Skip to content

Commit

Permalink
wip: rename arguments
Browse files Browse the repository at this point in the history
  • Loading branch information
@phbelitz
phbelitz committed Nov 1, 2024
1 parent 6e8feb4 commit 9bd818b
Show file tree
Hide file tree
Showing 9 changed files with 64 additions and 113 deletions.
49 changes: 0 additions & 49 deletions .github/actions/grype/action.yaml
View file

This file was deleted.

12 changes: 6 additions & 6 deletions .github/workflows/00_pr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ jobs:
# statuses: read
# attestations: read
secrets: inherit
with:
run_build: none
run_compliance_checks: none
run_unit_tests: none
run_sast: none
run_sca: none
# with:
# build: skip
# compliance_checks: skip
# unit_tests: skip
# sast: skip
# sca: skip
58 changes: 29 additions & 29 deletions .github/workflows/100_ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,38 +5,38 @@ permissions: {}
on:
workflow_call:
inputs:
run_build:
description: "Which build jobs should be run: 'all', 'required', 'none'?"
build:
description: "Which build jobs should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"
required: false
run_compliance_checks:
description: "Which compliance checks should be run: 'all', 'required', 'none'?"
compliance_checks:
description: "Which compliance checks should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"
required: false
run_unit_tests:
description: "Which unit tests should be run: 'all', 'required', 'none'?"
unit_tests:
description: "Which unit tests should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"
required: false
run_sast:
description: "Which sast jobs should be run: 'all', 'required', 'none'?"
sast:
description: "Which sast jobs should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"
required: false
run_sca:
description: "Which sca jobs should be run: 'all', 'required', 'none'?"
sca:
description: "Which sca jobs should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"
required: false
run_docs:
description: "Which doc jobs should be run: 'all', 'required', 'none'?"
docs:
description: "Which doc jobs should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"
required: false
run_integration_tests:
description: "Which integration tests should be run: 'all', 'required', 'none'?"
integration_tests:
description: "Which integration tests should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"
required: false
Expand All @@ -56,20 +56,20 @@ jobs:
steps:
- name: Show ci settings
run: |
get_output() { case "$1" in "all") echo ":white_check_mark:";; "required") echo ":information_source:";; "none") echo ":x:";; *) echo "Unknown value";; esac; }
get_output() { case "$1" in "all") echo ":white_check_mark:";; "only-required") echo ":information_source:";; "skip") echo ":x:";; *) echo "Unknown value";; esac; }
echo "# :pencil: CI Settings" >> ${GITHUB_STEP_SUMMARY}
echo "<table>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><th>Setting</th><th>Value</th></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Docs</td><td>$(get_output ${{ inputs.run_docs }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Build</td><td>$(get_output ${{ inputs.run_build }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Compliance</td><td>$(get_output ${{ inputs.run_compliance_checks }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Unit Tests</td><td>$(get_output ${{ inputs.run_unit_tests }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run SAST</td><td>$(get_output ${{ inputs.run_sast }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run SCA</td><td>$(get_output ${{ inputs.run_sca }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Integration Tests</td><td>$(get_output ${{ inputs.run_integration_tests }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Docs</td><td>$(get_output ${{ inputs.docs }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Build</td><td>$(get_output ${{ inputs.build }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Compliance</td><td>$(get_output ${{ inputs.compliance_checks }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Unit Tests</td><td>$(get_output ${{ inputs.unit_tests }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run SAST</td><td>$(get_output ${{ inputs.sast }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run SCA</td><td>$(get_output ${{ inputs.sca }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Run Integration Tests</td><td>$(get_output ${{ inputs.integration_tests }})</td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "<tr><td>Report type</td><td><code>${{ inputs.output_type }}</code></td></tr>" >> ${GITHUB_STEP_SUMMARY}
echo "</table>" >> ${GITHUB_STEP_SUMMARY}
echo "($(get_output 'all') - run all jobs, $(get_output 'required') - run important/required jobs only, $(get_output 'none') - skip jobs)" >> ${GITHUB_STEP_SUMMARY}
echo "($(get_output 'all') - run all jobs, $(get_output 'only-required') - run important/required jobs only, $(get_output 'skip') - skip jobs)" >> ${GITHUB_STEP_SUMMARY}
echo "" >> ${GITHUB_STEP_SUMMARY}
build:
Expand All @@ -79,29 +79,29 @@ jobs:
packages: write
secrets: inherit
with:
run_build: ${{ inputs.run_build }}
jobs_to_run: ${{ inputs.build }}

compliance:
uses: ./.github/workflows/102_compliance.yml
needs: [ci-settings]
permissions:
contents: read
with:
run_compliance_checks: ${{ inputs.run_compliance_checks }}
jobs_to_run: ${{ inputs.compliance_checks }}

unit-test:
uses: ./.github/workflows/103_unit-test.yml
needs: [ci-settings]
with:
run_unit_tests: ${{ inputs.run_unit_tests }}
jobs_to_run: ${{ inputs.unit_tests }}

sast:
uses: ./.github/workflows/104_sast.yml
needs: [ci-settings]
permissions:
security-events: write
with:
run_sast: ${{ inputs.run_sast }}
jobs_to_run: ${{ inputs.sast }}
output: ${{ inputs.output_type }}

sca:
Expand All @@ -115,7 +115,7 @@ jobs:
image: ${{ needs.build.outputs.build_image }}
registry: ${{ needs.build.outputs.build_registry }}
repo_owner: ${{ github.repository_owner }}
run_sca: ${{ inputs.run_sca }}
jobs_to_run: ${{ inputs.sca }}
output: ${{ inputs.output_type }}

docs:
Expand All @@ -124,7 +124,7 @@ jobs:
permissions:
contents: write
with:
run_docs: ${{ inputs.run_docs }}
jobs_to_run: ${{ inputs.docs }}

# integration-test:
# uses: ./.github/workflows/integration-test.yml
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/101_build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ name: build
on:
workflow_call:
inputs:
run_build:
description: "Which build jobs should be run: 'all', 'required', 'none'?"
jobs_to_run:
description: "Which build jobs should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"
outputs:
Expand Down Expand Up @@ -42,7 +42,7 @@ on:
jobs:
context:
runs-on: ubuntu-latest
if: inputs.run_build != 'none'
if: inputs.jobs_to_run != 'skip'
permissions: {}
outputs:
chart_version: ${{ steps.output_context.outputs.CHART_VERSION }}
Expand Down Expand Up @@ -133,7 +133,7 @@ jobs:

build:
runs-on: ubuntu-latest
if: inputs.run_build != 'none'
if: inputs.jobs_to_run != 'skip'
needs: [context]
permissions:
packages: write
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/102_compliance.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ name: compliance
on:
workflow_call:
inputs:
run_compliance_checks:
description: "Which compliance checks should be run: 'all', 'required', 'none'?"
jobs_to_run:
description: "Which compliance checks should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"

Expand All @@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
if: |
github.event_name == 'pull_request' &&
inputs.run_compliance_checks != 'none'
inputs.jobs_to_run != 'skip'
permissions:
contents: read
steps:
Expand All @@ -27,7 +27,7 @@ jobs:
runs-on: ubuntu-latest
if: |
github.event_name == 'pull_request' &&
inputs.run_compliance_checks != 'none'
inputs.jobs_to_run != 'skip'
permissions: {}
steps:
- name: Checkout code
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/103_unit-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,16 @@ permissions: {}
on:
workflow_call:
inputs:
run_unit_tests:
description: "Which unit tests should be run: 'all', 'required', 'none'?"
jobs_to_run:
description: "Which unit tests should be run: 'all', 'only-required', 'skip'?"
type: string
default: "all"

jobs:
gotest:
name: unit tests
runs-on: ubuntu-latest
if: inputs.run_unit_tests != 'none'
if: inputs.jobs_to_run != 'skip'
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
Expand Down
18 changes: 9 additions & 9 deletions .github/workflows/104_sast.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@ name: sast
on:
workflow_call:
inputs:
run_sast:
description: "Want to skip running certain jobs 'none', 'non-required', 'all'?"
jobs_to_run:
description: "Which sast jobs should be run: 'all', 'only-required', 'skip'?"
type: string
default: "none"
default: "all"
output:
description: 'Output either "sarif" (GITHUB_TOKEN with security-events:write) or print results as "table" and fail on error'
type: string
Expand All @@ -20,7 +20,7 @@ jobs:
runs-on: ubuntu-latest
if: |
(github.actor != 'dependabot[bot]') &&
inputs.run_sast == 'all' &&
inputs.jobs_to_run == 'all' &&
inputs.output == 'sarif'
permissions:
security-events: write
Expand All @@ -38,7 +38,7 @@ jobs:
runs-on: ubuntu-latest
if: |
(github.actor != 'dependabot[bot]') &&
inputs.run_sast != 'none'
inputs.jobs_to_run != 'skip'
permissions:
security-events: write
steps:
Expand All @@ -58,7 +58,7 @@ jobs:
runs-on: ubuntu-latest
if: |
(github.actor != 'dependabot[bot]') &&
inputs.run_sast != 'none'
inputs.jobs_to_run != 'skip'
permissions:
security-events: write
steps:
Expand All @@ -78,7 +78,7 @@ jobs:
runs-on: ubuntu-latest
if: |
(github.actor != 'dependabot[bot]') &&
inputs.run_sast == 'all'
inputs.jobs_to_run == 'all'
permissions:
security-events: write
steps:
Expand All @@ -101,7 +101,7 @@ jobs:
runs-on: ubuntu-latest
if: |
(github.actor != 'dependabot[bot]') &&
inputs.run_sast == 'all'
inputs.jobs_to_run == 'all'
permissions:
security-events: write
steps:
Expand All @@ -125,7 +125,7 @@ jobs:
runs-on: ubuntu-latest
if: |
(github.actor != 'dependabot[bot]') &&
inputs.run_sast == 'all'
inputs.jobs_to_run == 'all'
permissions:
security-events: write
steps:
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/105_sca.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,10 @@ on:
type: string
required: false
default: ''
run_sca:
description: "Want to skip running certain jobs 'none', 'non-required', 'all'?"
jobs_to_run:
description: "Which sca jobs should be run: 'all', 'only-required', 'skip'?"
type: string
default: "none"
default: "all"
output:
description: 'Output either "sarif" (GITHUB_TOKEN with security-events:write) or print results as "table" and fail on error'
type: string
Expand All @@ -33,7 +33,7 @@ jobs:
trivy-image-scan:
name: trivy image
runs-on: ubuntu-latest
if: inputs.run_sca != 'none'
if: inputs.jobs_to_run != 'skip'
permissions:
packages: read
security-events: write
Expand Down
Loading

0 comments on commit 9bd818b

Please sign in to comment.