From 8b192bd114cad9c3fdd394bad923e63b52958be2 Mon Sep 17 00:00:00 2001 From: Ashman Malik Date: Wed, 4 Dec 2024 13:26:22 +1000 Subject: [PATCH] DX-880 Update workflows --- .github/CODEOWNERS | 4 + .github/dependabot.yml | 10 +++ .github/workflows/auto-approve.yml | 44 +++++++++++ .github/workflows/pr-lint.yml | 115 +++++++++++++++++++++++++++++ .github/workflows/release.yml | 59 +++++++++++++++ redocly.yaml | 8 ++ 6 files changed, 240 insertions(+) create mode 100644 .github/CODEOWNERS create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/auto-approve.yml create mode 100644 .github/workflows/pr-lint.yml create mode 100644 .github/workflows/release.yml create mode 100644 redocly.yaml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..0dfca06 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,4 @@ +# This is a CODEOWNERS file +# It defines individuals or teams that are responsible for code in this repository. + +* @basiqio-oss/developer-experience \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..dfd0e30 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,10 @@ +# Set update schedule for GitHub Actions + +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every week + interval: "weekly" diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml new file mode 100644 index 0000000..c65cc43 --- /dev/null +++ b/.github/workflows/auto-approve.yml @@ -0,0 +1,44 @@ +name: Dependabot auto-merge + +on: + pull_request: + +permissions: read-all + +jobs: + dependabot: + permissions: + contents: write + pull-requests: write + + runs-on: ubuntu-latest + if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} + + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 # v2.2.0 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + - if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' }} + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3.5 + + - name: Approve a PR if not already approved + if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' }} + run: | + gh pr checkout "$PR_URL" # sets the upstream metadata for `gh pr status` + if [ "$(gh pr status --json reviewDecision -q .currentBranch.reviewDecision)" != "APPROVED" ]; + then gh pr review --approve "$PR_URL" + else echo "PR already approved, skipping additional approvals to minimize emails/notification noise."; + fi + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + + - name: Enable auto-merge for Dependabot PRs + if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch' }} + run: gh pr merge --auto --squash "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pr-lint.yml b/.github/workflows/pr-lint.yml new file mode 100644 index 0000000..55b5957 --- /dev/null +++ b/.github/workflows/pr-lint.yml @@ -0,0 +1,115 @@ +name: PR and Branch Linting + +on: + pull_request: + types: ['opened', 'edited'] + workflow_dispatch: # Allow manual triggering of the workflow + +jobs: + pr-lint: + name: PR Linting + runs-on: ubuntu-latest + steps: + - uses: seferov/pr-lint-action@2f6ccc0e32d53505ab87d1340a8b5c42cb874bd6 # v1.2.0 + with: + title-regex: '^(DX|DSO|Bump).+' + title-regex-flags: 'g' + error-message: 'Add Jira ID to your title in the correct format' + + branch-naming-rules: + name: Branch Linting + runs-on: ubuntu-latest + needs: pr-lint + steps: + - uses: deepakputhraya/action-branch-name@master + with: + regex: '^(DX|DSO|Bump).+' + ignore: master,main + min_length: 2 + max_length: 100 + + lint: + runs-on: ubuntu-latest + needs: branch-naming-rules + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Set up Node.js + uses: actions/setup-node@v4 + with: + node-version: '20' + + - name: Install Redocly CLI + run: npm install -g @redocly/cli + + - name: Lint Core + id: lint-core + run: npx @redocly/cli lint core.yml || echo "Warnings or errors in core.yml" + + - name: Lint Data + id: lint-data + run: npx @redocly/cli lint data.yml || echo "Warnings or errors in data.yml" + + - name: Lint Services + id: lint-services + run: npx @redocly/cli lint services.yml || echo "Warnings or errors in services.yml" + + - name: Lint Reports + id: lint-reports + run: npx @redocly/cli lint reports.yml || echo "Warnings or errors in reports.yml" + + - name: Lint Affordability + id: lint-affordability + run: npx @redocly/cli lint affordability.yml || echo "Warnings or errors in affordability.yml" + + - name: Lint Enrich + id: lint-enrich + run: npx @redocly/cli lint enrich.yml || echo "Warnings or errors in enrich.yml" + + - name: Lint Identity + id: lint-identity + run: npx @redocly/cli lint identity.yml || echo "Warnings or errors in identity.yml" + + - name: Lint Webhooks + id: lint-webhooks + run: npx @redocly/cli lint webhooks.yml || echo "Warnings or errors in webhooks.yml" + + - name: Check for Linting Warnings or Errors + id: check-lint-warnings + run: | + warnings=0 + for file in core data services reports affordability enrich identity webhooks; do + if [[ $(npx @redocly/cli lint $file.yml || echo "fail") == "fail" ]]; then + warnings=1 + fi + done + echo "warnings=$warnings" >> $GITHUB_ENV + + - name: Send Slack Notification if Warnings Exist + if: env.warnings == '1' + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d + with: + payload: | + { + "text": "Linting Warnings Detected in GitHub Actions :warning:", + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "Linting Notification", + "emoji": true + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "*Warnings detected during linting.*\n*Repository:* ${{ github.repository }}\n*Actor:* ${{ github.actor }}\n*Pull Request:* <${{ github.event.pull_request.html_url }}|PR Link>" + } + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..668693b --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,59 @@ +name: Release + +# Run workflow for every push to the `main` branch +on: + push: + branches: + - main + paths-ignore: + - 'README.md' + +permissions: + id-token: write + pull-requests: write + contents: write + +env: + PAT_GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + +jobs: + DeployProd: + runs-on: ubuntu-latest + steps: + - name: Checkout this repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3.5 + + - name: Bump version and push tag + id: tag_version + uses: mathieudutour/github-tag-action@v6.2 # Leverages SemVer as per https://github.com/angular/angular.js/blob/master/DEVELOPERS.md#-git-commit-guidelines + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + + - name: Create a GitHub release + uses: ncipollo/release-action@v1.14.0 + with: + tag: ${{ steps.tag_version.outputs.new_tag }} + name: Release ${{ steps.tag_version.outputs.new_tag }} + body: ${{ steps.tag_version.outputs.changelog }} + + - name: Send custom JSON data to Slack workflow + id: slack + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 + with: + webhook-type: 'incoming-webhook' # Explicitly define the webhook type + # For posting a rich message using Block Kit + payload: | + { + "text": "GitHub Action build result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "GitHub Action build result: ${{ job.status }} actor:${{ github.actor }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}" + } + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URLS }} \ No newline at end of file diff --git a/redocly.yaml b/redocly.yaml new file mode 100644 index 0000000..3695be2 --- /dev/null +++ b/redocly.yaml @@ -0,0 +1,8 @@ +extends: + - recommended + +apis: + Reports: + root: reports.yml + rules: + no-ambiguous-paths: off \ No newline at end of file