internet/kubevirt.core
3
0
Fork 0
mirror of https://github.com/kubevirt/kubevirt.core.git synced 2026-03-27 03:13:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

.github: Cleanup actions

Browse Source 
Cleanup the .github actions:

- Use the same syntax and/or commands where possible
- Drop unnecessary parameters and steps / commands
- In the all-green job ensure that all CI jobs passed
- Update the naming of jobs
- Review permissions and grant write permission only where
  necessary (repo is set to read-only by default)
- Review installed dependencies (try to fix the failing docs job)
- Run yamllint and fix findings
- Replace deprecated set-output syntax

Signed-off-by: Felix Matouschek <fmatouschek@redhat.com>
This commit is contained in:
Felix Matouschek
2024-02-27 18:56:18 +01:00
parent b719edf5da
commit f92c500de4
5 changed files with 113 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
.github/workflows/ci.yml vendored
View File

@@ -1,59 +1,55 @@
---
name: CI name: CI
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true cancel-in-progress: true
# yamllint disable-line rule:truthy
on: on:
push: push:
branches: branches:
- main - main
pull_request: pull_request:
workflow_dispatch: workflow_dispatch:
# Run CI once per day (at 06:00 UTC)
# This ensures that even if there haven't been commits that we are still
# testing against latest version of ansible-test for each ansible-base version
schedule: schedule:
- cron: '0 6 * * *' - cron: "0 6 * * *"
jobs: jobs:
linter: linter:
runs-on: ubuntu-latest runs-on: ubuntu-latest
env:
collection_dir: ansible_collections/kubevirt/core
steps: steps:
- name: Check out code - name: Check out code
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
path: ansible_collections/kubevirt/core path: ${{ env.collection_dir }}
fetch-depth: 0 fetch-depth: 0
- run: |
mkdir -p /home/runner/.kube/
cat <<- EOF > /home/runner/.kube/config
apiVersion: v1
kind: Config
clusters:
- cluster:
server: http://localhost:12345
name: default
contexts:
- context:
cluster: default
name: default
current-context: default
EOF
- name: Set up Python - name: Set up Python
uses: actions/setup-python@v5 uses: actions/setup-python@v5
with: with:
python-version: 3.x python-version: 3.x
cache: pip cache: pip
- name: Install yamllint, ansible - name: Install yamllint, ansible
run: | run: |
python -m pip install --upgrade pip python -m pip install --upgrade pip
pip install yamllint ansible-core ansible-lint pip install yamllint ansible-core ansible-lint
- name: Run linter - name: Run linter
run: | run: |
ansible-lint --version ansible-lint --version
ansible-lint -v ansible-lint -v
working-directory: ./ansible_collections/kubevirt/core working-directory: ${{ env.collection_dir }}
sanity: sanity:
uses: ansible-network/github_actions/.github/workflows/sanity.yml@main uses: ansible-network/github_actions/.github/workflows/sanity.yml@main
needs: needs:
- linter - linter
with: with:
matrix_include: "[]"
matrix_exclude: >- matrix_exclude: >-
[ [
{ {
@@ -77,6 +73,7 @@ jobs:
"python-version": "3.9" "python-version": "3.9"
} }
] ]
unit-source: unit-source:
uses: ansible-network/github_actions/.github/workflows/unit_source.yml@main uses: ansible-network/github_actions/.github/workflows/unit_source.yml@main
needs: needs:
@@ -105,33 +102,32 @@ jobs:
"python-version": "3.9" "python-version": "3.9"
} }
] ]
collection_pre_install: ''
integration: integration:
uses: ./.github/workflows/integration.yml uses: ./.github/workflows/integration.yml
needs: needs:
- linter - linter
with: with:
ansible_test_targets: >- ansible_test_targets: >-
[ [
"kubevirt_vm", "kubevirt_vm",
"kubevirt_vm_info", "kubevirt_vm_info",
"inventory_kubevirt" "inventory_kubevirt"
] ]
name: "integration"
all_green: all_green:
runs-on: ubuntu-latest
if: ${{ always() }} if: ${{ always() }}
needs: needs:
- linter
- sanity - sanity
- unit-source - unit-source
- integration - integration
runs-on: ubuntu-latest
steps: steps:
- run: >- - run: >-
python -c "assert set([ python -c "assert set([
'${{ needs.linter.result }}',
'${{ needs.sanity.result }}',
'${{ needs.unit-source.result }}', '${{ needs.unit-source.result }}',
'${{ needs.integration.result }}' '${{ needs.integration.result }}'
]) == {'success'}" ]) == {'success'}"
- run: >-
python -c "assert '${{ needs.sanity.result }}'
in ['success', 'failure']"

39
.github/workflows/docs.yml vendored
View File

@@ -1,5 +1,6 @@
--- ---
name: Documentation name: Documentation
# yamllint disable-line rule:truthy
on: on:
push: push:
branches: branches:
@@ -8,27 +9,22 @@ on:
- "[0-9]+.[0-9]+.[0-9]+" - "[0-9]+.[0-9]+.[0-9]+"
workflow_dispatch: workflow_dispatch:
env:
COLORTERM: 'yes'
TERM: 'xterm-256color'
PYTEST_ADDOPTS: '--color=yes'
jobs: jobs:
docs: docs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
# Do not run in private forks
if: github.repository == 'kubevirt/kubevirt.core' if: github.repository == 'kubevirt/kubevirt.core'
permissions: permissions:
actions: write
checks: write
contents: write contents: write
deployments: write env:
packages: write collection_dir: ansible_collections/kubevirt/core
pages: write work_dir: /home/runner/.ansible/collections
steps: steps:
- name: Check out code - name: Check out code
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
path: ansible_collections/kubevirt/core path: ${{ env.collection_dir }}
fetch-depth: 0 fetch-depth: 0
- name: Set up Python - name: Set up Python
@@ -39,16 +35,21 @@ jobs:
- name: Install doc dependencies - name: Install doc dependencies
run: | run: |
python -m pip install --upgrade pip python -m pip install --upgrade pip setuptools
pip install -r ansible_collections/kubevirt/core/docs/requirements.txt pip install \
pip install -r ansible_collections/kubevirt/core/requirements.txt -r ${{ env.collection_dir }}/docs/requirements.txt
ansible-galaxy collection install -r ansible_collections/kubevirt/core/requirements.yml -p /home/runner/.ansible/collections --force-with-deps pip install \
-r ${{ env.collection_dir }}/requirements.txt
mkdir -p ${{ env.work_dir }}
ansible-galaxy collection install \
-r ${{ env.collection_dir }}/requirements.yml \
-p ${{ env.work_dir }} --force-with-deps
sudo apt install -y sed hub sudo apt install -y sed hub
- name: Create default collection path - name: Move collection to work dir
run: | run: |
mkdir -p /home/runner/.ansible/ cp -rp ansible_collections \
cp -rp ${GITHUB_WORKSPACE}/ansible_collections /home/runner/.ansible/collections/ ${{ env.work_dir }}
- name: Create changelog and documentation - name: Create changelog and documentation
uses: ansible-middleware/collection-docs-action@main uses: ansible-middleware/collection-docs-action@main
@@ -60,7 +61,7 @@ jobs:
commit_ghpages: true commit_ghpages: true
changelog_release: false changelog_release: false
generate_docs: true generate_docs: true
path: /home/runner/.ansible/collections/ansible_collections/kubevirt/core path: ${{ env.work_dir }}/${{ env.collection_dir }}
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
bot_email: kubevirtbot@redhat.com bot_email: kubevirtbot@redhat.com
bot_account: kubevirt-bot bot_account: kubevirt-bot

17
.github/workflows/extra-docs-linting.yml vendored
View File

@@ -1,24 +1,21 @@
name: Lint extra docsite docs and links ---
name: Lint docs
# yamllint disable-line rule:truthy
on: on:
# Run CI against all pushes (direct commits, also merged PRs), Pull Requests
push: push:
branches: branches:
- main - main
- stable-*
pull_request: pull_request:
# Run CI once per day (at 06:00 UTC) # Run CI once per day (at 06:00 UTC)
# This ensures that even if there haven't been commits that we are still testing against latest version of ansible-test for each ansible-base version # This ensures that even if there haven't been commits that we are still
# testing against latest version of ansible-test for each ansible-base version
schedule: schedule:
- cron: '0 6 * * *' - cron: "0 6 * * *"
jobs: jobs:
docsite: linter:
name: Lint extra docsite docs and links
permissions:
contents: read
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out code - name: Check out code
uses: actions/checkout@v4 uses: actions/checkout@v4

61
.github/workflows/integration.yml vendored
View File

@@ -1,4 +1,6 @@
---
name: Integration tests name: Integration tests
# yamllint disable-line rule:truthy
on: on:
workflow_call: workflow_call:
inputs: inputs:
@@ -45,12 +47,13 @@ on:
type: string type: string
jobs: jobs:
integration: integration:
env: name: >-
PY_COLORS: "1" ${{ matrix.test-target }} /
source: "./source" py${{ matrix.python-version }} /
core: "./core" ${{ matrix.ansible-version }}
cloud_common: "./cloudcommon" runs-on: ubuntu-latest
ansible_posix: "./ansible_posix" continue-on-error: >-
${{ contains(fromJSON(inputs.unstable), matrix.ansible-version) }}
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@@ -68,43 +71,44 @@ jobs:
- "3.12" - "3.12"
exclude: ${{ fromJSON(inputs.matrix_exclude) }} exclude: ${{ fromJSON(inputs.matrix_exclude) }}
include: ${{ fromJSON(inputs.matrix_include) }} include: ${{ fromJSON(inputs.matrix_include) }}
runs-on: ubuntu-latest env:
continue-on-error: ${{ contains(fromJSON(inputs.unstable), matrix.ansible-version) }} source_directory: ./source
name: "${{ matrix.test-target }} / py${{ matrix.python-version }} / ${{ matrix.ansible-version }}"
steps: steps:
- name: Checkout kubevirt.core repository - name: Checkout kubevirt.core repository
if: inputs.ansible_test_targets != ''
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
path: ${{ env.source }} path: ${{ env.source_directory }}
fetch-depth: 0 fetch-depth: 0
if: inputs.ansible_test_targets != ''
- name: install dependencies collection - name: Install collection dependencies
if: inputs.ansible_test_targets != ''
run: | run: |
ansible-galaxy collection install ansible.posix --force --pre -p /home/runner/collections ansible-galaxy collection install \
ansible-galaxy collection install cloud.common --force --pre -p /home/runner/collections -r ${{ env.source_directory }}/requirements.yml \
ansible-galaxy collection install kubernetes.core --force --pre -p /home/runner/collections -p /home/runner/collections --force-with-deps
if: inputs.ansible_test_targets != ''
- name: install kubevirt.core collection - name: Install kubevirt.core collection
id: install-collection id: install
if: inputs.ansible_test_targets != ''
# yamllint disable-line rule:line-length
uses: ansible-network/github_actions/.github/actions/build_install_collection@main uses: ansible-network/github_actions/.github/actions/build_install_collection@main
with: with:
install_python_dependencies: true install_python_dependencies: true
source_path: ${{ env.source }} source_path: ${{ env.source_directory }}
if: inputs.ansible_test_targets != ''
- name: install kind / kubectl - name: Install kind / kubectl
if: inputs.ansible_test_targets != ''
uses: helm/kind-action@v1.9.0 uses: helm/kind-action@v1.9.0
with: with:
install_only: true install_only: true
if: inputs.ansible_test_targets != ''
- name: deploy kubevirt - name: Deploy kubevirt
if: inputs.ansible_test_targets != '' if: inputs.ansible_test_targets != ''
shell: bash
run: >- run: >-
${{ env.source }}/hack/e2e-setup.sh \ ${{ env.source_directory }}/hack/e2e-setup.sh \
-v \ -v \
--configure-inotify-limits \ --configure-inotify-limits \
--configure-secondary-network \ --configure-secondary-network \
@@ -114,19 +118,18 @@ jobs:
--deploy-cnao \ --deploy-cnao \
--create-cluster \ --create-cluster \
--create-nad --create-nad
shell: bash
env: env:
CLUSTER_NAME: kv-testing
KIND: kind KIND: kind
KUBECTL: kubectl KUBECTL: kubectl
- name: Run integration tests - name: Run integration tests
if: inputs.ansible_test_targets != ''
# yamllint disable-line rule:line-length
uses: ansible-network/github_actions/.github/actions/ansible_test_integration@main uses: ansible-network/github_actions/.github/actions/ansible_test_integration@main
with: with:
collection_path: ${{ steps.install-collection.outputs.collection_path }} collection_path: ${{ steps.install.outputs.collection_path }}
python_version: ${{ matrix.python-version }} python_version: ${{ matrix.python-version }}
ansible_version: ${{ matrix.ansible-version }} ansible_version: ${{ matrix.ansible-version }}
ansible_test_targets: ${{ matrix.test-target }} ansible_test_targets: ${{ matrix.test-target }}
if: inputs.ansible_test_targets != ''
env: env:
ANSIBLE_COLLECTIONS_PATHS: /home/runner/collections ANSIBLE_COLLECTIONS_PATHS: /home/runner/collections

49
.github/workflows/release.yml vendored
View File

@@ -1,22 +1,21 @@
--- ---
name: Release collection name: Release collection
# yamllint disable-line rule:truthy
on: on:
workflow_dispatch: workflow_dispatch:
jobs: jobs:
release: release:
runs-on: ubuntu-latest runs-on: ubuntu-latest
# Do not run in private forks
if: github.repository == 'kubevirt/kubevirt.core' if: github.repository == 'kubevirt/kubevirt.core'
permissions:
actions: write
checks: write
contents: write
deployments: write
packages: write
pages: write
outputs: outputs:
tag_version: ${{ steps.get_version.outputs.TAG_VERSION }} tag_version: ${{ steps.version.outputs.VERSION }}
permissions:
contents: write
actions: write
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
@@ -29,15 +28,19 @@ jobs:
cache: pip cache: pip
- name: Get current version - name: Get current version
id: get_version id: version
run: echo "::set-output name=TAG_VERSION::$(grep version galaxy.yml | awk -F'"' '{ print $2 }')" run: |
VERSION=$(grep version galaxy.yml | awk -F'"' '{ print $2 }')
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
- name: Check if tag exists - name: Check if tag exists
id: check_tag id: exists
run: echo "::set-output name=TAG_EXISTS::$(git tag | grep ${{ steps.get_version.outputs.TAG_VERSION }})" run: |
EXISTS=$(git tag | grep ${{ steps.version.outputs.VERSION }})
echo "EXISTS=$EXISTS" >> $GITHUB_OUTPUT
- name: Fail if tag exists - name: Fail if tag exists
if: ${{ steps.get_version.outputs.TAG_VERSION == steps.check_tag.outputs.TAG_EXISTS }} if: ${{ steps.version.outputs.VERSION == steps.exists.outputs.EXISTS }}
uses: actions/github-script@v7 uses: actions/github-script@v7
with: with:
script: | script: |
@@ -47,7 +50,8 @@ jobs:
run: | run: |
python -m pip install --upgrade pip python -m pip install --upgrade pip
pip install ansible-core antsibull pip install ansible-core antsibull
ansible-galaxy collection install -r requirements.yml -p /home/runner/.ansible/collections --force-with-deps ansible-galaxy collection install -r requirements.yml \
-p /home/runner/.ansible/collections --force-with-deps
sudo apt install -y sed hub sudo apt install -y sed hub
- name: Build collection - name: Build collection
@@ -69,31 +73,34 @@ jobs:
bot_account: kubevirt-bot bot_account: kubevirt-bot
- name: Publish collection - name: Publish collection
run: |
ansible-galaxy collection publish *.tar.gz \
--api-key "$ANSIBLE_GALAXY_API_KEY"
env: env:
ANSIBLE_GALAXY_API_KEY: ${{ secrets.ANSIBLE_GALAXY_API_KEY }} ANSIBLE_GALAXY_API_KEY: ${{ secrets.ANSIBLE_GALAXY_API_KEY }}
run: |
ansible-galaxy collection publish *.tar.gz --api-key $ANSIBLE_GALAXY_API_KEY
- name: Create release tag - name: Create release tag
run: | run: |
git config user.name kubevirt-bot git config user.name kubevirt-bot
git config user.email kubevirtbot@redhat.com git config user.email kubevirtbot@redhat.com
git tag -a ${{ steps.get_version.outputs.TAG_VERSION }} -m "Release v${{ steps.get_version.outputs.TAG_VERSION }}" || true git tag -a ${{ steps.version.outputs.VERSION }} \
-m "Release v${{ steps.version.outputs.VERSION }}" || true
git push origin --tags git push origin --tags
- name: Publish Release - name: Publish Release
uses: softprops/action-gh-release@v1 uses: softprops/action-gh-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with: with:
tag_name: ${{ steps.get_version.outputs.TAG_VERSION }} tag_name: ${{ steps.version.outputs.VERSION }}
files: "*.tar.gz" files: "*.tar.gz"
body_path: gh-release.md body_path: gh-release.md
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run docs workflow - name: Run docs workflow
run: | run: |
gh workflow run docs.yml --ref main gh workflow run docs.yml --ref main
gh workflow run docs.yml --ref ${{ steps.get_version.outputs.TAG_VERSION }} gh workflow run docs.yml \
--ref ${{ steps.version.outputs.VERSION }}
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}