Gerrit Verify #80
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Gerrit Verify | |
# yamllint disable-line rule:truthy | |
on: | |
workflow_dispatch: | |
inputs: | |
GERRIT_BRANCH: | |
description: "Branch that change is against" | |
required: true | |
type: string | |
GERRIT_CHANGE_ID: | |
description: "The ID for the change" | |
required: true | |
type: string | |
GERRIT_CHANGE_NUMBER: | |
description: "The Gerrit number" | |
required: true | |
type: string | |
GERRIT_CHANGE_URL: | |
description: "URL to the change" | |
required: true | |
type: string | |
GERRIT_EVENT_TYPE: | |
description: "Type of Gerrit event" | |
required: true | |
type: string | |
GERRIT_PATCHSET_NUMBER: | |
description: "The patch number for the change" | |
required: true | |
type: string | |
GERRIT_PATCHSET_REVISION: | |
description: "The revision sha" | |
required: true | |
type: string | |
GERRIT_PROJECT: | |
description: "Project in Gerrit" | |
required: true | |
type: string | |
GERRIT_REFSPEC: | |
description: "Gerrit refspec of change" | |
required: true | |
type: string | |
env: | |
PACKER_VERSION: "1.8.6" | |
concurrency: | |
group: ${{ github.event.inputs.GERRIT_CHANGE_ID || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
prepare: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Clear votes | |
uses: lfit/gerrit-review-action@v0.3 | |
with: | |
host: ${{ vars.GERRIT_SERVER }} | |
username: ${{ vars.GERRIT_SSH_USER }} | |
key: ${{ secrets.GERRIT_SSH_PRIVKEY }} | |
known_hosts: ${{ vars.GERRIT_KNOWN_HOSTS }} | |
gerrit-change-number: ${{ inputs.GERRIT_CHANGE_NUMBER }} | |
gerrit-patchset-number: ${{ inputs.GERRIT_PATCHSET_NUMBER }} | |
vote-type: clear | |
- name: Allow replication | |
run: sleep 10s | |
actionlint: | |
needs: prepare | |
runs-on: ubuntu-latest | |
steps: | |
- uses: lfit/checkout-gerrit-change-action@v0.3 | |
with: | |
gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }} | |
delay: "0s" | |
- name: Download actionlint | |
id: get_actionlint | |
run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) | |
shell: bash | |
- name: Check workflow files | |
run: ${{ steps.get_actionlint.outputs.executable }} -color | |
shell: bash | |
# run pre-commit tox env separately to get use of more parallel processing | |
pre-commit: | |
needs: prepare | |
runs-on: ubuntu-latest | |
steps: | |
- uses: lfit/checkout-gerrit-change-action@v0.3 | |
with: | |
gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }} | |
delay: "0s" | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.11" | |
- name: Run static analysis and format checkers | |
run: pipx run pre-commit run --all-files --show-diff-on-failure | |
jjb-validation: | |
needs: prepare | |
runs-on: ubuntu-latest | |
steps: | |
- uses: lfit/checkout-gerrit-change-action@v0.3 | |
with: | |
gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }} | |
delay: "0s" | |
- uses: actions/setup-python@v4 | |
id: setup-python | |
with: | |
python-version: "3.11" | |
- name: Clone git submodules | |
run: git submodule update --init | |
- name: Run JJB Verify | |
run: | | |
python -m pip install --upgrade pip | |
pip install jenkins-job-builder | |
mkdir -p "${HOME}/.config/jenkins_jobs" | |
cat << EOF > "${HOME}/.config/jenkins_jobs/jenkins_jobs.ini" | |
[job_builder] | |
ignore_cache=True | |
keep_descriptions=False | |
include_path=. | |
recursive=True | |
query_plugins_info=False | |
config-xml=True | |
EOF | |
jenkins-jobs test -o archives/job-configs jjb/ | |
tox-verify: | |
needs: prepare | |
runs-on: ubuntu-latest | |
steps: | |
- uses: lfit/checkout-gerrit-change-action@v0.3 | |
with: | |
gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }} | |
delay: "0s" | |
- uses: actions/setup-python@v4 | |
id: setup-python | |
with: | |
python-version: "3.11" | |
- name: Run tox | |
run: >- | |
pipx run tox | |
packer-validation: | |
needs: prepare | |
runs-on: ubuntu-latest | |
steps: | |
- uses: lfit/checkout-gerrit-change-action@v0.3 | |
with: | |
gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }} | |
delay: "0s" | |
- name: Setup packer | |
uses: hashicorp/setup-packer@main | |
id: setup | |
env: | |
AUTH_URL: ${{ secrets.cloud_auth_url }} | |
CLOUD_ENV: "packer/cloud-env.json" | |
with: | |
cloud_auth_url: "https://auth.vexxhost.net/v3/" | |
cloud_tenant: ${{ secrets.cloud_tenant }} | |
cloud_user: ${{ secrets.cloud_user }} | |
cloud_network: ${{ secrets.cloud_network }} | |
version: ${{ env.PACKER_VERSION }} | |
cloud_pass: ${{ secrets.cloud_pass }} | |
dicrectory: packer | |
file_name: cloud-env.json | |
fail_on_empty: true | |
- name: Clone git submodules | |
run: git submodule update --init | |
- uses: dorny/paths-filter@v2 | |
id: changes | |
with: | |
filters: | | |
src: | |
- 'packer/**' | |
- if: steps.changes.outputs.src == 'true' | |
run: | | |
cd packer | |
varfiles=(vars/*.json common-packer/vars/*.json) | |
templates=(templates/*.json) | |
for varfile in "${varfiles[@]}"; do | |
# cloud-env.json is a file containing credentials which is pulled in via | |
# CLOUDENV variable so skip it here. Also handle the case where a project | |
# has not vars/*.json file. | |
if [[ "$varfile" == *"cloud-env.json"* ]] || [[ "$varfile" == 'vars/*.json' ]]; then | |
continue | |
fi | |
echo "-----> Testing varfile: $varfile" | |
for template in "${templates[@]}"; do | |
export PACKER_LOG="yes" | |
export PACKER_LOG_PATH="$PACKER_LOGS_DIR/packer-validate-${varfile##*/}-${template##*/}.log" | |
if output=$(packer validate -var-file="$CLOUDENV" -var-file="$varfile" "$template"); then | |
echo "$template: $output" | |
else | |
echo "$template: $output" | |
exit 1 | |
fi | |
done | |
done | |
vote: | |
if: ${{ always() }} | |
needs: | |
[ | |
prepare, | |
actionlint, | |
pre-commit, | |
jjb-validation, | |
tox-verify, | |
packer-validation, | |
] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: technote-space/workflow-conclusion-action@v3 | |
- name: Set vote | |
uses: lfit/gerrit-review-action@v0.3 | |
with: | |
host: ${{ vars.GERRIT_SERVER }} | |
username: ${{ vars.GERRIT_SSH_USER }} | |
key: ${{ secrets.GERRIT_SSH_PRIVKEY }} | |
known_hosts: ${{ vars.GERRIT_KNOWN_HOSTS }} | |
gerrit-change-number: ${{ inputs.GERRIT_CHANGE_NUMBER }} | |
gerrit-patchset-number: ${{ inputs.GERRIT_PATCHSET_NUMBER }} | |
vote-type: ${{ env.WORKFLOW_CONCLUSION }} |