ci(GITHUB): upgrade workflows and notifications

osx-provisioner · Jun 19, 2021 · bf2e75f · bf2e75f
1 parent 6698b53
commit bf2e75f
Show file tree

Hide file tree

Showing 7 changed files with 34 additions and 33 deletions.
diff --git a/.github/scripts/setup.sh b/.github/scripts/setup.sh
@@ -5,10 +5,11 @@
 main() {
   BRANCH_OR_TAG="$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///g' | sed 's/refs\/tags\///g')"
   PROJECT_NAME="profile-generator"
+  WORKFLOW_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
   echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" >> "$GITHUB_ENV"
   echo "WEBHOOK_URL=${WEBHOOK_URL}" >> "$GITHUB_ENV"
   echo "PROJECT_NAME=${PROJECT_NAME}" >> "$GITHUB_ENV"
-  echo "NOTIFICATION=${PROJECT_NAME} [${BRANCH_OR_TAG}]" >> "$GITHUB_ENV"
+  echo "NOTIFICATION=${PROJECT_NAME} [<${WORKFLOW_URL}|${BRANCH_OR_TAG}>]" >> "$GITHUB_ENV"
   echo "USERNAME=osx-provisioner" >> "$GITHUB_ENV"
   echo "TEMPLATED_NAME=profile-example" >> "$GITHUB_ENV"
 }

diff --git a/.github/workflows/self-test.yml b/.github/workflows/self-test.yml
@@ -191,7 +191,7 @@ jobs:
 
       - name: Create Release -- Generate Changelog
         if: contains(github.ref, '/tags/v')
-        uses: scottbrenner/generate-changelog-action@1.0.3
+        uses: scottbrenner/generate-changelog-action@v1.3.1
         id: Changelog
         env:
           REPO: ${{ github.repository }}
@@ -310,10 +310,6 @@ jobs:
   workflow_lint_test:
 
     runs-on: ubuntu-latest
-    strategy:
-      max-parallel: 4
-      matrix:
-        python-version: [3.8]
 
     steps:
 
@@ -333,13 +329,19 @@ jobs:
         env:
           WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
 
-      - name: Workflow Lint -- Lint Workflows
-        run: |
-          yamllint -f standard ./template/.github/workflows -c ./${TEMPLATED_NAME}/profile/.yamllint
+      - name: Workflow Lint -- Lint Template Workflows
+        uses: ibiqlik/action-yamllint@v3
+        with:
+          format: standard
+          file_or_dir: ./template/.github/workflows
+          config_file: ./${{ env.TEMPLATED_NAME }}/profile/.yamllint.yml
 
-      - name: Workflow Lint -- Lint Rendered Template Workflows
-        run: |
-          yamllint -f standard ./${TEMPLATED_NAME}/.github/workflows/*.yml -c ./${TEMPLATED_NAME}/profile/.yamllint
+      - name: Workflow Lint -- Lint Rendered Workflows
+        uses: ibiqlik/action-yamllint@v3
+        with:
+          format: standard
+          file_or_dir: ./${{ env.TEMPLATED_NAME }}/.github/workflows/
+          config_file: ./${{ env.TEMPLATED_NAME }}/profile/.yamllint.yml
 
       - name: Workflow Lint -- Report Job Status on Success
         run: |

diff --git a/cookiecutter.json b/cookiecutter.json
@@ -9,5 +9,10 @@
         "profile/vars/*.yml",
         "profile/tasks/post_install/*.yml",
         "profile/handlers/*.yml"
-    ]
+    ],
+    "_GITHUB_ACTION_MARKDOWN_LINK_CHECK": "gaurav-nelson/[email protected]",
+    "_GITHUB_GENERATE_CHANGELOG_ACTION": "scottbrenner/[email protected]",
+    "_GITHUB_GITLEAKS_ACTION": "zricethezav/[email protected]",
+    "_GITHUB_YAMLLINT_ACTION": "ibiqlik/action-yamllint@v3"
 }
+
diff --git a/{{cookiecutter.profile_slug}}/.github/scripts/setup.sh b/{{cookiecutter.profile_slug}}/.github/scripts/setup.sh
@@ -5,10 +5,11 @@
 main() {
   BRANCH_OR_TAG="$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///g' | sed 's/refs\/tags\///g')"
   PROJECT_NAME="{{cookiecutter.profile_slug}}"
+  WORKFLOW_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
   echo "BRANCH_OR_TAG=${BRANCH_OR_TAG}" >> "$GITHUB_ENV"
   echo "WEBHOOK_URL=${WEBHOOK_URL}" >> "$GITHUB_ENV"
   echo "PROJECT_NAME=${PROJECT_NAME}" >> "$GITHUB_ENV"
-  echo "NOTIFICATION=${PROJECT_NAME} [${BRANCH_OR_TAG}]" >> "$GITHUB_ENV"
+  echo "NOTIFICATION=${PROJECT_NAME} [<${WORKFLOW_URL}|${BRANCH_OR_TAG}>]" >> "$GITHUB_ENV"
   echo "USERNAME={{cookiecutter.github_handle}}" >> "$GITHUB_ENV"
 }
 

diff --git a/{{cookiecutter.profile_slug}}/.github/workflows/push.yml b/{{cookiecutter.profile_slug}}/.github/workflows/push.yml
@@ -69,7 +69,7 @@ jobs:
           WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
 
       - name: Documentation Test -- Documentation Validation
-        uses: gaurav-nelson/[email protected]
+        uses: {% endraw %}{{ cookiecutter._GITHUB_ACTION_MARKDOWN_LINK_CHECK }}{% raw %}
         with:
           use-quiet-mode: 'no'
           use-verbose-mode: 'yes'
@@ -105,7 +105,7 @@ jobs:
 
       - name: Release -- Generate Changelog
         if: contains(github.ref, '/tags/v')
-        uses: scottbrenner/[email protected]
+        uses: {% endraw %}{{ cookiecutter._GITHUB_GENERATE_CHANGELOG_ACTION }}{% raw %}
         id: Changelog
         env:
           REPO: ${{ github.repository }}
@@ -155,7 +155,7 @@ jobs:
           WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
 
       - name: Security Test -- Run Gitleaks
-        uses: zricethezav/gitleaks-action@master
+        uses: {% endraw %}{{ cookiecutter._GITHUB_GITLEAKS_ACTION }}{% raw %}
 
       - name: Security Test -- Check Dependencies
         run: |
@@ -172,39 +172,31 @@ jobs:
         run: |
           ./.github/scripts/notifications.sh "${NOTIFICATION}" ":x: security checks failed!"
 
-  workflow_lint:
+  workflow_lint_test:
 
     runs-on: ubuntu-latest
-    strategy:
-      max-parallel: 4
-      matrix:
-        python-version: [3.8]
 
     steps:
-
       - name: Workflow Lint -- Checkout Repository
         uses: actions/checkout@v1
-      - name: Workflow Lint -- Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v1
-        with:
-          python-version: ${{ matrix.python-version }}
 
       - name: Workflow Lint -- Setup Environment
         run: |
           source ./.github/scripts/setup.sh
         env:
           WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
-      - name: Workflow Lint -- Install Requirements
-        run: |
-          pip install yamllint
 
       - name: Workflow Lint -- Run Linter
-        run: |
-          yamllint .github/workflows -c ./profile/.yamllint -f standard
+        uses: {% endraw %}{{ cookiecutter._GITHUB_YAMLLINT_ACTION }}{% raw %}
+        with:
+          format: standard
+          file_or_dir: ./.github/workflows
+          config_file: ./profile/.yamllint.yml
 
       - name: Workflow Lint -- Report Job Status (Success)
         run: |
           ./.github/scripts/notifications.sh "${NOTIFICATION}" ":white_check_mark: workflow linting was successful!"
+
       - name: Workflow Lint -- Report Job Status (Failure)
         if: failure()
         run: |

diff --git a/{{cookiecutter.profile_slug}}/README.md b/{{cookiecutter.profile_slug}}/README.md
@@ -51,7 +51,7 @@ There some configuration files you can fine tune as you see fit, they require mo
 
  - [.ansible-lint](profile/.ansible-lint)
    - This is configuration for [ansible-lint](https://ansible-lint.readthedocs.io/en/latest/), which is used in the included GitHub CI pipeline.
- - [.yamllint](profile/.yamllint)               
+ - [.yamllint.yml](profile/.yamllint.yml)               
    - This is configuration for [yamllint](https://yamllint.readthedocs.io/en/stable/), which is used in the included GitHub CI pipeline.
 
 ## Profile Precheck Folder

diff --git a/...iecutter.profile_slug}}/profile/.yamllint → ...tter.profile_slug}}/profile/.yamllint.yml b/...iecutter.profile_slug}}/profile/.yamllint → ...tter.profile_slug}}/profile/.yamllint.yml