Skip to content

Commit

Permalink
ci: replace github workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
Ahmad Nassri committed Oct 22, 2021
1 parent 5d98f10 commit 75b6771
Show file tree
Hide file tree
Showing 8 changed files with 313 additions and 264 deletions.
15 changes: 0 additions & 15 deletions .github/workflows/auto-merge.yml
View file

This file was deleted.

13 changes: 0 additions & 13 deletions .github/workflows/commit-lint.yml
View file

This file was deleted.

79 changes: 79 additions & 0 deletions .github/workflows/pull_request_target.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
# ------------------------------------------------------------- #
# Note: this file is automatically managed in template-template #
# ------------------------------------------------------------- #

on: pull_request_target

name: pull_request_target

permissions:
pull-requests: write
contents: write

jobs:
metadata:
runs-on: ubuntu-latest

outputs:
repository: ${{ steps.metadata.outputs.repository }}

steps:
- uses: actions/[email protected]

- uses: ahmadnassri/action-metadata@v1
id: metadata

auto-merge:
timeout-minutes: 5

runs-on: ubuntu-latest

# only run for dependabot PRs
if: ${{ github.actor == 'dependabot[bot]' }}

env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

steps:
- id: dependabot
uses: dependabot/[email protected]
with:
github-token: ${{ secrets.GITHUB_TOKEN }}

- name: auto merge conditions
id: auto-merge
if: |
(
steps.dependabot.outputs.update-type == 'version-update:semver-patch' &&
contains('direct:production,indirect:production', steps.dependabot.outputs.dependency-type)
) || (
steps.dependabot.outputs.update-type == 'version-update:semver-minor' &&
contains('direct:development,indirect:development', steps.dependabot.outputs.dependency-type)
)
run: echo "::notice ::auto-merge conditions satisfied"

- name: auto approve pr
if: ${{ steps.auto-merge.conclusion == 'success' }}
run: |
gh pr review --approve "$PR_URL"
gh pr merge --auto --rebase "$PR_URL"
template-sync:
needs: metadata

timeout-minutes: 20

runs-on: ubuntu-latest

# only run for templates
if: ${{ fromJSON(needs.metadata.outputs.repository).is_template }}

steps:
- uses: actions/[email protected]
with:
ref: ${{ github.event.pull_request.head.ref }}
- uses: ahmadnassri/[email protected]
- uses: ahmadnassri/[email protected]
with:
github-token: ${{ secrets.GH_TOKEN }}
234 changes: 234 additions & 0 deletions .github/workflows/push.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,234 @@
# ----------------------------------------------- #
# Note: this file originates in template-node-lib #
# ----------------------------------------------- #

on:
- push
- workflow_dispatch

name: push

jobs:
metadata:
runs-on: ubuntu-latest

outputs:
repository: ${{ steps.metadata.outputs.repository }}
dockerfile: ${{ steps.dockerfile.outputs.exists }}

steps:
- uses: actions/[email protected]

- id: metadata
uses: ahmadnassri/action-metadata@v1

- id: dockerfile
run: |
[[ -f "${{ github.workspace }}/Dockerfile" ]] && echo '::set-output name=exists::yes'
commit-lint:
timeout-minutes: 5

runs-on: ubuntu-latest

steps:
- uses: actions/[email protected]

- uses: ahmadnassri/action-commit-lint@v1
with:
config: .github/linters/.commit-lint.yml

super-linter:
timeout-minutes: 5

runs-on: ubuntu-latest

steps:
- uses: actions/[email protected]
with:
fetch-depth: 0

- uses: github/super-linter/slim@v4
env:
LOG_LEVEL: ERROR
VALIDATE_JSCPD: 'false'
VALIDATE_ALL_CODEBASE: 'false'
IGNORE_GITIGNORED_FILES: 'true'
FILTER_REGEX_EXCLUDE: '/github/workspace/README.md|test/fixtures/*'
GITHUB_TOKEN: ${{ github.token }}

npm-audit:
timeout-minutes: 5

runs-on: ubuntu-latest

defaults:
run:
working-directory: ${{ github.workspace }}/action

steps:
- uses: actions/[email protected]

- uses: actions/[email protected]

- run: npm audit --audit-level=critical

test:
timeout-minutes: 5

runs-on: ubuntu-latest

defaults:
run:
working-directory: ${{ github.workspace }}/action

steps:
- uses: actions/[email protected]
with:
node-version: 12

- uses: actions/[email protected]
with:
submodules: true

- run: npm ci
- run: npm run test:ci

release:
needs:
- metadata
- test

# only runs on main branch for non template repos
if: ${{ github.ref == 'refs/heads/master' && !fromJSON(needs.metadata.outputs.repository).is_template }}

timeout-minutes: 20

runs-on: ubuntu-latest

outputs:
published: ${{ steps.release.outputs.published }}
release-version: ${{ steps.release.outputs.release-version }}
release-version-major: ${{ steps.release.outputs.release-version-major }}
release-version-minor: ${{ steps.release.outputs.release-version-minor }}

steps:
- uses: actions/[email protected]
with:
submodules: true

- id: release
uses: ahmadnassri/action-semantic-release@v1
with:
config: ${{ github.workspace }}/.semantic.json
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}

alias:
needs: release

if: ${{ needs.release.outputs.published == 'true' }}

runs-on: ubuntu-latest
strategy:
matrix:
alias:
- version: v${{ needs.release.outputs.release-version-major }}
- version: v${{ needs.release.outputs.release-version-major }}.${{ needs.release.outputs.release-version-minor }}

steps:
- uses: actions/github-script@v3
with:
script: |
const tag = 'tags/${{ matrix.alias.version }}'
const repo = {
owner: context.repo.owner,
repo: context.repo.repo
}
await github.git.deleteRef({ ...repo, ref: tag }).catch(() => {})
await github.git.createRef({ ...repo, ref: `refs/${tag}` , sha: process.env.GITHUB_SHA })
publish-docker:
needs:
- release
- metadata

timeout-minutes: 5

runs-on: ubuntu-latest

if: ${{ needs.metadata.outputs.dockerfile == 'yes' }}

steps:
- uses: actions/[email protected]
with:
submodules: true

- uses: actions/[email protected]
with:
path: /tmp/.buildx-cache
key: buildx-${{ github.sha }}
restore-keys: buildx-

- uses: docker/setup-qemu-action@v1
- uses: docker/setup-buildx-action@v1

# login to docker hub
- uses: docker/login-action@v1
with:
username: ${{ github.repository_owner }}
password: ${{ secrets.DOCKER_TOKEN }}

# login to github container registry
- uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GH_TOKEN }}

- id: hub
run: |
echo "::set-output name=name::$(basename "${GITHUB_REPOSITORY/node-//}")"
echo "::set-output name=version::${{ needs.release.outputs.release-version }}"
# publish
- uses: docker/build-push-action@v2
with:
push: true
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
tags: |
${{ github.repository_owner }}/${{ steps.hub.outputs.name }}:latest
${{ github.repository_owner }}/${{ steps.hub.outputs.name }}:${{ steps.hub.outputs.release-version }}
ghcr.io/${{ github.repository_owner }}/${{ steps.hub.outputs.name }}:latest
ghcr.io/${{ github.repository_owner }}/${{ steps.hub.outputs.name }}:${{ steps.hub.outputs.release-version }}
labels: |
org.opencontainers.image.title=${{ steps.hub.outputs.name }}
org.opencontainers.image.url=${{ github.event.repository.html_url }}
org.opencontainers.image.version=${{ steps.hub.outputs.release-version }}
org.opencontainers.image.source=${{ github.event.repository.clone_url }}
org.opencontainers.image.revision=${{ github.sha }}
template-sync:
timeout-minutes: 20

needs:
- metadata
- test
- commit-lint
- super-linter

# only runs on main branch and only for the template
if: ${{ github.ref == 'refs/heads/master' && fromJSON(needs.metadata.outputs.repository).is_template }}

runs-on: ubuntu-latest

steps:
- uses: ahmadnassri/[email protected]

- uses: actions/[email protected]

- uses: ahmadnassri/[email protected]
with:
github-token: ${{ secrets.GH_TOKEN }}
49 changes: 0 additions & 49 deletions .github/workflows/readme.yml
View file

This file was deleted.

Loading

0 comments on commit 75b6771

Please sign in to comment.