From 8ae67a2bb2df87d1b5bf5693ff1ca88d4d6690fb Mon Sep 17 00:00:00 2001 From: ismay <7355199+ismay@users.noreply.github.com> Date: Mon, 29 Jul 2024 15:23:43 +0200 Subject: [PATCH] ci: add reusable workflows (#618) * ci: add reusable workflow * ci: update actions * ci: abstract test * ci: add build job * ci: abstract e2e * ci: add secrets * style: fix with prettier * ci: use latest cypress action * ci: cancel previous runs if not on release branch * ci: abstract release * ci: remove git author * ci: remove redundant build task * ci: add comment * ci: add workflow name * ci: abstract netlify workflows * ci: only run workflows that need secrets where they are available * ci: add reusable commitlint workflows * ci: update commitlint action * ci: cancel previous pr title linting runs * style: fix with prettier * ci: downgrade commitlint to v5 * ci: update netlify deploy * ci: use head_ref for pull_request action trigger * ci: add reusable issue workflow * ci: use gh cli to close issues * style: fix formatting * ci: move reusable workflows to separate test repo * ci: specify branch to deploy production from * ci: fix pull request condition * ci: refer to workflows by version * ci: add name for comment wf * ci: move upstream workflows * ci: address review comments --- .github/workflows/comment-and-close.yml | 11 +- .github/workflows/deploy-pr.yml | 14 ++ .github/workflows/deploy-production.yml | 17 +++ .github/workflows/dhis2-netlify-deploy-pr.yml | 54 ------- .../dhis2-netlify-deploy-production.yml | 56 ------- .github/workflows/dhis2-verify-app.yml | 139 ------------------ .github/workflows/dhis2-verify-commits.yml | 38 ----- .github/workflows/lint-pr-title.yml | 13 ++ .github/workflows/test-and-release.yml | 27 ++++ 9 files changed, 75 insertions(+), 294 deletions(-) create mode 100644 .github/workflows/deploy-pr.yml create mode 100644 .github/workflows/deploy-production.yml delete mode 100644 .github/workflows/dhis2-netlify-deploy-pr.yml delete mode 100644 .github/workflows/dhis2-netlify-deploy-production.yml delete mode 100644 .github/workflows/dhis2-verify-app.yml delete mode 100644 .github/workflows/dhis2-verify-commits.yml create mode 100644 .github/workflows/lint-pr-title.yml create mode 100644 .github/workflows/test-and-release.yml diff --git a/.github/workflows/comment-and-close.yml b/.github/workflows/comment-and-close.yml index 6aa782a08..25e527b55 100644 --- a/.github/workflows/comment-and-close.yml +++ b/.github/workflows/comment-and-close.yml @@ -1,13 +1,10 @@ +name: comment-and-close + on: issues: types: [opened] jobs: comment-and-close: - runs-on: ubuntu-latest - steps: - - uses: vardevs/candc@v1 - with: - close-comment: 'If you would like to file a bug report or feature request, please refer to our issue tracker: https://jira.dhis2.org' - exempt-users: dhis2-bot,dependabot,kodiakhq - github-token: ${{secrets.DHIS2_BOT_GITHUB_TOKEN}} + uses: dhis2/workflows-platform/.github/workflows/comment-and-close.yml@v1 + if: !contains(github.event.issues.sender.login , fromJson('["dhis2-bot", "kodiakhq", "dependabot"]')) diff --git a/.github/workflows/deploy-pr.yml b/.github/workflows/deploy-pr.yml new file mode 100644 index 000000000..fc915d195 --- /dev/null +++ b/.github/workflows/deploy-pr.yml @@ -0,0 +1,14 @@ +name: deploy-pr + +on: + pull_request: + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref }} + cancel-in-progress: true + +jobs: + deploy: + uses: dhis2/workflows-platform/.github/workflows/deploy-pr.yml@v1 + if: '!github.event.pull_request.head.repo.fork' + secrets: inherit diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml new file mode 100644 index 000000000..9575c2edb --- /dev/null +++ b/.github/workflows/deploy-production.yml @@ -0,0 +1,17 @@ +name: deploy-production + +on: + push: + branches: + - master + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + deploy: + uses: dhis2/workflows-platform/.github/workflows/deploy-production.yml@v1 + secrets: inherit + with: + branch: master diff --git a/.github/workflows/dhis2-netlify-deploy-pr.yml b/.github/workflows/dhis2-netlify-deploy-pr.yml deleted file mode 100644 index bf00efa34..000000000 --- a/.github/workflows/dhis2-netlify-deploy-pr.yml +++ /dev/null @@ -1,54 +0,0 @@ -name: 'dhis2: netlify deploy pr' - -# Requirements: -# -# - Org secrets: -# DHIS2_BOT_NETLIFY_TOKEN -# DHIS2_BOT_GITHUB_TOKEN -# - Repo secrets: -# NETLIFY_SITE_ID -# - Customize the 'jobs.build.steps.netlify-deploy.publish-dir' property - -on: - pull_request: - -concurrency: - group: ${{ github.workflow}}-${{ github.ref }} - cancel-in-progress: true - -jobs: - deploy: - runs-on: ubuntu-latest - if: "!github.event.push.repository.fork && github.actor != 'dependabot[bot]'" - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v3 - with: - node-version: 20 - cache: 'yarn' - - - run: yarn install --frozen-lockfile - - - name: Build - run: yarn d2-app-scripts build --standalone - - - name: Deploy - id: netlify-deploy - uses: nwtgck/actions-netlify@v1.2.2 - timeout-minutes: 1 - with: - github-token: ${{ secrets.DHIS2_BOT_GITHUB_TOKEN }} - github-deployment-environment: 'netlify' - github-deployment-description: 'PR Preview on Netlify' - deploy-message: ${{ github.event.pull_request.title }} - enable-pull-request-comment: true - enable-commit-comment: true - enable-commit-status: true - alias: pr-${{ github.event.number }} - # customize according to project needs - publish-dir: 'build/app' - env: - # org secret - NETLIFY_AUTH_TOKEN: ${{ secrets.DHIS2_BOT_NETLIFY_TOKEN }} - # repo secret - NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} diff --git a/.github/workflows/dhis2-netlify-deploy-production.yml b/.github/workflows/dhis2-netlify-deploy-production.yml deleted file mode 100644 index 6edbb5cf7..000000000 --- a/.github/workflows/dhis2-netlify-deploy-production.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: 'dhis2: netlify deploy production' - -# Requirements: -# -# - Org secrets: -# DHIS2_BOT_NETLIFY_TOKEN -# DHIS2_BOT_GITHUB_TOKEN -# - Repo secrets: -# NETLIFY_SITE_ID -# - Customize the 'jobs.build.steps.netlify-deploy.publish-dir' property - -on: - push: - branches: - - master - -concurrency: - group: ${{ github.workflow}}-${{ github.ref }} - cancel-in-progress: true - -jobs: - deploy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v3 - with: - node-version: 20 - cache: 'yarn' - - - run: yarn install --frozen-lockfile - - - name: Build - run: yarn d2-app-scripts build --standalone - - - name: Deploy - id: netlify-deploy - uses: nwtgck/actions-netlify@v1.2.2 - timeout-minutes: 1 - with: - github-token: ${{ secrets.DHIS2_BOT_GITHUB_TOKEN }} - github-deployment-environment: 'netlify' - github-deployment-description: 'Production Deploy on Netlify' - deploy-message: Github actions production deploy - enable-pull-request-comment: false - enable-commit-comment: true - enable-commit-status: true - production-branch: master - production-deploy: true - # customize according to project needs - publish-dir: 'build/app' - env: - # org secret - NETLIFY_AUTH_TOKEN: ${{ secrets.DHIS2_BOT_NETLIFY_TOKEN }} - # repo secret - NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} diff --git a/.github/workflows/dhis2-verify-app.yml b/.github/workflows/dhis2-verify-app.yml deleted file mode 100644 index c6c74d8aa..000000000 --- a/.github/workflows/dhis2-verify-app.yml +++ /dev/null @@ -1,139 +0,0 @@ -name: 'dhis2: verify (app)' - -# Requirements: -# -# - Org secrets: -# DHIS2_BOT_GITHUB_TOKEN -# DHIS2_BOT_APPHUB_TOKEN -# - Enable the 'jobs.e2e' section if applicable -# - Customize the properties if needed: -# 'jobs.release.steps.*.cwd' -# 'jobs.release.steps.*.build-dir' - -on: push - -concurrency: - group: ${{ github.workflow}}-${{ github.ref }} - -env: - GIT_AUTHOR_NAME: '@dhis2-bot' - GIT_AUTHOR_EMAIL: 'apps@dhis2.org' - GIT_COMMITTER_NAME: '@dhis2-bot' - GIT_COMMITTER_EMAIL: 'apps@dhis2.org' - D2_VERBOSE: true - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v3 - with: - node-version: 20 - cache: 'yarn' - - - run: yarn install --frozen-lockfile - - - name: Build - run: yarn d2-app-scripts build - - - uses: actions/upload-artifact@v2 - with: - name: app-build - path: | - **/build - !**/node_modules - retention-days: 1 - - lint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v3 - with: - node-version: 20 - cache: 'yarn' - - - run: yarn install --frozen-lockfile - - # Can be removed if translations aren't required for tests, - # or if not using the App Platform - - name: Generate translations - run: yarn d2-app-scripts i18n generate - - - name: Lint - run: yarn d2-style check - - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v3 - with: - node-version: 20 - cache: 'yarn' - - - run: yarn install --frozen-lockfile - - # Can be removed if translations aren't required for tests, - # or if not using the App Platform - - name: Generate translations - run: yarn d2-app-scripts i18n generate - - - name: Test - run: yarn d2-app-scripts test - - e2e: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v3 - with: - node-version: 20 - - name: End-to-End tests - uses: cypress-io/github-action@v5 - with: - start: npx --yes @dhis2/cli-cluster up 2.41 --channel dev --db-version 2.41 --seed, yarn start:nobrowser - wait-on: 'http://localhost:8080/dhis-web-commons/security/login.action, http://localhost:3000' - wait-on-timeout: 600 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CYPRESS_LOGIN_NAME: ${{ secrets.CYPRESS_LOGIN_NAME }} - CYPRESS_LOGIN_PASSWORD: ${{ secrets.CYPRESS_LOGIN_PASSWORD }} - CYPRESS_LOGIN_SERVER: http://localhost:8080 - - run: npx --yes @dhis2/cli-cluster down 2.41 - - release: - runs-on: ubuntu-latest - needs: [build, lint, test, e2e] - if: "!github.event.push.repository.fork && github.actor != 'dependabot[bot]'" - steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.DHIS2_BOT_GITHUB_TOKEN }} - - - uses: actions/setup-node@v3 - with: - node-version: 20 - cache: 'yarn' - - - uses: actions/download-artifact@v2 - with: - name: app-build - - # ensure that d2-app-scripts is available - - run: yarn install --frozen-lockfile - - - uses: dhis2/action-semantic-release@master - with: - publish-apphub: true - publish-github: true - github-token: ${{ secrets.DHIS2_BOT_GITHUB_TOKEN }} - apphub-token: ${{ secrets.DHIS2_BOT_APPHUB_TOKEN }} - - - uses: dhis2/deploy-build@master - with: - # uncomment following line for monorepo apps: - #cwd: ./packages/app - build-dir: build/app - github-token: ${{ secrets.DHIS2_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/dhis2-verify-commits.yml b/.github/workflows/dhis2-verify-commits.yml deleted file mode 100644 index 3e25db885..000000000 --- a/.github/workflows/dhis2-verify-commits.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: 'dhis2: verify (commits)' - -on: - pull_request: - types: ['opened', 'edited', 'reopened', 'synchronize'] - -jobs: - lint-pr-title: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v3 - with: - node-version: 20 - cache: 'yarn' - - run: yarn install --frozen-lockfile - - id: commitlint - run: echo ::set-output name=config_path::$(node -e "process.stdout.write(require('@dhis2/cli-style').config.commitlint)") - - uses: JulienKode/pull-request-name-linter-action@v0.5.0 - with: - configuration-path: ${{ steps.commitlint.outputs.config_path }} - - lint-commits: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - uses: actions/setup-node@v3 - with: - node-version: 20 - cache: 'yarn' - - run: yarn install --frozen-lockfile - - id: commitlint - run: echo ::set-output name=config_path::$(node -e "process.stdout.write(require('@dhis2/cli-style').config.commitlint)") - - uses: wagoid/commitlint-github-action@v4 - with: - configFile: ${{ steps.commitlint.outputs.config_path }} diff --git a/.github/workflows/lint-pr-title.yml b/.github/workflows/lint-pr-title.yml new file mode 100644 index 000000000..eb59072b9 --- /dev/null +++ b/.github/workflows/lint-pr-title.yml @@ -0,0 +1,13 @@ +name: lint-pr-title + +on: + pull_request: + types: ['opened', 'edited', 'reopened', 'synchronize'] + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref }} + cancel-in-progress: true + +jobs: + lint-pr-title: + uses: dhis2/workflows-platform/.github/workflows/lint-pr-title.yml@v1 diff --git a/.github/workflows/test-and-release.yml b/.github/workflows/test-and-release.yml new file mode 100644 index 000000000..d3330dcd4 --- /dev/null +++ b/.github/workflows/test-and-release.yml @@ -0,0 +1,27 @@ +name: test-and-release + +on: push + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + # Cancel previous runs if not on a release branch + cancel-in-progress: ${{ !contains(github.ref, fromJSON('["master", "main"]')) }} + +jobs: + lint-commits: + uses: dhis2/workflows-platform/.github/workflows/lint-commits.yml@v1 + lint: + uses: dhis2/workflows-platform/.github/workflows/lint.yml@v1 + test: + uses: dhis2/workflows-platform/.github/workflows/test.yml@v1 + e2e: + uses: dhis2/workflows-platform/.github/workflows/e2e.yml@v1 + # Skips forks and dependabot PRs + if: '!github.event.push.repository.fork' + secrets: inherit + release: + needs: [lint-commits, lint, test, e2e] + uses: dhis2/workflows-platform/.github/workflows/release.yml@v1 + # Skips forks and dependabot PRs + if: '!github.event.push.repository.fork' + secrets: inherit