diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:06:49 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:06:49 +0000 |
| commit | 2fe34b6444502079dc0b84365ce82dbc92de308e (patch) | |
| tree | 8fedcab52bbbc3db6c5aa909a88a7a7b81685018 /.github/workflows | |
| parent | Initial commit. (diff) | |
| download | ansible-lint-2fe34b6444502079dc0b84365ce82dbc92de308e.tar.xz ansible-lint-2fe34b6444502079dc0b84365ce82dbc92de308e.zip | |
Adding upstream version 6.17.2.upstream/6.17.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '.github/workflows')
| -rw-r--r-- | .github/workflows/ack.yml | 10 | ||||
| -rw-r--r-- | .github/workflows/push.yml | 13 | ||||
| -rw-r--r-- | .github/workflows/redirects.yml | 33 | ||||
| -rw-r--r-- | .github/workflows/release.yml | 77 | ||||
| -rw-r--r-- | .github/workflows/tox.yml | 236 |
5 files changed, 369 insertions, 0 deletions
diff --git a/.github/workflows/ack.yml b/.github/workflows/ack.yml new file mode 100644 index 0000000..291eb88 --- /dev/null +++ b/.github/workflows/ack.yml @@ -0,0 +1,10 @@ +--- +# See https://github.com/ansible/devtools/blob/main/.github/workflows/ack.yml +name: ack +"on": + pull_request_target: + types: [opened, labeled, unlabeled, synchronize] + +jobs: + ack: + uses: ansible/devtools/.github/workflows/ack.yml@main diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000..1debf04 --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,13 @@ +--- +# See https://github.com/ansible/devtools/blob/main/.github/workflows/push.yml +name: push +"on": + push: + branches: + - main + - "releases/**" + - "stable/**" + +jobs: + ack: + uses: ansible/devtools/.github/workflows/push.yml@main diff --git a/.github/workflows/redirects.yml b/.github/workflows/redirects.yml new file mode 100644 index 0000000..fcc5eea --- /dev/null +++ b/.github/workflows/redirects.yml @@ -0,0 +1,33 @@ +--- +# Sync RTD redirects +name: redirects + +"on": + push: + branches: + - main + paths: + - docs/redirects.yml + - .github/workflows/redirects.yml + + # Manually triggered using GitHub's UI + workflow_dispatch: + +jobs: + docs: + environment: release + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-python@v4 + + - name: Upgrade Python toolchain + run: python3 -m pip install --upgrade pip setuptools wheel + + - name: Install readthedocs-cli + run: python3 -m pip install readthedocs-cli + + - name: Sync redirects + run: rtd projects ansible-lint redirects sync -f docs/redirects.yml --wet-run + env: + RTD_TOKEN: ${{ secrets.RTD_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..317b5e1 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,77 @@ +--- +# cspell:ignore mislav +name: release + +"on": + release: + types: [published] + workflow_dispatch: + +jobs: + # https://github.com/marketplace/actions/actions-tagger + actions-tagger: + runs-on: windows-latest + steps: + - uses: Actions-R-Us/actions-tagger@latest + env: + GITHUB_TOKEN: "${{ github.token }}" + pypi: + name: Publish to PyPI registry + environment: release + runs-on: ubuntu-22.04 + permissions: + id-token: write + + env: + FORCE_COLOR: 1 + PY_COLORS: 1 + TOXENV: pkg + + steps: + - name: Switch to using Python 3.9 by default + uses: actions/setup-python@v4 + with: + python-version: 3.9 + + - name: Install tox + run: python3 -m pip install --user "tox>=4.0.0" + + - name: Check out src from Git + uses: actions/checkout@v3 + with: + fetch-depth: 0 # needed by setuptools-scm + submodules: true + + - name: Build dists + run: python -m tox + + - name: Publish to pypi.org + if: >- # "create" workflows run separately from "push" & "pull_request" + github.event_name == 'release' + uses: pypa/gh-action-pypi-publish@release/v1 + + homebrew: + name: Bump homebrew formula + environment: release + runs-on: ubuntu-22.04 + needs: pypi + + env: + FORCE_COLOR: 1 + PY_COLORS: 1 + TOXENV: pkg + + steps: + - name: Check out src from Git + uses: actions/checkout@v3 + with: + fetch-depth: 0 # needed by setuptools-scm + submodules: true + + - name: Bump homebrew formula + uses: mislav/bump-homebrew-formula-action@v2.2 + with: + # A PR will be sent to github.com/Homebrew/homebrew-core to update this formula: + formula-name: ansible-lint + env: + COMMITTER_TOKEN: ${{ secrets.COMMITTER_TOKEN }} diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml new file mode 100644 index 0000000..3220155 --- /dev/null +++ b/.github/workflows/tox.yml @@ -0,0 +1,236 @@ +--- +name: tox + +on: + push: # only publishes pushes to the main branch to TestPyPI + branches: # any integration branch but not tag + - "main" + pull_request: + branches: + - "main" + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +env: + FORCE_COLOR: 1 # tox, pytest, ansible-lint + PY_COLORS: 1 + +jobs: + pre: + name: pre + runs-on: ubuntu-22.04 + outputs: + matrix: ${{ steps.generate_matrix.outputs.matrix }} + steps: + - name: Determine matrix + id: generate_matrix + uses: coactions/dynamic-matrix@v1 + with: + min_python: "3.9" + max_python: "3.11" + other_names: | + lint + pkg + hook + docs + schemas + eco + py-devel + platforms: linux,macos + test-action: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Self test for ansible-lint@${{ github.action_ref || 'main' }} + uses: ./ + with: + # basically we only lint linter own configuration, which should be passing. + args: .ansible-lint + build: + name: ${{ matrix.name }} + runs-on: ${{ matrix.os || 'ubuntu-22.04' }} + needs: + - pre + - test-action + defaults: + run: + shell: ${{ matrix.shell || 'bash'}} + strategy: + fail-fast: false + matrix: ${{ fromJson(needs.pre.outputs.matrix) }} + # max-parallel: 5 + # The matrix testing goal is to cover the *most likely* environments + # which are expected to be used by users in production. Avoid adding a + # combination unless there are good reasons to test it, like having + # proof that we failed to catch a bug by not running it. Using + # distribution should be preferred instead of custom builds. + env: + # vars safe to be passed to wsl: + WSLENV: FORCE_COLOR:PYTEST_REQPASS:TOXENV:GITHUB_STEP_SUMMARY + # Number of expected test passes, safety measure for accidental skip of + # tests. Update value if you add/remove tests. + PYTEST_REQPASS: 805 + steps: + - name: Activate WSL1 + if: "contains(matrix.shell, 'wsl')" + uses: Vampire/setup-wsl@v2 + + - name: MacOS workaround for https://github.com/actions/virtual-environments/issues/1187 + if: ${{ matrix.os == 'macOS-latest' }} + run: | + sudo sysctl -w net.link.generic.system.hwcksum_tx=0 + sudo sysctl -w net.link.generic.system.hwcksum_rx=0 + + - uses: actions/checkout@v3 + with: + fetch-depth: 0 # needed by setuptools-scm + submodules: true + + - name: Set pre-commit cache + uses: actions/cache@v3 + if: ${{ matrix.passed_name == 'lint' }} + with: + path: | + ~/.cache/pre-commit + key: pre-commit-${{ matrix.name || matrix.passed_name }}-${{ hashFiles('.pre-commit-config.yaml') }} + + - name: Set ansible cache(s) + uses: actions/cache@v3 + with: + path: | + .cache/eco + examples/playbooks/collections/ansible_collections + ~/.cache/ansible-compat + ~/.ansible/collections + ~/.ansible/roles + key: ${{ matrix.name || matrix.passed_name }}-${{ hashFiles('tools/test-eco.sh', 'requirements.yml', 'examples/playbooks/collections/requirements.yml') }} + + - name: Set up Python ${{ matrix.python_version || '3.9' }} + if: "!contains(matrix.shell, 'wsl')" + uses: actions/setup-python@v4 + with: + cache: pip + python-version: ${{ matrix.python_version || '3.9' }} + + - uses: actions/setup-node@v3 + with: + node-version: 18 + cache: "npm" + cache-dependency-path: test/schemas/package-lock.json + + - name: Run ./tools/test-setup.sh + run: ./tools/test-setup.sh + + - name: Install tox + run: | + python3 -m pip install --upgrade pip + python3 -m pip install --upgrade "tox>=4.0.0" + + - name: Log installed dists + run: python3 -m pip freeze --all + + - name: Initialize tox envs ${{ matrix.passed_name }} + run: python3 -m tox --notest --skip-missing-interpreters false -vv -e ${{ matrix.passed_name }} + timeout-minutes: 5 # average is under 1, but macos can be over 3 + + # sequential run improves browsing experience (almost no speed impact) + - name: tox -e ${{ matrix.passed_name }} + run: python3 -m tox -e ${{ matrix.passed_name }} + + - name: Combine coverage data + if: ${{ startsWith(matrix.passed_name, 'py') }} + # produce a single .coverage file at repo root + run: tox -e coverage + + - name: Upload coverage data + if: ${{ startsWith(matrix.passed_name, 'py') }} + uses: codecov/codecov-action@v3 + with: + name: ${{ matrix.passed_name }} + fail_ci_if_error: false # see https://github.com/codecov/codecov-action/issues/598 + token: ${{ secrets.CODECOV_TOKEN }} + verbose: true # optional (default = false) + + - name: Archive logs + uses: actions/upload-artifact@v3 + with: + name: logs.zip + path: .tox/**/log/ + # https://github.com/actions/upload-artifact/issues/123 + continue-on-error: true + + - name: Report failure if git reports dirty status + run: | + git checkout HEAD -- src/ansiblelint/schemas/__store__.json + if [[ -n $(git status -s) ]]; then + # shellcheck disable=SC2016 + echo -n '::error file=git-status::' + printf '### Failed as git reported modified and/or untracked files\n```\n%s\n```\n' "$(git status -s)" | tee -a "$GITHUB_STEP_SUMMARY" + exit 99 + fi + # https://github.com/actions/toolkit/issues/193 + codeql: + name: codeql + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ["python"] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" + + check: # This job does nothing and is only used for the branch protection + if: always() + permissions: + pull-requests: write # allow codenotify to comment on pull-request + + needs: + - build + - test-action + + runs-on: ubuntu-latest + + steps: + - name: Decide whether the needed jobs succeeded or failed + uses: re-actors/alls-green@release/v1 + with: + jobs: ${{ toJSON(needs) }} + + - name: Check out src from Git + uses: actions/checkout@v3 + + - name: Notify repository owners about lint change affecting them + uses: sourcegraph/codenotify@v0.6.4 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # https://github.com/sourcegraph/codenotify/issues/19 + continue-on-error: true |