From b82426201daff2ec8d00a47987321ab9aa2bd463 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 10:50:51 +0100 Subject: [PATCH] ci: add full gitea workflow and remove github actions steps --- .gitea/workflows/development.yml | 26 +++++++++ .../e2e-tests-docker_systemd_service.yml | 46 ++++++++++++++++ .gitea/workflows/e2e-tests.yml | 47 ++++++++++++++++ .gitea/workflows/pull-request-open.yml | 35 ++++++++++++ .gitea/workflows/release.yml | 54 +++++++++++++++++++ .github/workflows/publish.yml | 20 ------- 6 files changed, 208 insertions(+), 20 deletions(-) create mode 100644 .gitea/workflows/development.yml create mode 100644 .gitea/workflows/e2e-tests-docker_systemd_service.yml create mode 100644 .gitea/workflows/e2e-tests.yml create mode 100644 .gitea/workflows/pull-request-open.yml create mode 100644 .gitea/workflows/release.yml delete mode 100644 .github/workflows/publish.yml diff --git a/.gitea/workflows/development.yml b/.gitea/workflows/development.yml new file mode 100644 index 0000000..bfba126 --- /dev/null +++ b/.gitea/workflows/development.yml @@ -0,0 +1,26 @@ +--- +name: development +on: + push: + branches-ignore: + - main + +jobs: + commit-check: + name: Check commit compliance + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - name: Verify commit message compliance + run: | + echo "cz check --message '${{ github.event.head_commit.message }}'" + cz check --message "${{ github.event.head_commit.message }}" + shell: bash + working-directory: ./ diff --git a/.gitea/workflows/e2e-tests-docker_systemd_service.yml b/.gitea/workflows/e2e-tests-docker_systemd_service.yml new file mode 100644 index 0000000..ab35bb6 --- /dev/null +++ b/.gitea/workflows/e2e-tests-docker_systemd_service.yml @@ -0,0 +1,46 @@ +--- +name: test +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + +jobs: + retrieve-credentials: + name: Retrieve Credentials + runs-on: ubuntu-latest + outputs: + registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + end_to_end_role: + needs: retrieve-credentials + strategy: + matrix: + test_os: + ["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"] + scenario: ["default", "with_custom_flags"] + uses: ./.gitea/workflows/e2e-tests.yml + with: + role: docker_systemd_service + scenario: ${{ matrix.scenario }} + test_os: ${{ matrix.test_os }} + secrets: + GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }} + GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }} diff --git a/.gitea/workflows/e2e-tests.yml b/.gitea/workflows/e2e-tests.yml new file mode 100644 index 0000000..fd822c5 --- /dev/null +++ b/.gitea/workflows/e2e-tests.yml @@ -0,0 +1,47 @@ +--- +name: End-to-end tests + +on: + workflow_call: + inputs: + role: + required: true + type: string + description: "Which role should be tested" + scenario: + required: true + type: string + description: "Which scenarios should be run" + test_os: + required: true + type: string + description: "On which OS to run the tests" + secrets: + GITEA_ACTIONS_USERNAME: + required: true + GITEA_ACTIONS_TOKEN: + required: true + +jobs: + molecule-test: + name: Molecule tests + runs-on: ubuntu-latest + container: + image: git.ednz.fr/container-factory/ansible-runner:act-latest + credentials: + username: ${{ secrets.GITEA_ACTIONS_USERNAME }} + password: ${{ secrets.GITEA_ACTIONS_TOKEN }} + env: + ANSIBLE_HOST_KEY_CHECKING: "false" + ANSIBLE_FORCE_COLOR: "true" + ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3 + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: "Molecule test" + run: molecule test -s ${{ inputs.scenario }} + shell: bash + working-directory: ${{ gitea.workspace }} + env: + MOLECULE_TEST_OS: ${{ inputs.test_os }} diff --git a/.gitea/workflows/pull-request-open.yml b/.gitea/workflows/pull-request-open.yml new file mode 100644 index 0000000..ea2a600 --- /dev/null +++ b/.gitea/workflows/pull-request-open.yml @@ -0,0 +1,35 @@ +--- +name: pull-requests-open +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + +jobs: + commit-history-check: + name: Check commit compliance + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - run: git log origin/${{ github.event.pull_request.base.ref }}.. + + - name: Verify commit message compliance + run: | + echo "cz check --rev-range origin/${{ gitea.event.pull_request.base.ref }}.." + cz check --rev-range origin/${{ gitea.event.pull_request.base.ref }}.. + shell: bash + working-directory: ./ diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml new file mode 100644 index 0000000..c72fc74 --- /dev/null +++ b/.gitea/workflows/release.yml @@ -0,0 +1,54 @@ +--- +name: build-deploy +on: + push: + branches: + - main + +jobs: + do-release: + if: "!startsWith(github.event.head_commit.message, 'bump:')" + runs-on: ubuntu-latest + name: Bump version and create changelog with commitizen + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - name: Configure git credentials + uses: oleksiyrudenko/gha-git-credentials@v2 + with: + global: true + name: "Gitea-Actions Bot" + email: "gitea-actions@ednz.fr" + actor: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + + - name: Do release + run: cz -nr 21 bump --yes + shell: bash + working-directory: ./ + + - name: Push release + run: git push && git push --tags + shell: bash + working-directory: ./ diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml deleted file mode 100644 index 0fae547..0000000 --- a/.github/workflows/publish.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: publish -on: - push: - branches: - - main - -jobs: - publish: - name: Publish to galaxy - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Publish - uses: ednxzu/galaxy-import-role@v2 - with: - galaxy-api-key: ${{ secrets.GALAXY_API_TOKEN }} - repository-owner: ednxzu - repository-name: docker_systemd_service