Skip to content

GHA: fix contributors token #1

GHA: fix contributors token

GHA: fix contributors token #1

Workflow file for this run

name: CI
on:
push:
paths-ignore:
- '.github/**'
- '*.md'
- '.gitignore'
- 'roles/settings/**'
branches-ignore:
- 'dependabot/**'
pull_request:
paths-ignore:
- '*.md'
- '.gitignore'
- 'roles/settings/**'
workflow_dispatch:
permissions:
contents: write
actions: write
jobs:
ansible-lint:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
cache: 'pip'
cache-dependency-path: 'requirements/requirements-lint.txt'
- name: Install packages
run: pip install -r ./requirements/requirements-lint.txt
- name: Run ansible linter
working-directory: ${{ github.workspace }}
run: ansible-lint
- name: Run salty linter
run: python3 ./scripts/salty-linter.py ./roles
check-entries:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Check Missing Entries
run: ./scripts/check_missing_entries.sh
find-roles:
runs-on: ubuntu-22.04
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- id: set-matrix
run: echo "matrix={\"roles\":[$(awk '/# Apps Start/{flag=1;next}/# Apps End/{flag=0}flag' sandbox.yml | awk '!/#/' | awk -F'[][]' '{print $2}' | tr '\n' ',' | sed 's/,*$//' | awk -F',' '{ for( i=1; i<=NF; i++ ) print $i }' | awk '{ gsub(/ /,""); print }'| sort -u | awk -vORS=, '{ print $1 }' | sed 's/,$/\n/')]}" >> $GITHUB_OUTPUT
install:
name: '${{ matrix.roles }}'
needs: [ansible-lint, check-entries, find-roles]
runs-on: ubuntu-22.04
strategy:
matrix: ${{ fromJson(needs.find-roles.outputs.matrix) }}
fail-fast: false
steps:
- uses: actions/checkout@v4
- name: Install Dependencies
run: curl https://raw.githubusercontent.com/saltyorg/sb/master/sb_install.sh --output sb_install.sh && sudo bash sb_install.sh -v && ansible --version
- name: Chown /srv/git
run: sudo chown -R runner:runner /srv/git
- name: Print pip dependencies
run: cat /srv/git/sb/requirements-saltbox.txt
- name: Edit accounts.yml
run: cd /srv/git/saltbox && sed -i 's/seed/runner/g' accounts.yml
- name: Create, chown and chmod /tmp/ansible
run: sudo mkdir /tmp/ansible && sudo chown -R runner:runner /tmp/ansible && chmod 0777 /tmp/ansible
- name: Syntax Check
run: cd /srv/git/saltbox && sudo ansible-playbook saltbox.yml --syntax-check
- name: Create CI vars file
run: |
echo "continuous_integration: true" > /tmp/vars.yml
echo "dockerhub:" >> /tmp/vars.yml
echo " token: ${{ secrets.DOCKERHUB_TOKEN }}" >> /tmp/vars.yml
echo " user: ${{ secrets.DOCKERHUB_USERNAME }}" >> /tmp/vars.yml
- name: Install Saltbox Core
run: cd /srv/git/saltbox && sudo ansible-playbook saltbox.yml --tags "core" --skip-tags "settings" --extra-vars "@/tmp/vars.yml"
- name: Copy default configuration
run: cp -n defaults/ansible.cfg.default ansible.cfg && cp -n defaults/settings.yml.default settings.yml
- name: Install ${{ matrix.roles }}
run: sudo ansible-playbook sandbox.yml --tags "${{ matrix.roles }}" --skip-tags "settings" --extra-vars "@/tmp/vars.yml"
webhook:
name: 'webhook'
runs-on: ubuntu-22.04
needs: [ansible-lint, check-entries, find-roles, install]
if: always() && (github.actor == 'dependabot[bot]' || (github.event_name != 'pull_request' && github.event.repository.fork == false))
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: Determine Workflow Conclusion
run: python3 ./scripts/workflow-status.py '${{ toJSON(needs) }}'
- uses: sarisia/actions-status-discord@v1
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}
status: ${{ env.WORKFLOW_CONCLUSION }}
description: "Run attempt: ${{ github.run_attempt }}"
retry-on-failure:
if: failure() && github.actor != 'dependabot[bot]' && fromJSON(github.run_attempt) < 3
needs: [install, webhook]
runs-on: ubuntu-latest
steps:
- env:
GH_REPO: ${{ github.repository }}
GH_TOKEN: ${{ github.token }}
run: gh workflow run retry.yml -F run_id=${{ github.run_id }}