Skip to content
This repository has been archived by the owner on Jun 19, 2023. It is now read-only.

Commit

Permalink
build(COOKIECUTTER): update templated workflows to latest
Browse files Browse the repository at this point in the history
  • Loading branch information
@niall-byrne
niall-byrne committed Jun 8, 2021
1 parent 453ca82 commit 496273b
Show file tree
Hide file tree
Showing 5 changed files with 140 additions and 79 deletions.
12 changes: 12 additions & 0 deletions .cookiecutter/cookiecutter.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
{
"_template": "https://github.com/shared-vision-solutions/ansible-workbench.git",
"author": "Niall Byrne",
"company": "Shared Vision Solutions",
"description": "Ansible role that installs ClamAV antivirus on OSX machines.",
"email": "[email protected]",
"galaxy_namespace_slug": "osx_provisioner",
"galaxy_role_slug": "clamav",
"github_handle": "osx-provisioner",
"project_name": "role-clamav",
"project_slug": "role-clamav"
}
177 changes: 111 additions & 66 deletions .github/workflows/push.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,56 +10,21 @@ on:

jobs:


build:
documentation_test:

runs-on: ubuntu-latest
strategy:
max-parallel: 4
matrix:
python-version: [3.7]

steps:
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}

- name: Build -- Checkout Repository
- name: Documentation Test -- Checkout Repository
uses: actions/checkout@v1

- name: Build -- Setup Environment
- name: Documentation Test -- Setup Environment
run: |
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
- name: Create Results File
run: |
touch /tmp/results.yml
- name: Build -- Install Requirements
run: |
pip install poetry
poetry install
- name: Build -- Run Linter
run: |
poetry run molecule lint
- name: Build -- Report Job Status (Success)
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "build was successful!"
- name: Build -- Report Job Status (Failure)
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "build has failed!"
documentation_test:

runs-on: ubuntu-latest

steps:
- name: Documentation Test -- Checkout Repository
uses: actions/checkout@v1
- name: Documentation Test -- Documentation Validation
uses: gaurav-nelson/[email protected]
with:
Expand All @@ -70,10 +35,11 @@ jobs:
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "documentation test has passed!"
- name: Documentation Test -- Report Failure
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "documentation test has failed!"
security_test:
molecule_lint:

runs-on: ubuntu-latest
strategy:
Expand All @@ -82,55 +48,57 @@ jobs:
python-version: [3.7]

steps:
- name: Security Test -- Set up Python ${{ matrix.python-version }}

- name: Molecule Lint -- Checkout Repository
uses: actions/checkout@v1
- name: Molecule Lint -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}

- name: Security Test -- Checkout Repository
uses: actions/checkout@v1

- name: Security Test -- Check Dependencies
- name: Molecule Lint -- Setup Environment
run: |
pip install safety poetry
pip install --upgrade pip
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
- name: Molecule Lint -- Install Requirements
run: |
pip install poetry
poetry install
safety check
# There is no substitute for the feedback from another human.
- name: Security Test -- Run Gitleaks
uses: zricethezav/gitleaks-action@master
- name: Molecule Lint -- Run Linter
run: |
poetry run molecule lint
- name: Shellcheck -- Report Job Status on Success
- name: Molecule Lint -- Report Job Status (Success)
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "security checks succeeded!"
- name: Shellcheck -- Report Job Status on Failure
./.github/scripts/notifications.sh "${NOTIFICATION}" "molecule linting was successful!"
- name: Molecule Lint -- Report Job Status (Failure)
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "security checks failed!"
./.github/scripts/notifications.sh "${NOTIFICATION}" "molecule linting has failed!"
release:
needs: [documentation_test, security_test]
needs: [molecule_lint, documentation_test, security_test]

runs-on: ubuntu-latest

steps:
- name: Release -- Checkout

- name: Release -- Checkout Repository
if: contains(github.ref, '/tags/v')
uses: actions/checkout@v1

- name: Release -- Setup Environment
run: |
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Release -- Prepare Content
if: contains(github.ref, '/tags/v')
run: |
source ./.github/scripts/setup.sh
NEWTAG=${BRANCH_OR_TAG}
echo "NEWTAG=${NEWTAG}" >> $GITHUB_ENV
echo "{}" > package.json
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Release -- Generate Changelog
if: contains(github.ref, '/tags/v')
uses: scottbrenner/[email protected]
Expand All @@ -153,10 +121,87 @@ jobs:
- name: Release -- Report Job Status (Success)
if: contains(github.ref, '/tags/v')
run: |
./.github/scripts/notifications.sh \
"${NOTIFICATION}" \
"automated release has been created: https://github.com/${USERNAME}/${PROJECT_NAME}/releases"
./.github/scripts/notifications.sh "${NOTIFICATION}" "automated release has been created:\nhttps://github.com/${USERNAME}/${PROJECT_NAME}/releases"
- name: Release -- Report Job Status (Failure)
if: failure() && contains(github.ref, '/tags/v')
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "automated release generation failed!"
security_test:

runs-on: ubuntu-latest
strategy:
max-parallel: 4
matrix:
python-version: [3.7]

steps:

- name: Security Test -- Checkout Repository
uses: actions/checkout@v1
- name: Security Test -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}

- name: Security Test -- Setup Environment
run: |
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

- name: Security Test -- Run Gitleaks
uses: zricethezav/gitleaks-action@master

- name: Security Test -- Check Dependencies
run: |
pip install safety poetry
pip install --upgrade pip
poetry install
safety check
- name: Security Test -- Report Job Status on Success
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "security checks succeeded!"
- name: Security Test -- Report Job Status on Failure
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "security checks failed!"
workflow_lint:

runs-on: ubuntu-latest
strategy:
max-parallel: 4
matrix:
python-version: [3.7]

steps:

- name: Workflow Lint -- Checkout Repository
uses: actions/checkout@v1
- name: Workflow Lint -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}

- name: Workflow Lint -- Setup Environment
run: |
source ./.github/scripts/setup.sh
env:
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
- name: Workflow Lint -- Install Requirements
run: |
pip install yamllint
- name: Workflow Lint -- Run Linter
run: |
yamllint .github/workflows
- name: Workflow Lint -- Report Job Status (Success)
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "workflow linting was successful!"
- name: Workflow Lint -- Report Job Status (Failure)
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "workflow linting has failed!"
13 changes: 7 additions & 6 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,10 +25,6 @@ jobs:
python-version: [3.7]

steps:
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}

- name: Publish to Galaxy -- Code Checkout (workflow dispatch)
if: github.event_name == 'workflow_dispatch'
Expand All @@ -42,6 +38,11 @@ jobs:
with:
fetch-depth: 0

- name: Publish to Galaxy -- Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}

- name: Publish to Galaxy -- Setup Environment
run: |
source .github/scripts/setup.sh
Expand All @@ -60,8 +61,8 @@ jobs:

- name: Publish to Galaxy -- Report Job Status (Success)
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "automated galaxy import has been completed!"
./.github/scripts/notifications.sh "${NOTIFICATION}" "automated ansible galaxy import has been completed!"
- name: Publish to Galaxy -- Report Job Status (Failure)
if: failure()
run: |
./.github/scripts/notifications.sh "${NOTIFICATION}" "automated galaxy import has failed!"
./.github/scripts/notifications.sh "${NOTIFICATION}" "automated ansible galaxy import has failed!"
13 changes: 9 additions & 4 deletions .yamllint
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,18 +21,23 @@ rules:
indentation:
spaces: consistent
indent-sequences: true
level: error
comments: disable
comments-indentation: disable
document-start: enable
document-start:
level: error
empty-lines:
max: 3
level: error
hyphens:
level: error
key-duplicates: enable
key-duplicates:
level: error
line-length: disable
new-line-at-end-of-file: enable
new-line-at-end-of-file:
level: error
new-lines:
type: unix
trailing-spaces: enable
trailing-spaces:
level: error
truthy: disable
4 changes: 1 addition & 3 deletions meta/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,19 +3,17 @@ galaxy_info:
role_name: clamav
namespace: osx_provisioner
author: Niall Byrne
description: Installs and configures ClamAV, with a simple realtime scan daemon.
description: Ansible role that installs ClamAV antivirus on OSX machines.
company: Shared Vision Solutions
license: MPL-2
platforms:
- name: MacOSX
versions:
- '11.3'
- '10.15'
- '10.14'
min_ansible_version: 3.3.0
galaxy_tags:
- osx
- mac
- antivirus
- clamav

Expand Down

0 comments on commit 496273b

Please sign in to comment.