Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(ci): enable shellcheck and integrate check-status workflow (#1579) #1633

Merged
merged 1 commit into from
Aug 19, 2024
Merged

chore(ci): enable shellcheck and integrate check-status workflow (#1579) #1633

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 21 additions & 14 deletions .github/workflows/actionlint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ concurrency:
cancel-in-progress: true

on:
workflow_dispatch:
pull_request:
branches:
- develop
Expand All @@ -15,38 +16,45 @@ on:
- release-*
paths:
- ".github/**"
- "**/packaging/*.ya?ml"

jobs:
actionlint:
runs-on: ubuntu-22.04
action-lint:
runs-on: ubuntu-24.04
steps:
- name: Checkout sources
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Download actionlint
id: get_actionlint
run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/v1.7.1/scripts/download-actionlint.bash)
shell: bash

- name: Check workflow files
env:
SHELLCHECK_OPTS: "--severity=error"
run: |
${{ steps.get_actionlint.outputs.executable }} \
-ignore 'label "(common|collect|collect-arm64)" is unknown' \
-ignore 'label "veracode" is unknown' \
-ignore '"github.head_ref" is potentially untrusted' \
-shellcheck= \
-pyflakes= \
-color
-ignore 'label "ubuntu-24.04" is unknown' \
-ignore 'label "(common|collect|collect-arm64)" is unknown' \
-ignore 'label "veracode" is unknown' \
-ignore '"github.head_ref" is potentially untrusted' \
-pyflakes= \
-color
shell: bash

yaml-lint:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout sources
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
with:
python-version: '3.12'

- name: Install Yaml
run: |
pip install yamllint==1.32.0
run: pip install yamllint==1.35.1

- name: Add Yaml Lint Rules
run: |
Expand All @@ -73,5 +81,4 @@ jobs:
EOF

- name: Lint YAML files
run: |
yamllint -c ./yamllint_rules.yml ./.github/actions/ ./.github/workflows/
run: yamllint -c ./yamllint_rules.yml ./.github/actions/ ./.github/workflows/ ./**/packaging/
103 changes: 103 additions & 0 deletions .github/workflows/check-status.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
name: check-status

concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

on:
pull_request:
branches:
- develop
- dev-[2-9][0-9].[0-9][0-9].x
- master
- "[2-9][0-9].[0-9][0-9].x"
- hotfix-*
- release-*

jobs:
check-status:
runs-on: ubuntu-24.04
steps:
- name: Check workflow statuses and display token usage
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
echo "current rest api rate usage:"
curl -s -H "Accept: application/vnd.github+json" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/rate_limit | jq .rate
echo ""
echo ""
echo "current graphql rate usage:"
curl -s -H "Accept: application/vnd.github+json" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/rate_limit | jq .resources.graphql
echo ""
echo ""

- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_NUMBER: ${{ github.event.number }}
with:
script: |
await exec.exec("sleep 20s");

for (let i = 0; i < 60; i++) {
const failure = [];
const cancelled = [];
const pending = [];

const result = await github.rest.checks.listSuitesForRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: "${{ github.event.pull_request.head.sha }}"
});
result.data.check_suites.forEach(({ app: { slug }, conclusion, id}) => {
if (slug === 'github-actions') {
if (conclusion === 'failure' || conclusion === 'cancelled') {
failure.push(id);
} else if (conclusion === null) {
pending.push(id);
}
console.log(`check suite ${id} => ${conclusion === null ? 'pending' : conclusion}`);
}
});

if (pending.length === 0) {
core.setFailed("Cannot get pull request check status");
return;
}

if (failure.length > 0) {
let failureMessage = '';
const failedCheckRuns = [];
for await (const suite_id of failure) {
const resultCheckRuns = await github.rest.checks.listForSuite({
owner: context.repo.owner,
repo: context.repo.repo,
check_suite_id: suite_id
});

resultCheckRuns.data.check_runs.forEach(({ conclusion, name, html_url }) => {
if (conclusion === 'failure' || conclusion === 'cancelled') {
failedCheckRuns.push(`<a href="${html_url}">${name} (${conclusion})</a>`);
}
});
}

core.summary.addRaw(`${failedCheckRuns.length} job(s) failed:`, true)
core.summary.addList(failedCheckRuns);
core.summary.write()

core.setFailed(`${failure.length} workflow(s) failed`);
return;
}

if (pending.length === 1) {
core.info("All workflows are ok");
return;
}

core.info(`${pending.length} workflows in progress`);

await exec.exec("sleep 30s");
}

core.setFailed("Timeout: some jobs are still in progress");
1 change: 0 additions & 1 deletion gorgone/packaging/centreon-audit.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,3 @@ gorgone:
- name: audit
package: "gorgone::modules::centreon::audit::hooks"
enable: true

Loading