Skip to content

chore(deps): update github/codeql-action digest to 4f3212b #373

chore(deps): update github/codeql-action digest to 4f3212b

chore(deps): update github/codeql-action digest to 4f3212b #373

Workflow file for this run

---
name: New release
on:
workflow_dispatch:
push:
branches:
- main
env:
NAMESPACE: telekom_mms
COLLECTION_NAME: icinga_director
ANSIBLE_COLLECTIONS_PATHS: ./
jobs:
update_docs:
runs-on: ubuntu-latest
name: create documentation inside docs-folder
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
persist-credentials: false
# ansible-doc-extractor requires the collection to be in a directory in
# the form ./ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}/
- name: Check out code to ansible collection location
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: ansible_collections/${{env.NAMESPACE}}/${{env.COLLECTION_NAME}}
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: 3.8
- name: Install ansible-doc-extractor
run: python -m pip install ansible-doc-extractor[ansible]
- name: create documentation
run: ansible-doc-extractor docs/ plugins/inventory/* plugins/modules/*
# the token is needed so the github app can push to the repository
# the github app can bypass the branch protection rule (need a PR to merge)
# this way it can directly commit to main
- name: Obtain a GitHub App Installation Access Token
id: githubAppAuth
run: |
TOKEN="$(npx obtain-github-app-installation-access-token ci ${{ secrets.GH_BRANCH_PROTECTION_APP_TOKEN }})"
echo "::add-mask::$TOKEN"
echo token=${TOKEN} >> $GITHUB_OUTPUT
- name: commit documentation
uses: github-actions-x/commit@722d56b8968bf00ced78407bbe2ead81062d8baa # v2.9
with:
github-token: ${{ steps.githubAppAuth.outputs.token }}
push-branch: 'main'
commit-message: 'update documentation'
force-add: 'true'
files: docs/
name: Telekom MMS GmbH
email: [email protected]
generate_changelog:
runs-on: ubuntu-latest
name: create release draft
needs: update_docs # the documentation should be updated before creating a new release
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# checkout the main branch, because without the ref, the above commit ("update documentation")
# isn't included and the push will fail
ref: main
fetch-depth: 0
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5
with:
python-version: 3.8
- name: Install antsibull-changelog, antsichaut
run: python -m pip install antsibull-changelog --disable-pip-version-check
- name: Install pandoc
run: sudo apt-get install pandoc
- name: 'Get Previous tag'
id: previoustag
uses: "WyriHaximus/github-action-get-previous-tag@04e8485ecb6487243907e330d522ff60f02283ce" # v1.4.0
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: calculate next version
id: version
uses: patrickjahns/version-drafter-action@2076fa43abb28f31d0e8b0890253fbd1d1a966fc # v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Generate new version in changelog.yaml
run: antsibull-changelog release -v --version "${{ steps.version.outputs.next-version }}"
- name: Generate changelog.yaml
uses: ansible-community/antsichaut@66464bba7f07c56db4bfec4b14e70b71c0b43ca9 # 0.4.0
with:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
SINCE_VERSION: "${{ steps.previoustag.outputs.tag }}"
- name: Update Changelog.rst
run: antsibull-changelog generate -v
# the token is needed so the github app can push to the repository
# the github app can bypass the branch protection rule (need a PR to merge)
# this way it can directly commit to main
- name: Obtain a GitHub App Installation Access Token
id: githubAppAuth
run: |
TOKEN="$(npx obtain-github-app-installation-access-token ci ${{ secrets.GH_BRANCH_PROTECTION_APP_TOKEN }})"
echo "::add-mask::$TOKEN"
echo token=${TOKEN} >> $GITHUB_OUTPUT
- name: update and push due to new release
uses: github-actions-x/commit@722d56b8968bf00ced78407bbe2ead81062d8baa # v2.9
with:
# use the token obtained in the step before
github-token: ${{ steps.githubAppAuth.outputs.token }}
push-branch: 'main'
commit-message: 'update due to new release'
force-add: 'true'
files: CHANGELOG.rst changelogs/
name: Deutsche Telekom MMS
email: [email protected]
# do a second checkout to prevent race situation
# changelog gets updated but action works on old commit id
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: main
# Drafts your next Release notes as Pull Requests are merged into "main"
- uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # v6
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}