ci: add full gitea workflow and remove github actions steps

2024-11-09 10:50:51 +01:00 · 2024-11-09 10:50:51 +01:00 · b82426201d
commit b82426201d
parent 8a600d3c47
6 changed files with 208 additions and 20 deletions
--- a/.gitea/workflows/development.yml
+++ b/.gitea/workflows/development.yml
@ -0,0 +1,26 @@
+---
+name: development
+on:
+  push:
+    branches-ignore:
+      - main
+
+jobs:
+  commit-check:
+    name: Check commit compliance
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install commitizen
+        run: pip3 install commitizen
+        shell: bash
+        working-directory: ./
+
+      - name: Verify commit message compliance
+        run: |
+          echo "cz check --message '${{ github.event.head_commit.message }}'"
+          cz check --message "${{ github.event.head_commit.message }}"
+        shell: bash
+        working-directory: ./
--- a/.gitea/workflows/e2e-tests-docker_systemd_service.yml
+++ b/.gitea/workflows/e2e-tests-docker_systemd_service.yml
@ -0,0 +1,46 @@
+---
+name: test
+on:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - synchronize
+    branches:
+      - main
+
+jobs:
+  retrieve-credentials:
+    name: Retrieve Credentials
+    runs-on: ubuntu-latest
+    outputs:
+      registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }}
+      registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}
+    steps:
+      - name: Get secrets from vault
+        id: import-secrets
+        uses: hashicorp/vault-action@v3
+        with:
+          url: "https://vault.ednz.fr"
+          method: approle
+          roleId: ${{ secrets.VAULT_APPROLE_ID }}
+          secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }}
+          secrets: |
+            kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ;
+            kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ;
+
+  end_to_end_role:
+    needs: retrieve-credentials
+    strategy:
+      matrix:
+        test_os:
+          ["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"]
+        scenario: ["default", "with_custom_flags"]
+    uses: ./.gitea/workflows/e2e-tests.yml
+    with:
+      role: docker_systemd_service
+      scenario: ${{ matrix.scenario }}
+      test_os: ${{ matrix.test_os }}
+    secrets:
+      GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }}
+      GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }}
--- a/.gitea/workflows/e2e-tests.yml
+++ b/.gitea/workflows/e2e-tests.yml
@ -0,0 +1,47 @@
+---
+name: End-to-end tests
+
+on:
+  workflow_call:
+    inputs:
+      role:
+        required: true
+        type: string
+        description: "Which role should be tested"
+      scenario:
+        required: true
+        type: string
+        description: "Which scenarios should be run"
+      test_os:
+        required: true
+        type: string
+        description: "On which OS to run the tests"
+    secrets:
+      GITEA_ACTIONS_USERNAME:
+        required: true
+      GITEA_ACTIONS_TOKEN:
+        required: true
+
+jobs:
+  molecule-test:
+    name: Molecule tests
+    runs-on: ubuntu-latest
+    container:
+      image: git.ednz.fr/container-factory/ansible-runner:act-latest
+      credentials:
+        username: ${{ secrets.GITEA_ACTIONS_USERNAME }}
+        password: ${{ secrets.GITEA_ACTIONS_TOKEN }}
+    env:
+      ANSIBLE_HOST_KEY_CHECKING: "false"
+      ANSIBLE_FORCE_COLOR: "true"
+      ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: "Molecule test"
+        run: molecule test -s ${{ inputs.scenario }}
+        shell: bash
+        working-directory: ${{ gitea.workspace }}
+        env:
+          MOLECULE_TEST_OS: ${{ inputs.test_os }}
--- a/.gitea/workflows/pull-request-open.yml
+++ b/.gitea/workflows/pull-request-open.yml
@ -0,0 +1,35 @@
+---
+name: pull-requests-open
+on:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - synchronize
+    branches:
+      - main
+
+jobs:
+  commit-history-check:
+    name: Check commit compliance
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          fetch-depth: 0
+
+      - name: Install commitizen
+        run: pip3 install commitizen
+        shell: bash
+        working-directory: ./
+
+      - run: git log origin/${{ github.event.pull_request.base.ref }}..
+
+      - name: Verify commit message compliance
+        run: |
+          echo "cz check --rev-range origin/${{ gitea.event.pull_request.base.ref }}.."
+          cz check --rev-range origin/${{ gitea.event.pull_request.base.ref }}..
+        shell: bash
+        working-directory: ./
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@ -0,0 +1,54 @@
+---
+name: build-deploy
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  do-release:
+    if: "!startsWith(github.event.head_commit.message, 'bump:')"
+    runs-on: ubuntu-latest
+    name: Bump version and create changelog with commitizen
+    steps:
+      - name: Get secrets from vault
+        id: import-secrets
+        uses: hashicorp/vault-action@v3
+        with:
+          url: "https://vault.ednz.fr"
+          method: approle
+          roleId: ${{ secrets.VAULT_APPROLE_ID }}
+          secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }}
+          secrets: |
+            kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ;
+            kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ;
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}
+
+      - name: Install commitizen
+        run: pip3 install commitizen
+        shell: bash
+        working-directory: ./
+
+      - name: Configure git credentials
+        uses: oleksiyrudenko/gha-git-credentials@v2
+        with:
+          global: true
+          name: "Gitea-Actions Bot"
+          email: "gitea-actions@ednz.fr"
+          actor: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }}
+          token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }}
+
+      - name: Do release
+        run: cz -nr 21 bump --yes
+        shell: bash
+        working-directory: ./
+
+      - name: Push release
+        run: git push && git push --tags
+        shell: bash
+        working-directory: ./
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@ -1,20 +0,0 @@
---
-name: publish
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  publish:
-    name: Publish to galaxy
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Publish
-        uses: ednxzu/galaxy-import-role@v2
-        with:
-          galaxy-api-key: ${{ secrets.GALAXY_API_TOKEN }}
-          repository-owner: ednxzu
-          repository-name: docker_systemd_service