ./.github/workflows/.job-00-start.yml + secrets: inherit + + success: + needs: [create_release] + uses: ./.github/workflows/.job-00-success.yml + secrets: inherit + + security_test: + needs: [configuration] + uses: ./.github/workflows/.job-10-security.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + documentation_test: + needs: [configuration] + uses: ./.github/workflows/.job-30-documentation.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + molecule_lint_test: + needs: [configuration] + uses: ./.github/workflows/.job-40-molecule.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + precommit_test: + needs: [configuration] + uses: ./.github/workflows/.job-50-precommit.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + push_repository_test: + needs: [configuration, commit_lint_test, documentation_test, molecule_lint_test, precommit_test, security_test, shellcheck_test, start, toml_lint_test, yaml_lint_test] + uses: ./.github/workflows/.job-60-remote-push.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + commit_lint_test: + needs: [configuration] + uses: ./.github/workflows/.job-80-commit-lint.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + shellcheck_test: + needs: [configuration] + uses: ./.github/workflows/.job-80-shell-lint.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + toml_lint_test: + needs: [configuration] + uses: ./.github/workflows/.job-80-toml-lint.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + yaml_lint_test: + needs: [configuration] + uses: ./.github/workflows/.job-80-yaml-lint.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit + + create_release: + needs: [configuration, push_repository_test] + uses: ./.github/workflows/.job-99-create-release.yml + with: + CONFIGURATION: ${{ needs.configuration.outputs.configuration }} + secrets: inherit diff --git a/cookiecutter.json b/cookiecutter.json index bb13292d..1bc6e274 100644 --- a/cookiecutter.json +++ b/cookiecutter.json @@ -19,8 +19,9 @@ "_GITHUB_ACTION_TRUFFLEHOG": "trufflesecurity/trufflehog@v3.28.0", "_GITHUB_ACTION_YAMLLINT": "ibiqlik/action-yamllint@v3", "_GITHUB_CI_DEFAULT_CONCURRENCY": 4, - "_GITHUB_CI_PYTHON_VERSIONS": ["3.9"], + "_GITHUB_CI_DEFAULT_PYTHON_VERSIONS": ["3.9"], "_GITHUB_CI_MOLECULE_TEST_PLATFORMS": ["ubuntu-latest"], "_GITHUB_CI_MOLECULE_EXCLUDED_SCENARIOS_REGEX": "^default$|^noci-.*$", + "_GITHUB_CI_VERBOSE_NOTIFICATIONS": "0", "*DO_NOT_MODIFY_THIS_FILE*": "This file is created to assist with upgrading to future versions of this template." } diff --git a/{{cookiecutter.project_slug}}/.github/scripts/branch_filter.sh b/{{cookiecutter.project_slug}}/.github/scripts/release_candidate.sh similarity index 78% rename from {{cookiecutter.project_slug}}/.github/scripts/branch_filter.sh rename to {{cookiecutter.project_slug}}/.github/scripts/release_candidate.sh index e41dfc5b..27902459 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/branch_filter.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/release_candidate.sh @@ -1,6 +1,6 @@ #!/bin/bash -# .github/scripts/branch_filter.sh +# .github/scripts/release_candidate.sh # Evaluates if the current git reference is a release candidate. # 1: The git reference that created the workflow flow. @@ -18,7 +18,7 @@ main() { MATCH="TRUE" fi - echo "match=${MATCH}" >> "${GITHUB_OUTPUT}" + echo "release_candidate=${MATCH}" >> "${GITHUB_OUTPUT}" } diff --git a/{{cookiecutter.project_slug}}/.github/scripts/setup.sh b/{{cookiecutter.project_slug}}/.github/scripts/setup.sh index 969f558d..34d5c67d 100644 --- a/{{cookiecutter.project_slug}}/.github/scripts/setup.sh +++ b/{{cookiecutter.project_slug}}/.github/scripts/setup.sh @@ -10,7 +10,7 @@ set -eo pipefail main() { BRANCH_OR_TAG="$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///g' | sed 's/refs\/tags\///g')" - WORKFLOW_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" + WORKFLOW_URL="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" { echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" diff --git a/{{cookiecutter.project_slug}}/.github/workflows/push.yml b/{{cookiecutter.project_slug}}/.github/workflows/push.yml index 5360ae74..582c4f1d 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/push.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/push.yml @@ -190,38 +190,38 @@ jobs: - name: Create Release -- Branch Filter id: branch_filter run: | - source .github/scripts/branch_filter.sh "${{ github.event.ref }}" + source .github/scripts/release_candidate.sh "${{ github.event.ref }}" - name: Create Release -- Checkout Repository (All Commits) - if: steps.branch_filter.outputs.match == 'TRUE' + if: steps.branch_filter.outputs.release_candidate == 'TRUE' uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_CHECKOUT }}{% raw %} with: fetch-depth: 0 - name: Create Release -- Setup Environment - if: steps.branch_filter.outputs.match == 'TRUE' + if: steps.branch_filter.outputs.release_candidate == 'TRUE' run: | source ./.github/scripts/setup.sh env: WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - name: Create Release -- Install Poetry - if: steps.branch_filter.outputs.match == 'TRUE' + if: steps.branch_filter.outputs.release_candidate == 'TRUE' run: | source ./.github/scripts/poetry.sh "install-poetry" - name: Create Release -- Check 'pyproject.toml' Matches Tag - if: steps.branch_filter.outputs.match == 'TRUE' + if: steps.branch_filter.outputs.release_candidate == 'TRUE' run: | source ./.github/scripts/version.sh - name: Create Release -- Generate Changelog - if: steps.branch_filter.outputs.match == 'TRUE' + if: steps.branch_filter.outputs.release_candidate == 'TRUE' run: source ./.github/scripts/changelog.sh - name: Create Release -- Generate GitHub Release Draft - if: steps.branch_filter.outputs.match == 'TRUE' + if: steps.branch_filter.outputs.release_candidate == 'TRUE' id: create_release uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_SCRIPT }}{% raw %} with: @@ -233,7 +233,7 @@ jobs: await script({ body, context, core, github, tag }) - name: Create Release -- Report Job Status (Success) - if: steps.branch_filter.outputs.match == 'TRUE' + if: steps.branch_filter.outputs.release_candidate == 'TRUE' run: | ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: automated release has been created:\nhttps://github.com/${USER_NAME}/${PROJECT_NAME}/releases"