Skip to content

Commit

Permalink
reusable-workflows
Browse files Browse the repository at this point in the history 
Signed-off-by: Nikita Skrynnik <nikita.skrynnik@xored.com>
  • Loading branch information
@NikitaSkrynnik
NikitaSkrynnik committed Jun 2, 2022
1 parent 575cf99 commit 07a8b1c
Show file tree
Hide file tree
Showing 6 changed files with 72 additions and 344 deletions.
24 changes: 3 additions & 21 deletions .github/workflows/automerge.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
name: automerge
name: Automerge
on:
workflow_run:
types:
Expand All @@ -8,23 +8,5 @@ on:
- 'ci'
jobs:
automerge:
name: Automerge
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot' }}
steps:
- name: Check out the code
uses: actions/checkout@v2
- name: Fetch main
run: |
git remote -v
git fetch --depth=1 origin main
- name: Only allow go.mod, go.sum, *.gen.go files
run: |
find . -type f ! -name 'go.mod' ! -name 'go.sum' -exec git diff --exit-code origin/main -- {} +
- name: Merge PR
uses: ridedott/merge-me-action@master
with:
GITHUB_LOGIN: nsmbot
ENABLED_FOR_MANUAL_CHANGES: true
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MAXIMUM_RETRIES: 25
if: ${{ github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot'}}
uses: networkservicemesh/.github/.github/workflows/automerge.yaml@main
105 changes: 12 additions & 93 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,7 @@ on:
- 'release/**'
jobs:
yamllint:
name: yamllint
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v2
- name: yaml-lint
uses: ibiqlik/action-yamllint@v1
with:
config_file: .ci/yamllint.yml
strict: true
uses: networkservicemesh/.github/.github/workflows/yamllint.yaml@main

build-and-test:
name: build and test
Expand All @@ -41,93 +32,21 @@ jobs:
run: go test -race ./...

golangci-lint:
name: golangci-lint
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@v1
with:
go-version: 1.18.1
- name: golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: v1.45.2
uses: networkservicemesh/.github/.github/workflows/golangci-lint.yaml@main

excludeFmtErrorf:
name: exclude fmt.Errorf
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Exclude fmt.Errorf
run: |
if grep -r --include=*.go fmt.Errorf . ; then
echo "Please use errors.Errorf (or errors.New or errors.Wrap or errors.Wrapf) as appropriate rather than fmt.Errorf"
exit 1
fi
exclude-fmt-errorf:
uses: networkservicemesh/.github/.github/workflows/exclude-fmt-errorf.yaml@main

restrictNSMDeps:
name: Restrict dependencies on github.com/networkservicemesh/*
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Restrict dependencies on github.com/networkservicemesh/*
env:
ALLOWED_REPOSITORIES: "sdk, api, sdk-kernel"
run: |
for i in $(grep github.com/networkservicemesh/ go.mod | grep -v '^module' | sed 's;.*\(github.com\/networkservicemesh\/[^ ]*\).*;\1;g');do
if ! [ "$(echo ${ALLOWED_REPOSITORIES} | grep ${i#github.com/networkservicemesh/})" ]; then
echo Dependency on "${i}" is forbidden
exit 1
fi
done
restrict-nsm-deps:
uses: networkservicemesh/.github/.github/workflows/restrict-nsm-deps.yaml@main
with:
allowed_repositories: "api, sdk, sdk-kernel"

checkgomod:
name: check go.mod and go.sum
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v1
with:
go-version: 1.18.1
- run: go mod tidy
- name: Check for changes in go.mod or go.sum
run: |
git diff --name-only --exit-code go.mod || ( echo "Run go tidy" && false )
git diff --name-only --exit-code go.sum || ( echo "Run go tidy" && false )
uses: networkservicemesh/.github/.github/workflows/checkgomod.yaml@main

gogenerate:
name: Check generated files
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: arduino/setup-protoc@master
with:
version: '3.8.0'
- uses: actions/setup-go@v1
with:
go-version: 1.18.1
- name: Install proto-gen-go
run: go install github.com/golang/protobuf/protoc-gen-go@v1.4.2
- name: Install proto-gen-go
run: go install github.com/searKing/golang/tools/cmd/go-syncmap@v1.1.68
- name: Generate files
run: go generate ./...
- name: Check for changes in generated code
run: |
git diff -- '*.pb.go' || ( echo "Rerun go generate ./... locally and resubmit" && false )
git diff -- '*.gen.go' || ( echo "Rerun go generate ./... locally and resubmit" && false )
uses: networkservicemesh/.github/.github/workflows/gogenerate.yaml@main

excludereplace:
name: Exclude replace in go.mod
runs-on: ubuntu-latest
steps:
- name: Check out the code
uses: actions/checkout@v2
- name: Exclude replace in go.mod
run: |
grep ^replace go.mod || exit 0
exit 1
exclude-replace:
uses: networkservicemesh/.github/.github/workflows/exclude-replace.yaml@main
56 changes: 2 additions & 54 deletions .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
name: "CodeQL"
name: CodeQL

on:
push:
Expand All @@ -17,56 +17,4 @@ on:

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest

strategy:
fail-fast: false
matrix:
# Override automatic language detection by changing the below list
# Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
language: ['go']
# Learn more...
# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection

steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2

# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main

# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl

# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language

# - run: |
# make bootstrap
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: networkservicemesh/.github/.github/workflows/codeql-analysis.yaml@main
48 changes: 26 additions & 22 deletions .github/workflows/pr-for-updates.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,29 @@
---
name: Pull Request on update/* Branch Push
name: Release
on:
push:
branches:
- update/**
workflow_run:
types:
- completed
workflows:
- 'ci'
jobs:
auto-pull-request:
name: Pull Request on update/* Branch Push
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Construct PR message
run: |
PULL_REQUEST_BODY=$(git log --pretty='format:%B' -1 | sed '/^$/d;$d' | sed 's/#/# /g')
echo "$PULL_REQUEST_BODY"
echo "PULL_REQUEST_BODY<<EOF" >> $GITHUB_ENV
echo "$PULL_REQUEST_BODY" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
- name: pull-request-action
uses: vsoch/pull-request-action@1.0.12
env:
GITHUB_TOKEN: ${{ secrets.NSM_BOT_GITHUB_TOKEN }}
BRANCH_PREFIX: "update/"
PULL_REQUEST_BRANCH: "main"
release:
if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }}
uses: networkservicemesh/.github/.github/workflows/release.yaml@main
with:
dependent_repositories: |
["sdk-k8s",
"sdk-kernel",
"cmd-nsmgr",
"cmd-nsmgr-proxy",
"cmd-registry-memory",
"cmd-registry-proxy-dns",
"cmd-nse-remote-vlan",
"cmd-nse-vfio",
"cmd-nsc-init",
"cmd-ipam-vl3",
"cmd-map-ip-k8s",
"cmd-admission-webhook-k8s"]
secrets:
token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }}
97 changes: 15 additions & 82 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,87 +5,20 @@ on:
types:
- completed
workflows:
- "ci"
- 'ci'
jobs:
print-debug-info:
name: Print debug info for Release workflow
runs-on: ubuntu-latest
steps:
- uses: hmarr/debug-action@v2
create-release:
name: Create release
runs-on: ubuntu-latest
release:
if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }}
steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
ref: refs/heads/${{github.event.workflow_run.head_branch}}
- name: Get tag
run: |
branch=${{github.event.workflow_run.head_branch}}
echo '::set-output name=tag::'${branch#release/}
id: get-tag-step
- name: Push tag ${{ steps.get-tag-step.outputs.tag }}
run: |
git status
git tag ${{ steps.get-tag-step.outputs.tag }}
git push origin ${{ steps.get-tag-step.outputs.tag }} -f
- name: Create release ${{ steps.get-tag-step.outputs.tag }}
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.NSM_BOT_GITHUB_TOKEN }}
with:
tag_name: refs/tags/${{ steps.get-tag-step.outputs.tag }}
release_name: ${{ steps.get-tag-step.outputs.tag }}
draft: false
prerelease: false
update-dependent-repositories:
strategy:
matrix:
repository:
- cmd-forwarder-sriov
- cmd-nsc
- cmd-nsc-init
- cmd-nse-icmp-responder
- cmd-forwarder-vpp
- cmd-nse-vlan-vpp
- sdk-ovs
name: Update ${{ matrix.repository }}
needs: create-release
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }}
steps:
- name: Get tag
run: |
branch=${{github.event.workflow_run.head_branch}}
echo '::set-output name=tag::'${branch#release/}
id: get-tag-step
- name: Create commit
run: |
echo "Update go.mod and go.sum to ${{ github.repository }}@${{ steps.get-tag-step.outputs.tag }}" >> /tmp/commit-message
- name: Checkout networkservicemesh/${{ matrix.repository }}
uses: actions/checkout@v2
with:
path: networkservicemesh/${{ matrix.repository }}
repository: networkservicemesh/${{ matrix.repository }}
token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }}
- uses: actions/setup-go@v1
with:
go-version: 1.18.1
- name: Update ${{ github.repository }} locally
working-directory: networkservicemesh/${{ matrix.repository }}
run: |
GOPRIVATE=github.com/networkservicemesh go get -u github.com/${{ github.repository }}@${{ steps.get-tag-step.outputs.tag }}
go mod tidy
git diff
- name: Push update to the ${{ matrix.repository }}
working-directory: networkservicemesh/${{ matrix.repository }}
run: |
echo Starting to update repositotry ${{ matrix.repository }}
git config --global user.email "nsmbot@networkservicmesh.io"
git config --global user.name "NSMBot"
git add go.mod go.sum
git commit -s -F /tmp/commit-message
git checkout -b ${{ github.event.workflow_run.head_branch }}
git push -f origin ${{ github.event.workflow_run.head_branch }}
uses: networkservicemesh/.github/.github/workflows/release.yaml@main
with:
dependent_repositories: |
["cmd-forwarder-sriov",
"cmd-nsc",
"cmd-nsc-init",
"cmd-nse-icmp-responder",
"cmd-forwarder-vpp",
"cmd-nse-vlan-vpp",
"sdk-ovs"]
secrets:
token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }}
Loading

0 comments on commit 07a8b1c

Please sign in to comment.