Skip to content

Commit

Permalink
feat: upgrade ci to use docker caching, apply pr labels, and lint pr …
Browse files Browse the repository at this point in the history
…titles
  • Loading branch information
JossWhittle committed Apr 4, 2024
1 parent 07ec423 commit 6f3f08b
Show file tree
Hide file tree
Showing 11 changed files with 215 additions and 38 deletions.
File renamed without changes.
15 changes: 15 additions & 0 deletions .github/commitlint.config.mjs
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
import { RuleConfigSeverity } from '@commitlint/types';

export default {
extends: ['@commitlint/config-conventional'],
parserPreset: 'conventional-changelog-conventionalcommits',
rules: {
'scope-enum': [RuleConfigSeverity.Error, 'always', [
'',
'deps',
'controller-container',
'guacamole-chart',
'guacamole-crds-chart'
]]
}
};
32 changes: 32 additions & 0 deletions .github/labeler.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
# Release branches where trunk branches are merge-committed to trigger releases

release:
- base-branch:
- 'main'
- 'maintenance/.+/[0-9]+\.([0-9]+|x)\.x'

# Label any maintenance branch, trunk and release

maintenance:
- base-branch:
- 'maintenance/.+/[0-9]+\.([0-9]+|x)\.x'

# Label PRs into the main branch

main:
- base-branch:
- 'main'

# Labels for PRs on asset specific branches

controller-container:
- base-branch:
- '.+/controller-container(/.+)?'

guacamole-chart:
- base-branch:
- '.+/guacamole-chart(/.+)?'

guacamole-crds-chart:
- base-branch:
- '.+/guacamole-crds-chart(/.+)?'
14 changes: 14 additions & 0 deletions .github/pull_request_template.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
## :construction: Suggest a change

A clear and concise description of what you are changing.

## :memo: Pre-merge checklist

Ready to merge? Do not merge until all checks are satisfied.
- [ ] :chart: Have all `required` CI checks passed on the most recent commit?
- [ ] :black_nib: Is the PR title a valid and meaningful conventional-commit message? ie. `type(scope): summary`
- [ ] :boom: Are `breaking changes` declared in the PR title in conventional-commit style? ie. `type!(scope): summary`
- [ ] :art: Does new code follow the code style of this project?
- [ ] :mag: Has new code been spellchecked and linted?
- [ ] :book: Have docs been updated where necessary?
- [ ] :poop: Have commits been checked for accidental file inclusions?
28 changes: 26 additions & 2 deletions .github/workflows/controller-container.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,28 @@ name: Controller Container

on:
pull_request:
# Ignore PRs on branches specifically intended for other assets
branches-ignore:
- '*/guacamole-chart*'
- '*/guacamole-crds-chart*'
# Only consider PRs that change files for this asset, including ci scripts
paths:
- '.github/workflows/flake8.yaml'
- '.github/workflows/controller-container.yaml'
- 'containers/controller/**'
# Make sure all workflows that are "required checks" for a given
# branch protection rule have the same paths: and branches-ignore:
# filters. Otherwise, you can end up in a deadlock waiting on a
# required check that will never be executed.
push:
# Only release off of release and maintenance branches for this asset
branches:
- main
- 'maintenance/controller-container/[0-9]+.x.x'
- 'maintenance/controller-container/[0-9]+.[0-9]+.x'
- 'main'
# Only consider pushes that change files for this asset, including ci scripts
paths:
- '.github/workflows/controller-container.yaml'
- 'containers/controller/**'

permissions:
Expand All @@ -17,17 +33,25 @@ permissions:

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
# Needed to generate releases safely
cancel-in-progress: false

jobs:
# Job name must be unique across repo to target
# branch protection rules "required checks" properly!
controller-container:
uses: SwanseaUniversityMedical/workflows/.github/workflows/pr-and-release-container.yaml@v1.4.2-containers
uses: SwanseaUniversityMedical/workflows/.github/workflows/pr-and-release-container.yaml@v1.6.0-containers
with:
job-name: controller-container
registry: ${{ vars.HARBOR_REGISTRY }}
registry-user: ${{ vars.HARBOR_USER }}
registry-repo: ${{ vars.HARBOR_PROJECT }}/controller
release-tag-format: 'controller-container-${version}'
release-branches: |
[
'maintenance/controller-container/[0-9]+\.([0-9]+|x)\.x',
'main'
]
cosign-public-key: ${{ vars.COSIGN_PUBLIC_KEY }}
slack-channel: ${{ vars.SLACK_CHANNEL }}
build-file: containers/controller/Dockerfile
Expand Down
42 changes: 42 additions & 0 deletions .github/workflows/controller-flake8.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Controller Flake8

on:
pull_request:
# Ignore PRs on branches specifically intended for other assets
branches-ignore:
- '*/guacamole-chart*'
- '*/guacamole-crds-chart*'
# Only consider PRs that change files for this asset, including ci scripts
paths:
- '.github/workflows/flake8.yaml'
- '.github/workflows/controller-container.yaml'
- 'containers/controller/**'
# Make sure all workflows that are "required checks" for a given
# branch protection rule have the same paths: and branches-ignore:
# filters. Otherwise, you can end up in a deadlock waiting on a
# required check that will never be executed.

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
# This linting can be cancelled if there is a newer commit to lint
cancel-in-progress: true

jobs:
controller-flake8:
runs-on:
labels: [self-hosted, linux, x64]
group: light

steps:
- name: clone repo
uses: actions/checkout@v4

- name: install flake8
run: pip install flake8

- name: install flake8 annotations
uses: rbialon/flake8-annotations@v1

- name: run flake8
run: |
flake8 --config=".github/.flake8" containers/controller/src
31 changes: 0 additions & 31 deletions .github/workflows/flake8.yaml

This file was deleted.

27 changes: 25 additions & 2 deletions .github/workflows/guacamole-chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,27 @@ name: Guacamole Chart

on:
pull_request:
# Ignore PRs on branches specifically intended for other assets
branches-ignore:
- '*/controller-container*'
- '*/guacamole-crds-chart*'
# Only consider PRs that change files for this asset, including ci scripts
paths:
- '.github/workflows/guacamole-chart.yaml'
- 'charts/guacamole/**'
# Make sure all workflows that are "required checks" for a given
# branch protection rule have the same paths: and branches-ignore:
# filters. Otherwise, you can end up in a deadlock waiting on a
# required check that will never be executed.
push:
# Only release off of release and maintenance branches for this asset
branches:
- main
- 'maintenance/guacamole-chart/[0-9]+.x.x'
- 'maintenance/guacamole-chart/[0-9]+.[0-9]+.x'
- 'main'
# Only consider pushes that change files for this asset, including ci scripts
paths:
- '.github/workflows/guacamole-chart.yaml'
- 'charts/guacamole/**'

permissions:
Expand All @@ -17,18 +32,26 @@ permissions:

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
# Needed to generate releases safely
cancel-in-progress: false

jobs:
# Job name must be unique across repo to target
# branch protection rules "required checks" properly!
guacamole-chart:
uses: SwanseaUniversityMedical/workflows/.github/workflows/pr-and-release-chart.yaml@v1.2.0-charts
uses: SwanseaUniversityMedical/workflows/.github/workflows/pr-and-release-chart.yaml@v1.3.0-charts
with:
job-name: guacamole-chart
registry: ${{ vars.HARBOR_REGISTRY }}
registry-user: ${{ vars.HARBOR_USER }}
registry-project: ${{ vars.HARBOR_PROJECT }}
registry-repo: guacamole
release-tag-format: 'guacamole-chart-${version}'
release-branches: |
[
'maintenance/guacamole-chart/[0-9]+\.([0-9]+|x)\.x',
'main'
]
cosign-public-key: ${{ vars.COSIGN_PUBLIC_KEY }}
slack-channel: ${{ vars.SLACK_CHANNEL }}
chart: charts/guacamole
Expand Down
29 changes: 26 additions & 3 deletions .github/workflows/guacamole-crds-chart.yaml
Original file line number Diff line number Diff line change
@@ -1,13 +1,28 @@
name: Guacamole Chart
name: Guacamole CRDs Chart

on:
pull_request:
# Ignore PRs on branches specifically intended for other assets
branches-ignore:
- '*/controller-container*'
- '*/guacamole-chart*'
# Only consider PRs that change files for this asset, including cQi scripts
paths:
- '.github/workflows/guacamole-crds-chart.yaml'
- 'charts/guacamole-crds/**'
# Make sure all workflows that are "required checks" for a given
# branch protection rule have the same paths: and branches-ignore:
# filters. Otherwise, you can end up in a deadlock waiting on a
# required check that will never be executed.
push:
# Only release off of release and maintenance branches for this asset
branches:
- main
- 'maintenance/guacamole-crds-chart/[0-9]+.x.x'
- 'maintenance/guacamole-crds-chart/[0-9]+.[0-9]+.x'
- 'main'
# Only consider pushes that change files for this asset, including ci scripts
paths:
- '.github/workflows/guacamole-crds-chart.yaml'
- 'charts/guacamole-crds/**'

permissions:
Expand All @@ -17,18 +32,26 @@ permissions:

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
# Needed to generate releases safely
cancel-in-progress: false

jobs:
# Job name must be unique across repo to target
# branch protection rules "required checks" properly!
guacamole-crds-chart:
uses: SwanseaUniversityMedical/workflows/.github/workflows/pr-and-release-chart.yaml@v1.2.0-charts
uses: SwanseaUniversityMedical/workflows/.github/workflows/pr-and-release-chart.yaml@v1.3.0-charts
with:
job-name: guacamole-crds-chart
registry: ${{ vars.HARBOR_REGISTRY }}
registry-user: ${{ vars.HARBOR_USER }}
registry-project: ${{ vars.HARBOR_PROJECT }}
registry-repo: guacamole-crds
release-tag-format: 'guacamole-crds-chart-${version}'
release-branches: |
[
'maintenance/guacamole-crds-chart/[0-9]+\.([0-9]+|x)\.x',
'main'
]
cosign-public-key: ${{ vars.COSIGN_PUBLIC_KEY }}
slack-channel: ${{ vars.SLACK_CHANNEL }}
chart: charts/guacamole-crds
Expand Down
17 changes: 17 additions & 0 deletions .github/workflows/pr-labeler.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
name: Label PR

on:
pull_request:
# Run on all PRs whenever they are opened
types:
- opened
- reopened

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
# This labelling can be cancelled if there is a newer run
cancel-in-progress: true

jobs:
pr-labeler:
uses: SwanseaUniversityMedical/workflows/.github/workflows/[email protected]
18 changes: 18 additions & 0 deletions .github/workflows/pr-title-commitlint.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
name: Commit Lint PR Title

on:
pull_request:
# Run on all PRs whenever the title could have changed
types:
- opened
- reopened
- edited

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
# This linting can be cancelled if there is a newer commit to lint
cancel-in-progress: true

jobs:
pr-title-commitlint:
uses: SwanseaUniversityMedical/workflows/.github/workflows/[email protected]

0 comments on commit 6f3f08b

Please sign in to comment.