From 96835f80ed851fdbe2f9a394cab04a1d7ac31d6d Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Mon, 20 Jan 2025 23:53:46 +0200 Subject: [PATCH 1/9] fix: remove workflow that runs everything #9358 --- tasks/migrations/migration-v0.10.2.yaml | 6 ++++ tasks/other-dev-generated-files.yaml | 2 -- templates/.github/workflows/00-start.yaml.j2 | 33 ------------------- .../workflows/30-release-and-build.yaml.j2 | 11 ------- templates/.github/workflows/40-helm.yaml.j2 | 8 ----- .../.github/workflows/90-cleanup.yaml.j2 | 1 - 6 files changed, 6 insertions(+), 55 deletions(-) create mode 100644 tasks/migrations/migration-v0.10.2.yaml delete mode 100644 templates/.github/workflows/00-start.yaml.j2 diff --git a/tasks/migrations/migration-v0.10.2.yaml b/tasks/migrations/migration-v0.10.2.yaml new file mode 100644 index 0000000..eaba3e0 --- /dev/null +++ b/tasks/migrations/migration-v0.10.2.yaml @@ -0,0 +1,6 @@ +- name: remove do-all 00-start.yaml workflow file + ansible.builtin.file: + path: "{{ repo_path }}/{{ item }}" + state: absent + loop: + - .github/workflows/00-start.yaml diff --git a/tasks/other-dev-generated-files.yaml b/tasks/other-dev-generated-files.yaml index b265c00..405a46d 100644 --- a/tasks/other-dev-generated-files.yaml +++ b/tasks/other-dev-generated-files.yaml @@ -23,8 +23,6 @@ vars: workflow_group: "{{ item.workflow_group }}" loop: - - target: 00-start.yaml - workflow_group: "" - target: 10-review.yaml workflow_group: "10" - target: 30-release-and-build.yaml diff --git a/templates/.github/workflows/00-start.yaml.j2 b/templates/.github/workflows/00-start.yaml.j2 deleted file mode 100644 index 6acff95..0000000 --- a/templates/.github/workflows/00-start.yaml.j2 +++ /dev/null @@ -1,33 +0,0 @@ -# [[ repo_managed ]] -name: RunGithubActionsWorkflows - -# workflow_dispatch enables option for manual runs -# workflow_call: it can be started by other workflows - -on: - workflow_dispatch: - workflow_call: - -jobs: - review: - uses: ./.github/workflows/10-review.yaml - secrets: inherit - release-and-build: - uses: ./.github/workflows/30-release-and-build.yaml - needs: review - secrets: inherit - helm: - uses: ./.github/workflows/40-helm.yaml - needs: release-and-build - secrets: inherit - with: - new-release-published: ${{ needs.release-and-build.outputs.new-release-published }} - release-version: ${{ needs.release-and-build.outputs.release-version }} - security: - uses: ./.github/workflows/50-security.yaml - needs: release-and-build - secrets: inherit - cleanup: - uses: ./.github/workflows/90-cleanup.yaml - needs: release-and-build - secrets: inherit diff --git a/templates/.github/workflows/30-release-and-build.yaml.j2 b/templates/.github/workflows/30-release-and-build.yaml.j2 index da2bc78..9e18dd7 100644 --- a/templates/.github/workflows/30-release-and-build.yaml.j2 +++ b/templates/.github/workflows/30-release-and-build.yaml.j2 @@ -3,14 +3,6 @@ name: Release on: workflow_dispatch: - workflow_call: - outputs: - new-release-published: - description: "Whether or not a new release was published." - value: ${{ jobs.build.outputs.new-release-published }} - release-version: - description: "The version string of the newly published release" - value: ${{ jobs.build.outputs.release-version }} push: branches: - [[ repo.github.default_branch ]] @@ -23,9 +15,6 @@ permissions: jobs: build: runs-on: ubuntu-latest - outputs: - new-release-published: ${{ steps.semantic-release.outputs.new-release-published }} - release-version: ${{ steps.semantic-release.outputs.release-version }} steps: - name: GitHub Environment Variables Action diff --git a/templates/.github/workflows/40-helm.yaml.j2 b/templates/.github/workflows/40-helm.yaml.j2 index 70faca6..08c8e56 100644 --- a/templates/.github/workflows/40-helm.yaml.j2 +++ b/templates/.github/workflows/40-helm.yaml.j2 @@ -3,14 +3,6 @@ name: Helm Publish on: workflow_dispatch: - workflow_call: - inputs: - new-release-published: - required: true - type: string - release-version: - required: true - type: string jobs: helm: diff --git a/templates/.github/workflows/90-cleanup.yaml.j2 b/templates/.github/workflows/90-cleanup.yaml.j2 index 7708b0c..cfc7c87 100644 --- a/templates/.github/workflows/90-cleanup.yaml.j2 +++ b/templates/.github/workflows/90-cleanup.yaml.j2 @@ -5,7 +5,6 @@ on: schedule: - cron: 0 13 * * 2 workflow_dispatch: - workflow_call: jobs: cleanup: From 153dc17c4e062d44ee2cae9b3d944ac2224147ce Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Tue, 21 Jan 2025 00:02:35 +0200 Subject: [PATCH 2/9] refactor: automated workflow naming #9358 --- tasks/generate-files.yaml | 8 ++++---- tasks/migrations/migration-v0.10.2.yaml | 2 ++ ...bot-auto-merge.yaml => auto-merge-dependabot-prs.yaml} | 0 .../{repo-ansible.yaml => auto-run-repo-ansible.yaml} | 0 4 files changed, 6 insertions(+), 4 deletions(-) rename templates/.github/workflows/{dependabot-auto-merge.yaml => auto-merge-dependabot-prs.yaml} (100%) rename templates/.github/workflows/{repo-ansible.yaml => auto-run-repo-ansible.yaml} (100%) diff --git a/tasks/generate-files.yaml b/tasks/generate-files.yaml index 6ae6471..94265bc 100644 --- a/tasks/generate-files.yaml +++ b/tasks/generate-files.yaml @@ -25,13 +25,13 @@ - name: Generate repo-ansible workflow ansible.builtin.copy: - src: ./templates/.github/workflows/repo-ansible.yaml - dest: "{{ repo_path }}/.github/workflows/repo-ansible.yaml" + src: ./templates/.github/workflows/auto-run-repo-ansible.yaml + dest: "{{ repo_path }}/.github/workflows/auto-run-repo-ansible.yaml" - name: Generate dependabot automerge workflow ansible.builtin.copy: - src: ./templates/.github/workflows/dependabot-auto-merge.yaml - dest: "{{ repo_path }}/.github/workflows/dependabot-auto-merge.yaml" + src: ./templates/.github/workflows/auto-merge-dependabot-prs.yaml + dest: "{{ repo_path }}/.github/workflows/auto-merge-dependabot-prs.yaml" when: repo.github.features.dependabot_auto_merge - name: Generate CODEOWNERS file diff --git a/tasks/migrations/migration-v0.10.2.yaml b/tasks/migrations/migration-v0.10.2.yaml index eaba3e0..e3866a4 100644 --- a/tasks/migrations/migration-v0.10.2.yaml +++ b/tasks/migrations/migration-v0.10.2.yaml @@ -4,3 +4,5 @@ state: absent loop: - .github/workflows/00-start.yaml + - .github/workflows/dependabot-auto-merge.yaml + - .github/workflows/repo-ansible.yaml diff --git a/templates/.github/workflows/dependabot-auto-merge.yaml b/templates/.github/workflows/auto-merge-dependabot-prs.yaml similarity index 100% rename from templates/.github/workflows/dependabot-auto-merge.yaml rename to templates/.github/workflows/auto-merge-dependabot-prs.yaml diff --git a/templates/.github/workflows/repo-ansible.yaml b/templates/.github/workflows/auto-run-repo-ansible.yaml similarity index 100% rename from templates/.github/workflows/repo-ansible.yaml rename to templates/.github/workflows/auto-run-repo-ansible.yaml From 949a5c03e3646b16560b91ea3f9d84da70786641 Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Tue, 21 Jan 2025 00:06:17 +0200 Subject: [PATCH 3/9] fix: only enable release for default branch #9358 --- .../workflows/30-release-and-build.yaml.j2 | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/templates/.github/workflows/30-release-and-build.yaml.j2 b/templates/.github/workflows/30-release-and-build.yaml.j2 index 9e18dd7..2e5a3d6 100644 --- a/templates/.github/workflows/30-release-and-build.yaml.j2 +++ b/templates/.github/workflows/30-release-and-build.yaml.j2 @@ -39,23 +39,8 @@ jobs: id: semantic-release uses: codfish/semantic-release-action@v3 with: - # support releasing the "main" branch - # whilst preserving the action defaults branches: | - [ - '+([0-9])?(.{+([0-9]),x}).x', - '[[ repo.github.default_branch ]]', - 'next', - 'next-major', - { - name: 'beta', - prerelease: true - }, - { - name: 'alpha', - prerelease: true - } - ] + [ '[[ repo.github.default_branch ]]' ] additional-packages: | ['@semantic-release/changelog', '@semantic-release/git', '@semantic-release/exec'] repository-url: 'https://github.com/${{ github.repository_owner }}/${{ env.CI_REPOSITORY_NAME }}.git' From 23a060de06b6feb627529c17816d23e410354c97 Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Tue, 21 Jan 2025 00:32:04 +0200 Subject: [PATCH 4/9] refactor: different release config format #9358 The new format is a JavaScript module, which gives the option to attach inline comments to the configuration file. It also makes it easier to emphasis that the file is repo-ansible managed. --- tasks/migrations/migration-v0.10.2.yaml | 3 +- tasks/other-dev-generated-files.yaml | 8 ++-- .../workflows/30-release-and-build.yaml.j2 | 2 - templates/.releaserc | 38 ------------------- templates/release.config.mjs.j2 | 30 +++++++++++++++ 5 files changed, 36 insertions(+), 45 deletions(-) delete mode 100644 templates/.releaserc create mode 100644 templates/release.config.mjs.j2 diff --git a/tasks/migrations/migration-v0.10.2.yaml b/tasks/migrations/migration-v0.10.2.yaml index e3866a4..be97ff2 100644 --- a/tasks/migrations/migration-v0.10.2.yaml +++ b/tasks/migrations/migration-v0.10.2.yaml @@ -1,4 +1,4 @@ -- name: remove do-all 00-start.yaml workflow file +- name: remove renamed or repo-ansible dropped files ansible.builtin.file: path: "{{ repo_path }}/{{ item }}" state: absent @@ -6,3 +6,4 @@ - .github/workflows/00-start.yaml - .github/workflows/dependabot-auto-merge.yaml - .github/workflows/repo-ansible.yaml + - .releaserc diff --git a/tasks/other-dev-generated-files.yaml b/tasks/other-dev-generated-files.yaml index 405a46d..daff21b 100644 --- a/tasks/other-dev-generated-files.yaml +++ b/tasks/other-dev-generated-files.yaml @@ -1,9 +1,9 @@ - when: repo.github.features.sdlc_workflows block: - - name: copy semantic-release .releaserc file - ansible.builtin.copy: - src: ./templates/.releaserc - dest: "{{ repo_path }}/.releaserc" + - name: generate semantic-release config file + ansible.builtin.template: + src: ./templates/release.config.mjs.j2 + dest: "{{ repo_path }}/release.config.mjs" - name: find workflow extensions ansible.builtin.command: "./library/list_extension_workflows.py '{{ repo_path }}'" diff --git a/templates/.github/workflows/30-release-and-build.yaml.j2 b/templates/.github/workflows/30-release-and-build.yaml.j2 index 2e5a3d6..9a8e8dd 100644 --- a/templates/.github/workflows/30-release-and-build.yaml.j2 +++ b/templates/.github/workflows/30-release-and-build.yaml.j2 @@ -39,8 +39,6 @@ jobs: id: semantic-release uses: codfish/semantic-release-action@v3 with: - branches: | - [ '[[ repo.github.default_branch ]]' ] additional-packages: | ['@semantic-release/changelog', '@semantic-release/git', '@semantic-release/exec'] repository-url: 'https://github.com/${{ github.repository_owner }}/${{ env.CI_REPOSITORY_NAME }}.git' diff --git a/templates/.releaserc b/templates/.releaserc deleted file mode 100644 index 17cc813..0000000 --- a/templates/.releaserc +++ /dev/null @@ -1,38 +0,0 @@ -{ - "branches": ["master", "main" ], - "debug": "True", - "plugins": [ - [ - "@semantic-release/commit-analyzer", - { - "preset": "angular", - "releaseRules": [ - { "type": "chore", "release": "patch" }, - { "type": "test", "release": "patch" }, - { "type": "docs", "release": "patch" }, - { "type": "style", "release": "patch" }, - { "type": "refactor", "release": "patch" }, - { "type": "ci", "release": "patch" } - ] - } - ], - "@semantic-release/github", - "@semantic-release/release-notes-generator", - "@semantic-release/changelog", - [ - "@semantic-release/git", - { - "assets": [ - "CHANGELOG.md" - ], - "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" - } - ], - [ - "@semantic-release/exec", - { - "publishCmd": "echo ${nextRelease.version} > .gitrelease" - } - ] - ] -} diff --git a/templates/release.config.mjs.j2 b/templates/release.config.mjs.j2 new file mode 100644 index 0000000..21a82b4 --- /dev/null +++ b/templates/release.config.mjs.j2 @@ -0,0 +1,30 @@ +/** + * {{ repo_managed }} + * + * Configuration file used by the release workflow .github/workflows/30-release-and-build.yaml + */ +/** + * @type {import('semantic-release').GlobalConfig} + */ +export default { + branches: ["{{ repo.github.default_branch }}"], + debug: "True", + plugins: [ + [ "@semantic-release/commit-analyzer", { preset: "angular", releaseRules: [ + { type: "chore", release: "patch" }, + { type: "ci", release: "patch" }, + { type: "docs", release: "patch" }, + { type: "refactor", release: "patch" }, + { type: "style", release: "patch" }, + { type: "test", release: "patch" }, + ] } ], + "@semantic-release/github", + "@semantic-release/release-notes-generator", + "@semantic-release/changelog", + [ "@semantic-release/git", { + assets: [ "CHANGELOG.md" ], + message: "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" + } ], + [ "@semantic-release/exec", { publishCmd: "echo ${nextRelease.version} > .gitrelease" } ] + ] +} From d46ab2364fcca4cf9b6dfb84fc3a0b8acabbef97 Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Tue, 21 Jan 2025 00:37:38 +0200 Subject: [PATCH 5/9] docs(ci): update actions descriptions #9358 For many action steps the step name matched the action name. Simplify the workflow by removing these redundant descriptions, and make descriptions match the behaviour better where this wasn't the case. --- templates/.github/workflows/10-review.yaml.j2 | 6 ++---- .../workflows/30-release-and-build.yaml.j2 | 21 +++++++------------ .../.github/workflows/50-security.yaml.j2 | 12 ++++------- .../.github/workflows/90-cleanup.yaml.j2 | 5 ++--- 4 files changed, 15 insertions(+), 29 deletions(-) diff --git a/templates/.github/workflows/10-review.yaml.j2 b/templates/.github/workflows/10-review.yaml.j2 index 6871d02..813c645 100644 --- a/templates/.github/workflows/10-review.yaml.j2 +++ b/templates/.github/workflows/10-review.yaml.j2 @@ -12,12 +12,10 @@ jobs: # Don't enforce commit conventions checks for Dependabot if: github.actor != 'dependabot[bot]' steps: - - name: Checkout - uses: actions/checkout@v4 + - uses: actions/checkout@v4 # interesting alternative: https://github.com/cocogitto/cocogitto - - name: Conventional commit checker - uses: webiny/action-conventional-commits@v1.3.0 + - uses: webiny/action-conventional-commits@v1.3.0 # XXX: normal action versioning syntax (`@v1`) doesn't work with this action, # possibly because not published on the GitHub marketplace diff --git a/templates/.github/workflows/30-release-and-build.yaml.j2 b/templates/.github/workflows/30-release-and-build.yaml.j2 index 9a8e8dd..1b03dd4 100644 --- a/templates/.github/workflows/30-release-and-build.yaml.j2 +++ b/templates/.github/workflows/30-release-and-build.yaml.j2 @@ -17,26 +17,22 @@ jobs: runs-on: ubuntu-latest steps: - - name: GitHub Environment Variables Action - uses: FranzDiebold/github-env-vars-action@v2 + - uses: FranzDiebold/github-env-vars-action@v2 - uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + - uses: docker/setup-buildx-action@v3 with: # moby/buildkit v0.11.0 causes untagged images to appear in github # packages and the workaround does not seem to have any effect # (set provenance=false in docker/build-push-action@v4) driver-opts: network=host,image=moby/buildkit:v0.10.5 - - name: Create release - id: semantic-release + - id: semantic-release uses: codfish/semantic-release-action@v3 with: additional-packages: | @@ -46,8 +42,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Docker meta - id: meta + - id: meta uses: docker/metadata-action@v5 with: images: | @@ -57,15 +52,13 @@ jobs: type=raw,value=latest,enable={{is_default_branch}} type=raw,value=${{ steps.semantic-release.outputs.release-version }} - - name: Login to Container Registry ghcr.io - uses: docker/login-action@v3 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push - uses: docker/build-push-action@v6 + - uses: docker/build-push-action@v6 with: context: . provenance: false diff --git a/templates/.github/workflows/50-security.yaml.j2 b/templates/.github/workflows/50-security.yaml.j2 index 0c68d04..d3b150f 100644 --- a/templates/.github/workflows/50-security.yaml.j2 +++ b/templates/.github/workflows/50-security.yaml.j2 @@ -9,21 +9,17 @@ jobs: name: security runs-on: ubuntu-latest steps: - - name: GitHub Environment Variables Action - uses: FranzDiebold/github-env-vars-action@v2 + - uses: FranzDiebold/github-env-vars-action@v2 - - name: Login to Docker Hub - uses: docker/login-action@v3 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Docker pull - run: docker pull ghcr.io/linkorb/${{ env.CI_REPOSITORY_NAME }}:latest + - run: docker pull ghcr.io/linkorb/${{ env.CI_REPOSITORY_NAME }}:latest - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master + - uses: aquasecurity/trivy-action@master with: image-ref: ghcr.io/linkorb/${{ env.CI_REPOSITORY_NAME }}:latest format: 'table' diff --git a/templates/.github/workflows/90-cleanup.yaml.j2 b/templates/.github/workflows/90-cleanup.yaml.j2 index cfc7c87..6946bc8 100644 --- a/templates/.github/workflows/90-cleanup.yaml.j2 +++ b/templates/.github/workflows/90-cleanup.yaml.j2 @@ -14,10 +14,9 @@ jobs: packages: write steps: - - name: GitHub Environment Variables Action - uses: FranzDiebold/github-env-vars-action@v2 + - uses: FranzDiebold/github-env-vars-action@v2 - - name: Delete an old version of the package, keeping a few of the newest + - name: Keep last 5 published container images uses: actions/delete-package-versions@v5 with: package-name: "${{ env.CI_REPOSITORY_NAME }}" From ac81a67c1fdd2d109b647b9a785e3b945efefc47 Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Tue, 21 Jan 2025 00:39:33 +0200 Subject: [PATCH 6/9] style: rename the cleanup workflow #9358 While the workflow name will match the behavior now, it will also make the workflow less proeminent on the repository actions tab, and placed lower in the visual hierarchy. --- templates/.github/workflows/90-cleanup.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/.github/workflows/90-cleanup.yaml.j2 b/templates/.github/workflows/90-cleanup.yaml.j2 index 6946bc8..3c26537 100644 --- a/templates/.github/workflows/90-cleanup.yaml.j2 +++ b/templates/.github/workflows/90-cleanup.yaml.j2 @@ -1,5 +1,5 @@ # [[ repo_managed ]] -name: Cleanup +name: Scheduled Cleanup on: schedule: From 8eb57895f8b00205bc357f9d27b7ba5ba694ebad Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Tue, 21 Jan 2025 00:53:34 +0200 Subject: [PATCH 7/9] feat: repo-ansible workflow #9358 Update workflow to pick up on the docs/partial changes (part of the README.md file generation). Tweak comment posted on a PR. --- tasks/generate-files.yaml | 6 ++++-- ...repo-ansible.yaml => auto-run-repo-ansible.yaml.j2} | 10 ++++++---- 2 files changed, 10 insertions(+), 6 deletions(-) rename templates/.github/workflows/{auto-run-repo-ansible.yaml => auto-run-repo-ansible.yaml.j2} (86%) diff --git a/tasks/generate-files.yaml b/tasks/generate-files.yaml index 94265bc..a7f47ba 100644 --- a/tasks/generate-files.yaml +++ b/tasks/generate-files.yaml @@ -24,9 +24,11 @@ state: directory - name: Generate repo-ansible workflow - ansible.builtin.copy: - src: ./templates/.github/workflows/auto-run-repo-ansible.yaml + ansible.builtin.template: + src: ./templates/.github/workflows/auto-run-repo-ansible.yaml.j2 dest: "{{ repo_path }}/.github/workflows/auto-run-repo-ansible.yaml" + variable_start_string: '[[' + variable_end_string: ']]' - name: Generate dependabot automerge workflow ansible.builtin.copy: diff --git a/templates/.github/workflows/auto-run-repo-ansible.yaml b/templates/.github/workflows/auto-run-repo-ansible.yaml.j2 similarity index 86% rename from templates/.github/workflows/auto-run-repo-ansible.yaml rename to templates/.github/workflows/auto-run-repo-ansible.yaml.j2 index 14b9a6a..b714136 100644 --- a/templates/.github/workflows/auto-run-repo-ansible.yaml +++ b/templates/.github/workflows/auto-run-repo-ansible.yaml.j2 @@ -1,3 +1,4 @@ +# [[ repo_managed ]] name: Auto-run repo-ansible on: @@ -6,12 +7,13 @@ on: pull_request_target: paths: - 'repo.yaml' + - 'docs/partials/*.md' push: branches: - - main - - master + - [[ repo.github.default_branch ]] paths: - 'repo.yaml' + - 'docs/partials/*.md' permissions: contents: write # allow git commits & push @@ -61,7 +63,7 @@ jobs: - if: ${{ env.IS_PULL_REQUEST == '1' && env.REPOSITORY_CHANGED == '1' }} - name: comment with changes + name: bot comment about repo-ansible detected changes uses: actions/github-script@v7 with: script: | @@ -70,7 +72,7 @@ jobs: issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - body: `Following repo-ansible changes will be applied when merged to main/master branch + body: `Once PR is merged, repo-ansible will run on [[ repo.github.default_branch ]] and the following changes will apply \`\`\`shell ${changes} From 7b951b5ea7c59118ce9d0d8296587da48620b3dc Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Tue, 21 Jan 2025 01:00:42 +0200 Subject: [PATCH 8/9] style: dependabot auto-merge workflow #9358 --- tasks/generate-files.yaml | 6 ++++-- ...pendabot-prs.yaml => auto-merge-dependabot-prs.yaml.j2} | 7 +++---- 2 files changed, 7 insertions(+), 6 deletions(-) rename templates/.github/workflows/{auto-merge-dependabot-prs.yaml => auto-merge-dependabot-prs.yaml.j2} (78%) diff --git a/tasks/generate-files.yaml b/tasks/generate-files.yaml index a7f47ba..cfc471c 100644 --- a/tasks/generate-files.yaml +++ b/tasks/generate-files.yaml @@ -31,9 +31,11 @@ variable_end_string: ']]' - name: Generate dependabot automerge workflow - ansible.builtin.copy: - src: ./templates/.github/workflows/auto-merge-dependabot-prs.yaml + ansible.builtin.template: + src: ./templates/.github/workflows/auto-merge-dependabot-prs.yaml.j2 dest: "{{ repo_path }}/.github/workflows/auto-merge-dependabot-prs.yaml" + variable_start_string: '[[' + variable_end_string: ']]' when: repo.github.features.dependabot_auto_merge - name: Generate CODEOWNERS file diff --git a/templates/.github/workflows/auto-merge-dependabot-prs.yaml b/templates/.github/workflows/auto-merge-dependabot-prs.yaml.j2 similarity index 78% rename from templates/.github/workflows/auto-merge-dependabot-prs.yaml rename to templates/.github/workflows/auto-merge-dependabot-prs.yaml.j2 index ce97a2a..af0729b 100644 --- a/templates/.github/workflows/auto-merge-dependabot-prs.yaml +++ b/templates/.github/workflows/auto-merge-dependabot-prs.yaml.j2 @@ -1,3 +1,4 @@ +# [[ repo_managed ]] name: Auto-merge Dependabot PRs on: pull_request_target @@ -10,12 +11,10 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} steps: - - name: Dependabot metadata - id: metadata + - id: metadata uses: dependabot/fetch-metadata@v2 - - name: Enable auto-merge for Dependabot PRs - if: steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch' + - if: steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch' run: gh pr merge --merge "$PR_URL" env: PR_URL: ${{ github.event.pull_request.html_url }} From 17fdcf53a1a54bd5f899a74ee97c0830c18dadbd Mon Sep 17 00:00:00 2001 From: Marius Ghita Date: Tue, 21 Jan 2025 03:56:47 +0200 Subject: [PATCH 9/9] chore: remove composer-unused pre-push hook #9358 --- tasks/migrations/migration-v0.10.2.yaml | 1 + templates/.devcontainer/git/hooks/pre-push | 10 ---------- 2 files changed, 1 insertion(+), 10 deletions(-) delete mode 100755 templates/.devcontainer/git/hooks/pre-push diff --git a/tasks/migrations/migration-v0.10.2.yaml b/tasks/migrations/migration-v0.10.2.yaml index be97ff2..9007a6d 100644 --- a/tasks/migrations/migration-v0.10.2.yaml +++ b/tasks/migrations/migration-v0.10.2.yaml @@ -3,6 +3,7 @@ path: "{{ repo_path }}/{{ item }}" state: absent loop: + - .devcontainer/git/hooks/pre-push - .github/workflows/00-start.yaml - .github/workflows/dependabot-auto-merge.yaml - .github/workflows/repo-ansible.yaml diff --git a/templates/.devcontainer/git/hooks/pre-push b/templates/.devcontainer/git/hooks/pre-push deleted file mode 100755 index 2e973ee..0000000 --- a/templates/.devcontainer/git/hooks/pre-push +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/bash - -temporary_file=$(mktemp) -# Temporary workaround on issue reported in #8432 -# shellcheck disable=2024 -sudo composer-unused --no-progress --output-format=github > "$temporary_file" -exit_code=$? - -grep -v 'ignored' "$temporary_file" -exit $exit_code