Skip to content

Commit cf1e975

Browse files
KidswissKidswiss
authored
Merge pull request #47 from vshn/add/ci_improvements
Add CI Improvement
2 parents 6335cd6 + 8462818 commit cf1e975

10 files changed

+591
-67
lines changed

.cruft.json

+20
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
{
2+
"template": "https://github.com/vshn/appcat-cookiecutter",
3+
"commit": "5309ae05edb3c118e23e64e8ec0bed2b6768ac86",
4+
"checkout": null,
5+
"context": {
6+
"cookiecutter": {
7+
"app_name": "statefulset-resize-controller",
8+
"component_repo": "vshn/component-appcat",
9+
"push_upbound": false,
10+
"push_package": false,
11+
"push_image": true,
12+
"_copy_without_render": [
13+
".github/workflows/cruft-update.yml",
14+
".github/changelog-configuration.json"
15+
],
16+
"_template": "https://github.com/vshn/appcat-cookiecutter"
17+
}
18+
},
19+
"directory": null
20+
}

.github/changelog-configuration.json

+34-28
Original file line numberDiff line numberDiff line change
@@ -1,30 +1,36 @@
11
{
2-
"pr_template": "- ${{TITLE}} (#${{NUMBER}})",
3-
"categories": [
4-
{
5-
"title": "## 🚀 Features",
6-
"labels": ["enhancement", "feature"]
7-
},
8-
{
9-
"title": "## 🛠️ Minor Changes",
10-
"labels": ["change"]
11-
},
12-
{
13-
"title": "## 🔎 Breaking Changes",
14-
"labels": ["breaking"]
15-
},
16-
{
17-
"title": "## 🐛 Fixes",
18-
"labels": ["bug", "fix"]
19-
},
20-
{
21-
"title": "## 📄 Documentation",
22-
"labels": ["documentation"]
23-
},
24-
{
25-
"title": "## 🔗 Dependency Updates",
26-
"labels": ["dependency"]
27-
}
28-
],
29-
"template": "${{CATEGORIZED_COUNT}} changes since ${{FROM_TAG}}\n\n${{CHANGELOG}}"
2+
"pr_template": "- ${{TITLE}} (#${{NUMBER}})",
3+
"categories": [
4+
{
5+
"title": "## 🚀 Features",
6+
"labels": [
7+
"minor"
8+
]
9+
},
10+
{
11+
"title": "## 🔎 Breaking Changes",
12+
"labels": [
13+
"major"
14+
]
15+
},
16+
{
17+
"title": "## 🐛 Fixes",
18+
"labels": [
19+
"patch"
20+
]
21+
},
22+
{
23+
"title": "## 📄 Documentation",
24+
"labels": [
25+
"documentation"
26+
]
27+
},
28+
{
29+
"title": "## 🔗 Dependency Updates",
30+
"labels": [
31+
"dependency"
32+
]
33+
}
34+
],
35+
"template": "${{CATEGORIZED_COUNT}} changes since ${{FROM_TAG}}\n\n${{CHANGELOG}}"
3036
}

.github/workflows/cruft-update.yml

+79
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
# /.github/workflows/cruft-update.yml
2+
name: Update repository with Cruft
3+
permissions:
4+
contents: write
5+
pull-requests: write
6+
actions: write
7+
on:
8+
schedule:
9+
- cron: "0 * * * *" # Once per hour
10+
workflow_dispatch: {}
11+
12+
jobs:
13+
update:
14+
runs-on: ubuntu-latest
15+
strategy:
16+
fail-fast: true
17+
matrix:
18+
include:
19+
- add-paths: .
20+
body: Use this to merge the changes to this repository.
21+
branch: cruft/update
22+
commit-message: "chore: accept new Cruft update"
23+
title: New updates detected with Cruft
24+
- add-paths: .cruft.json
25+
body: Use this to reject the changes in this repository.
26+
branch: cruft/reject
27+
commit-message: "chore: reject new Cruft update"
28+
title: Reject new updates detected with Cruft
29+
steps:
30+
- uses: actions/checkout@v4
31+
with:
32+
token: ${{ secrets.COMPONENT_ACCESS_TOKEN }}
33+
34+
- uses: actions/setup-python@v5
35+
with:
36+
python-version: "3.10"
37+
38+
- name: Install Cruft
39+
run: pip3 install cruft
40+
41+
- name: Check if update is available
42+
continue-on-error: false
43+
id: check
44+
run: |
45+
CHANGES=0
46+
if [ -f .cruft.json ]; then
47+
if ! cruft check; then
48+
CHANGES=1
49+
fi
50+
else
51+
echo "No .cruft.json file"
52+
fi
53+
54+
echo "has_changes=$CHANGES" >> "$GITHUB_OUTPUT"
55+
56+
- name: Run update if available
57+
if: steps.check.outputs.has_changes == '1'
58+
run: |
59+
git config --global user.email "[email protected]"
60+
git config --global user.name "GitHubBot"
61+
62+
cruft update --skip-apply-ask --refresh-private-variables
63+
git restore --staged .
64+
65+
- name: Create pull request
66+
if: steps.check.outputs.has_changes == '1'
67+
uses: peter-evans/create-pull-request@v6
68+
with:
69+
token: ${{ secrets.COMPONENT_ACCESS_TOKEN }}
70+
add-paths: ${{ matrix.add-paths }}
71+
commit-message: ${{ matrix.commit-message }}
72+
branch: ${{ matrix.branch }}
73+
delete-branch: true
74+
title: ${{ matrix.title }}
75+
labels: dependency
76+
body: |
77+
This is an autogenerated PR. ${{ matrix.body }}
78+
79+
[Cruft](https://cruft.github.io/cruft/) has detected updates from the Cookiecutter repository.

.github/workflows/pr.yml

+217
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,217 @@
1+
name: PR Automation
2+
3+
on:
4+
pull_request: {}
5+
pull_request_target:
6+
types:
7+
- closed
8+
branches:
9+
- master
10+
11+
env:
12+
APP_NAME: statefulset-resize-controller
13+
COMPONENT_REPO: vshn/component-appcat
14+
PUSH_UPBOUND: "False"
15+
PUSH_PACKAGE: "False"
16+
PUSH_IMAGE: "True"
17+
18+
jobs:
19+
check-labels:
20+
# Act doesn't set a pull request number by default, so we skip if it's 0
21+
if: github.event.pull_request.number != 0
22+
name: Check labels
23+
runs-on: ubuntu-latest
24+
steps:
25+
- uses: docker://agilepathway/pull-request-label-checker:v1.6.51
26+
with:
27+
one_of: major,minor,patch,documentation,dependency
28+
repo_token: ${{ secrets.GITHUB_TOKEN }}
29+
publish-branch-images:
30+
if: github.event.action != 'closed'
31+
runs-on: ubuntu-latest
32+
steps:
33+
- uses: actions/checkout@v4
34+
35+
- name: Determine Go version from go.mod
36+
run: echo "GO_VERSION=$(grep "go 1." go.mod | cut -d " " -f 2)" >> $GITHUB_ENV
37+
38+
- uses: actions/setup-go@v5
39+
with:
40+
go-version: ${{ env.GO_VERSION }}
41+
42+
- uses: actions/cache@v4
43+
with:
44+
path: ~/go/pkg/mod
45+
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
46+
restore-keys: |
47+
${{ runner.os }}-go-
48+
49+
- name: Extract escaped branch name
50+
shell: bash
51+
run: echo "branch=$(echo ${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} | sed 's/\//_/g' )" >> $GITHUB_OUTPUT
52+
id: extract_branch
53+
54+
- name: Login to GHCR
55+
uses: docker/login-action@v3
56+
with:
57+
registry: ghcr.io
58+
username: ${{ github.repository_owner }}
59+
password: ${{ secrets.GITHUB_TOKEN }}
60+
61+
- name: Build branch and push image
62+
if: env.PUSH_IMAGE == 'true'
63+
run: make docker-push-branchtag -e IMG_TAG="${{ steps.extract_branch.outputs.branch }}"
64+
65+
- name: Build branch and push package
66+
if: env.PUSH_PACKAGE == 'True'
67+
run: make package-push-branchtag -e IMG_TAG="${{ steps.extract_branch.outputs.branch }}"
68+
69+
- name: Login to Upbound
70+
if: env.PUSH_UPBOUND == 'true'
71+
uses: docker/login-action@v3
72+
with:
73+
registry: xpkg.upbound.io
74+
username: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR }}
75+
password: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_PSW }}
76+
77+
- name: Build branch and push package to upbound
78+
if: env.PUSH_UPBOUND == 'true' && env.PUSH_PACKAGE == 'true'
79+
run: make package-push-branchtag -e IMG_TAG="${{ steps.extract_branch.outputs.branch }}" -e IMG_REPO=xpkg.upbound.io
80+
81+
open-pr-component:
82+
if: github.event.action == 'opened'
83+
runs-on: ubuntu-latest
84+
steps:
85+
- name: Checkout code
86+
uses: actions/checkout@v4
87+
with:
88+
repository: ${{ env.COMPONENT_REPO }}
89+
token: ${{ secrets.GITHUB_TOKEN }}
90+
91+
- name: Extract branch name
92+
shell: bash
93+
run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
94+
id: extract_branch
95+
96+
- name: Update defaults.yml and create branch
97+
run: |
98+
yq e '.parameters.appcat.images.${{ env.APP_NAME }}.tag="${{ steps.extract_branch.outputs.branch }}"' class/defaults.yml | diff -B class/defaults.yml - | patch class/defaults.yml - || true
99+
100+
git --no-pager diff
101+
102+
- name: Generate new golden
103+
# Act uses the host's docker to run containers, but then
104+
# they can't access the files that were previously cloned.
105+
if: github.event.pull_request.number != 0
106+
run: |
107+
make gen-golden-all
108+
109+
- name: Create Pull Request
110+
uses: peter-evans/create-pull-request@v6
111+
with:
112+
token: ${{ secrets.COMPONENT_ACCESS_TOKEN }}
113+
title: 'PR for ${{ env.APP_NAME }} on ${{ steps.extract_branch.outputs.branch }}'
114+
body: "${{ github.event.pull_request.body}}\nLink: ${{ github.event.pull_request.url }}"
115+
branch: "${{ env.APP_NAME }}/${{ github.event.pull_request.number }}/${{ steps.extract_branch.outputs.branch }}"
116+
base: master
117+
draft: false
118+
create-release:
119+
if: github.event.pull_request.merged
120+
runs-on: ubuntu-latest
121+
steps:
122+
- name: Check for patch label
123+
if: contains(github.event.pull_request.labels.*.name, 'patch') || contains(github.event.pull_request.labels.*.name, 'dependency') || contains(github.event.pull_request.labels.*.name, 'documentation')
124+
id: patch
125+
run: |
126+
echo "set=true" >> $GITHUB_OUTPUT
127+
- name: Check for minor label
128+
if: contains(github.event.pull_request.labels.*.name, 'minor')
129+
id: minor
130+
run: |
131+
echo "set=true" >> $GITHUB_OUTPUT
132+
- name: Check for major label
133+
if: contains(github.event.pull_request.labels.*.name, 'major')
134+
id: major
135+
run: |
136+
echo "set=true" >> $GITHUB_OUTPUT
137+
138+
- uses: actions/checkout@v4
139+
with:
140+
# Make sure we use the right commit to tag
141+
ref: ${{ github.event.pull_request.merge_commit_sha }}
142+
# We also need to use the personal access token here. As subsequent
143+
# actions will not trigger by tags/pushes that use `GITHUB_TOKEN`
144+
# https://github.com/orgs/community/discussions/25702#discussioncomment-3248819
145+
token: ${{ secrets.COMPONENT_ACCESS_TOKEN }}
146+
# This is broken in checkout@v4...
147+
# https://github.com/actions/checkout/issues/1781
148+
fetch-tags: true
149+
150+
- name: fetch tags
151+
run: |
152+
git fetch --tags
153+
echo "latest tag: $(git describe --tags "$(git rev-list --tags --max-count=1)")"
154+
echo "TAG_VERSION=$(git describe --tags "$(git rev-list --tags --max-count=1)")" >> $GITHUB_ENV
155+
156+
- name: Extract branch name
157+
shell: bash
158+
run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
159+
id: extract_branch
160+
161+
# We only run this if any of the release tags is set.
162+
# For docs and deps we don't do automagic releases
163+
- name: Increase Tag
164+
id: tag
165+
run: |
166+
patch=${{ steps.patch.outputs.set }}
167+
minor=${{ steps.minor.outputs.set }}
168+
major=${{ steps.major.outputs.set }}
169+
170+
major_ver=$(echo '${{ env.TAG_VERSION }}' | cut -d "." -f1)
171+
minor_ver=$(echo '${{ env.TAG_VERSION }}' | cut -d "." -f2)
172+
patch_ver=$(echo '${{ env.TAG_VERSION }}' | cut -d "." -f3)
173+
174+
major_ver="${major_ver:1}"
175+
176+
# Check for patch label
177+
[ ! -z "$patch" ] && [ -z "$minor" ] && [ -z "$major" ] && ((patch_ver++)) || true
178+
179+
# check for minor label
180+
if [ ! -z "$minor" ] && [ -z "$major" ]; then
181+
((minor_ver++))
182+
patch_ver=0
183+
fi
184+
185+
# Check for major label
186+
if [ ! -z "$major" ]; then
187+
((major_ver++))
188+
minor_ver=0
189+
patch_ver=0
190+
fi
191+
192+
tag="v$major_ver.$minor_ver.$patch_ver"
193+
echo "new tag $tag"
194+
git tag $tag
195+
git push --tags
196+
echo tag=$tag >> $GITHUB_OUTPUT
197+
198+
- name: Checkout component
199+
uses: actions/checkout@v4
200+
with:
201+
repository: ${{ env.COMPONENT_REPO }}
202+
token: ${{ secrets.COMPONENT_ACCESS_TOKEN }}
203+
ref: "${{ env.APP_NAME }}/${{ github.event.pull_request.number }}/${{ steps.extract_branch.outputs.branch }}"
204+
205+
- name: Update tag and run golden
206+
run: |
207+
yq e '.parameters.appcat.images.${{ env.APP_NAME }}.tag="${{ steps.tag.outputs.tag }}"' class/defaults.yml | diff -B class/defaults.yml - | patch class/defaults.yml - || true
208+
make gen-golden-all
209+
210+
- name: Commit & Push changes
211+
uses: actions-js/push@master
212+
with:
213+
github_token: ${{ secrets.COMPONENT_ACCESS_TOKEN }}
214+
branch: "${{ env.APP_NAME }}/${{ github.event.pull_request.number }}/${{ steps.extract_branch.outputs.branch }}"
215+
message: "Update tag"
216+
repository: ${{ env.COMPONENT_REPO }}
217+

0 commit comments

Comments
 (0)