[minor] Improve SLS flow for various configurations (#1619) #8769

Workflow file for this run

.github/workflows/ansible.yml at 3dd8d99

	name: Build Ansible Collection
	on:
	push:
	branches:
	- '**'
	tags-ignore:
	- '**'
	jobs:
	ansible-build:
	name: Build Ansible Collection
	runs-on: ubuntu-latest
	if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
	steps:
	- name: Install Python v3.11
	uses: actions/setup-python@v5
	with:
	python-version: '3.11'

	- name: Checkout
	uses: actions/[email protected]
	# Without this option, we don't get the tag information
	with:
	fetch-depth: 0

	- name: Initialise the build system
	run: \|
	chmod u+x $GITHUB_WORKSPACE/build/bin/*.sh
	$GITHUB_WORKSPACE/build/bin/initbuild.sh
	source $GITHUB_WORKSPACE/build/bin/.functions.sh
	python -m pip install -q ansible==2.10.3 yamllint

	# Note: Use "--format standard" to ensure filenames and line numbers are in the output
	# https://gitanswer.com/yamllint-missing-filenames-and-line-numbers-in-github-action-output-python-794550803
	- name: Validate that the ansible collection lints successfully
	run: \|
	yamllint --format standard -c $GITHUB_WORKSPACE/yamllint.yaml $GITHUB_WORKSPACE/ibm/mas_devops

	- name: Build the Ansible collection
	run: \|
	$GITHUB_WORKSPACE/build/bin/build-collection.sh

	- name: Upload Ansible Collection to Github Actions
	uses: actions/upload-artifact@v4
	with:
	name: ibm-mas_devops-${{ env.VERSION }}.tar.gz
	path: ${{ github.workspace }}/ibm/mas_devops/ibm-mas_devops-${{ env.VERSION }}.tar.gz
	retention-days: 30

	- name: Upload Ansible Collection to Artifactory
	env:
	ARTIFACTORY_GENERIC_RELEASE_URL: ${{ secrets.ARTIFACTORY_GENERIC_RELEASE_URL }}
	ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }}
	run: \|
	echo "Copying $GITHUB_WORKSPACE/ibm/mas_devops/ibm-mas_devops-${{ env.VERSION }}.tar.gz to $GITHUB_WORKSPACE/ibm/mas_devops/ibm-mas_devops.tar.gz..."
	cp $GITHUB_WORKSPACE/ibm/mas_devops/ibm-mas_devops-${{ env.VERSION }}.tar.gz $GITHUB_WORKSPACE/ibm/mas_devops/ibm-mas_devops.tar.gz
	$GITHUB_WORKSPACE/build/bin/artifactory-release.sh $GITHUB_WORKSPACE/ibm/mas_devops/ibm-mas_devops.tar.gz

	# Execution environment
	- name: Build the Ansible execution environment
	if: env.VERSION != ''
	run: \|
	podman login --username "${{ secrets.REDHAT_USERNAME }}" --password "${{ secrets.REDHAT_PASSWORD }}" registry.redhat.io
	$GITHUB_WORKSPACE/build/bin/build-execution-environment.sh

	- name: Push the Ansible execution environment container image
	id: docker-push
	if: env.DOCKER_TAG != ''
	run: \|
	podman images
	podman tag ibmmas/ansible-devops-ee:${{ env.DOCKER_TAG }} quay.io/ibmmas/ansible-devops-ee:${{ env.DOCKER_TAG }}
	podman images
	podman login --username "${{ secrets.QUAYIO_USERNAME }}" --password "${{ secrets.QUAYIO_PASSWORD }}" quay.io
	podman push quay.io/ibmmas/ansible-devops-ee:${{ env.DOCKER_TAG }}

	- name: Trigger ibm-mas/cli rebuild on Ansible Collection master build
	if: github.ref == 'refs/heads/master'
	run: \|
	curl -XPOST https://api.github.com/repos/ibm-mas/cli/actions/workflows/build-cli.yml/dispatches \
	-H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" \
	-u ${{ secrets.ACTIONS_KEY }} \
	--data '{"ref": "master"}'
	- uses: actions/checkout@v4

	- name: Perform dependency check
	uses: dependency-check/Dependency-Check_Action@main
	id: owasp-depcheck
	with:
	project: 'ansible-devops'
	path: '.'
	format: 'HTML'
	args: >
	--failOnCVSS 7
	--enableRetired

	- name: Upload dependency check results
	uses: actions/upload-artifact@v4
	with:
	name: OWASP dependency check report
	path: ${{github.workspace}}/reports
	retention-days: 30

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[minor] Improve SLS flow for various configurations (#1619) #8769

Workflow file

[minor] Improve SLS flow for various configurations (#1619) #8769

Jobs

Run details

Workflow file for this run