forked from simp/rubygem-simp-compliance_engine
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Clean up files distributed by puppetsync for various linters. Also fix a quoting issue in create-github-release action.
- Loading branch information
Showing
2 changed files
with
252 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
# Add new issues to triage project board (https://github.com/orgs/simp/projects/11) | ||
# ------------------------------------------------------------------------------ | ||
# | ||
# NOTICE: **This file is maintained with puppetsync** | ||
# | ||
# This file is updated automatically as part of a puppet module baseline. | ||
# | ||
# The next baseline sync will overwrite any local changes to this file! | ||
# | ||
# ============================================================================== | ||
# This pipeline uses the following GitHub Action Secrets: | ||
# | ||
# GitHub Secret variable Notes | ||
# ------------------------------- --------------------------------------- | ||
# AUTO_TRIAGE_TOKEN Token with appropriate permissions | ||
# | ||
# ------------------------------------------------------------------------------ | ||
# | ||
# | ||
--- | ||
name: Add new issues to triage project | ||
|
||
'on': | ||
issues: | ||
types: | ||
- opened | ||
- reopened | ||
pull_request_target: | ||
types: | ||
- opened | ||
|
||
jobs: | ||
add-to-project: | ||
name: Add issue to project | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/[email protected] | ||
with: | ||
project-url: https://github.com/orgs/simp/projects/11 | ||
github-token: ${{ secrets.AUTO_TRIAGE_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,212 @@ | ||
# Create GitHub release, build & publish .gem to rubygems.org on SemVer tag push | ||
# | ||
# This workflow's jobs are only triggered in repos under the `simp` organization | ||
# ------------------------------------------------------------------------------ | ||
# | ||
# NOTICE: **This file is maintained with puppetsync** | ||
# | ||
# This file is updated automatically as part of a standardized asset baseline. | ||
# | ||
# The next baseline sync will overwrite any local changes to this file! | ||
# | ||
# ============================================================================== | ||
# | ||
# This pipeline uses the following GitHub Action Secrets: | ||
# | ||
# GitHub Secret variable Type Notes | ||
# ------------------------ -------- ---------------------------------------- | ||
# RUBYGEMS_API_KEY Required | ||
# | ||
# ------------------------------------------------------------------------------ | ||
# | ||
# NOTES: | ||
# | ||
# * The CHANGELOG text is altered to remove RPM-style date headers, which don't | ||
# render well as markdown on the GitHub release pages | ||
# | ||
# * By default, the gem is built and released using the standard rake tasks | ||
# from "bundler/gem_tasks". To override these, create a JSON file at | ||
# `.github/workflows.local.json`, using the following format: | ||
# | ||
# { | ||
# "gem_build_command": "bundle exec rake build", | ||
# "gem_release_command": "bundle exec rake build release:rubygem_push", | ||
# "gem_pkg_dir": "pkg" | ||
# } | ||
# | ||
# All keys are optional. | ||
# | ||
--- | ||
name: 'Tag: Release to GitHub + rubygems.org (no RPMS)' | ||
|
||
'on': | ||
push: | ||
tags: | ||
# NOTE: These filter patterns aren't actually regexes: | ||
# https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet | ||
- '[0-9]+\.[0-9]+\.[0-9]+' | ||
- '[0-9]+\.[0-9]+\.[0-9]+\-[a-z]+[0-9]+' | ||
|
||
env: | ||
PUPPET_VERSION: '~> 8' | ||
LOCAL_WORKFLOW_CONFIG_FILE: .github/workflows.local.json | ||
|
||
jobs: | ||
releng-checks: | ||
name: "RELENG checks" | ||
if: github.repository_owner == 'simp' | ||
runs-on: ubuntu-latest | ||
outputs: | ||
build_command: ${{ steps.commands.outputs.build_command }} | ||
release_command: ${{ steps.commands.outputs.release_command }} | ||
pkg_dir: ${{ steps.commands.outputs.pkg_dir }} | ||
steps: | ||
- name: "Assert '${{ github.ref }}' is a tag" | ||
run: '[[ "$GITHUB_REF" =~ ^refs/tags/ ]] || { echo "::error ::GITHUB_REF is not a tag: ${GITHUB_REF}"; exit 1 ; }' | ||
- uses: actions/checkout@v3 | ||
with: | ||
ref: ${{ github.ref }} | ||
clean: true | ||
- name: Determine build and release commands | ||
id: commands | ||
run: | | ||
# By default, this is the standard task from "bundler/gem_tasks" | ||
# To override it, add the new command to LOCAL_WORKFLOW_CONFIG_FILE | ||
GEM_BUILD_COMMAND='bundle exec rake build' | ||
GEM_RELEASE_COMMAND='bundle exec rake build release:rubygem_push' | ||
GEM_PKG_DIR='pkg' | ||
if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \ | ||
grep -w '"gem_pkg_dir"' &> /dev/null; then | ||
GEM_PKG_DIR="$(jq -r .gem_pkg_dir "$LOCAL_WORKFLOW_CONFIG_FILE" )" | ||
fi | ||
if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \ | ||
grep -w '"gem_build_command"' &> /dev/null; then | ||
GEM_BUILD_COMMAND="$(jq -r .gem_build_command "$LOCAL_WORKFLOW_CONFIG_FILE" )" | ||
fi | ||
if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \ | ||
grep -w '"gem_release_command"' &> /dev/null; then | ||
GEM_RELEASE_COMMAND="$(jq -r .gem_release_command "$LOCAL_WORKFLOW_CONFIG_FILE" )" | ||
fi | ||
echo "build_command=$GEM_BUILD_COMMAND" | tee -a "$GITHUB_OUTPUT" | ||
echo "pkg_dir=$GEM_PKG_DIR" | tee -a "$GITHUB_OUTPUT" | ||
echo "release_command=$GEM_RELEASE_COMMAND" | tee -a "$GITHUB_OUTPUT" | ||
- uses: ruby/setup-ruby@v1 | ||
with: | ||
ruby-version: 2.7 | ||
bundler-cache: true | ||
- name: Test build the package | ||
run: "${{ steps.commands.outputs.build_command }}" | ||
- name: "Assert '${{ github.ref }}' matches the package version" | ||
run: | | ||
tag="${GITHUB_REF/refs\/tags\//}" | ||
[ -d "${{ steps.commands.outputs.pkg_dir }}" ] || \ | ||
{ echo "::error ::No directory found at ${{ steps.commands.outputs.pkg_dir }}/" ; exit 3 ; } | ||
ls -1 "${{ steps.commands.outputs.pkg_dir }}"/*.gem || \ | ||
{ echo "::error ::No gem file found at ${{ steps.commands.outputs.pkg_dir }}/*.gem" ; exit 2 ; } | ||
[ -f "${{ steps.commands.outputs.pkg_dir }}"/*-${tag}.gem ] || \ | ||
{ echo "::error ::tag '${tag}' does not match package $(ls -1 ${{ steps.commands.outputs.pkg_dir }}/*.gem)"; exit 1 ; } | ||
create-github-release: | ||
name: Deploy GitHub Release | ||
needs: | ||
- releng-checks | ||
if: github.repository_owner == 'simp' | ||
runs-on: ubuntu-latest | ||
outputs: | ||
prerelease: ${{ steps.tag-check.outputs.prerelease }} | ||
tag: ${{ steps.tag-check.outputs.tag }} | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: ${{ github.ref }} | ||
clean: true | ||
fetch-depth: 0 | ||
|
||
- name: Get tag & annotation info (${{github.ref}}) | ||
id: tag-check | ||
run: | | ||
tag="${GITHUB_REF/refs\/tags\//}" | ||
annotation="$(git for-each-ref "$GITHUB_REF" --format='%(contents)' --count=1)" | ||
annotation_title="$(echo "$annotation" | head -1)" | ||
if [[ "$tag" =~ ^(simp-|v)?[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta|pre|post)?([0-9]+)?)?$ ]]; then | ||
if [ -n "${BASH_REMATCH[2]}" ]; then | ||
prerelease=yes | ||
annotation_title="Pre-release of ${tag}" | ||
fi | ||
else | ||
printf '::error ::Release Tag format is not SemVer, X.Y.Z-R, X.Y.Z-<prerelease>: "%s"\n' "$RELEASE_TAG" | ||
exit 88 | ||
fi | ||
echo "tag=$tag" | tee -a "$GITHUB_OUTPUT" | ||
echo "prerelease=$prerelease" | tee -a "$GITHUB_OUTPUT" | ||
echo "TARGET_TAG=$tag" | tee -a "$GITHUB_ENV" | ||
# Prepare annotation body as a file for the next step | ||
# | ||
# * The GitHub Release renders the text in this file as markdown | ||
# * The `perl -pe` removes RPM-style date headers from the CHANGELOG, | ||
# because they don't render well as markdown on the Release page | ||
echo "RELEASE_MESSAGE<<EOF$$" >> "$GITHUB_ENV" | ||
printf '%s\n\n' "$annotation_title" >> "$GITHUB_ENV" | ||
echo "$annotation" | tail -n +2 | \ | ||
perl -pe 'BEGIN{undef $/;} s/\n\* (Mon|Tue|Wed|Thu|Fri|Sat|Sun) .*?\n//smg;' >> "$GITHUB_ENV" | ||
echo "EOF$$" >> "$GITHUB_ENV" | ||
- name: Create Release | ||
id: create_release | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
IS_PRERELEASE: ${{ steps.tag-check.outputs.prerelease }} | ||
run: | | ||
echo "${RELEASE_MESSAGE}" > /tmp/.commit-msg.txt | ||
args=(-F /tmp/.commit-msg.txt) | ||
[[ "$IS_PRERELEASE" == yes ]] && args+=(--prerelease) | ||
gh release create ${args[@]} "$TARGET_TAG" | ||
deploy-rubygem: | ||
name: Deploy RubyGem Release | ||
needs: | ||
- releng-checks | ||
- create-github-release | ||
if: (github.repository_owner == 'simp') && (needs.create-github-release.outputs.prerelease != 'yes') | ||
runs-on: ubuntu-latest | ||
env: | ||
RUBYGEMS_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }} | ||
BUILD_COMMAND: ${{ needs.releng-checks.outputs.build_command }} | ||
RELEASE_COMMAND: ${{ needs.releng-checks.outputs.release_command }} | ||
PKG_DIR: ${{ needs.releng-checks.outputs.pkg_dir }} | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: ${{ github.ref }} | ||
clean: true | ||
- uses: ruby/setup-ruby@v1 | ||
with: | ||
ruby-version: 2.7 | ||
bundler-cache: true | ||
- name: Build RubyGem | ||
run: | | ||
echo "Setting up file permissions..." | ||
chmod -R go=u-w . | ||
echo "Running '$BUILD_COMMAND'..." | ||
$BUILD_COMMAND | ||
- name: Release RubyGem | ||
run: | | ||
echo "Setting up gem credentials..." | ||
mkdir -p ~/.gem | ||
cat << EOF > ~/.gem/credentials | ||
--- | ||
:rubygems_api_key: ${RUBYGEMS_API_KEY} | ||
EOF | ||
chmod 0600 ~/.gem/credentials | ||
echo "Running '$RELEASE_COMMAND'..." | ||
$RELEASE_COMMAND |