From a989b9bf73a92330dda6103d7834b3021bd0c8c1 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Thu, 28 Nov 2024 19:46:16 +0000 Subject: [PATCH 01/27] ci: run `pre-commit` in GitHub Actions --- .github/workflows/main.yml | 45 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..01b217fa --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,45 @@ +--- +name: Test & release + +'on': + - pull_request + - push + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + # yamllint disable-line rule:line-length + cancel-in-progress: ${{ github.ref != format('refs/heads/{0}', github.event.repository.default_branch) }} + +jobs: + should-run: + name: Should run + runs-on: ubuntu-latest + timeout-minutes: 5 + outputs: + should-run: ${{ steps.action.outputs.should-run }} + steps: + - id: action + uses: + # yamllint disable-line rule:comments rule:line-length + techneg-it/should-workflow-run@dcbb88600d59ec2842778ef1e2d41f680f876329 # v1.0.0 + pre-commit: + name: Run `pre-commit` + needs: should-run + if: fromJSON(needs.should-run.outputs.should-run) + container: techneg/ci-pre-commit:v2.2.29 + runs-on: ubuntu-latest + steps: + # yamllint disable-line rule:comments rule:line-length + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Export Python package hash for caching + run: echo "PYTHON_SHA256=$PYTHON_SHA256" >> $GITHUB_ENV + # yamllint disable-line rule:comments rule:line-length + - uses: actions/cache@v4.1.2 + with: + path: ~/.cache/pre-commit + key: "pre-commit-4|${{ env.PYTHON_SHA256 }}|\ + ${{ hashFiles('.pre-commit-config.yaml') }}" + - name: Run `pre-commit` + run: | + git config --global --add safe.directory $(pwd) + pre-commit run --all-files --color always --verbose From 2842276cb3c6c843be6b658b8824c7eee9fd2457 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Thu, 28 Nov 2024 23:31:35 +0000 Subject: [PATCH 02/27] ci: run `test-kitchen` in GitHub Actions --- .github/workflows/main.yml | 84 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 80 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 01b217fa..56d44b7b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -12,7 +12,7 @@ concurrency: jobs: should-run: - name: Should run + name: Prep / Should run runs-on: ubuntu-latest timeout-minutes: 5 outputs: @@ -22,18 +22,40 @@ jobs: uses: # yamllint disable-line rule:comments rule:line-length techneg-it/should-workflow-run@dcbb88600d59ec2842778ef1e2d41f680f876329 # v1.0.0 + gtp: + name: Prep / Get platforms + needs: + - should-run + if: fromJSON(needs.should-run.outputs.should-run) + runs-on: ubuntu-latest + timeout-minutes: 5 + outputs: + test-platforms: ${{ steps.get-test-platforms.outputs.test-platforms }} + steps: + # yamllint disable-line rule:comments + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - id: get-test-platforms + run: | + PLATFORMS=$( + yq '[keys | .[] | select(test("^default-(deb|ubu)"))]' \ + -o=json -I=0 .gitlab-ci.yml + ) + OUTPUT="test-platforms=$PLATFORMS" + echo "Setting '$OUTPUT'" + echo "$OUTPUT" >> $GITHUB_OUTPUT pre-commit: - name: Run `pre-commit` + name: Lint / `pre-commit` needs: should-run if: fromJSON(needs.should-run.outputs.should-run) container: techneg/ci-pre-commit:v2.2.29 runs-on: ubuntu-latest + timeout-minutes: 5 steps: - # yamllint disable-line rule:comments rule:line-length + # yamllint disable-line rule:comments - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Export Python package hash for caching run: echo "PYTHON_SHA256=$PYTHON_SHA256" >> $GITHUB_ENV - # yamllint disable-line rule:comments rule:line-length + # yamllint disable-line rule:comments - uses: actions/cache@v4.1.2 with: path: ~/.cache/pre-commit @@ -43,3 +65,57 @@ jobs: run: | git config --global --add safe.directory $(pwd) pre-commit run --all-files --color always --verbose + test: + name: Test / Kitchen + needs: + - gtp + - pre-commit + - should-run + if: fromJSON(needs.should-run.outputs.should-run) + runs-on: ubuntu-latest + timeout-minutes: 5 + strategy: + fail-fast: false + matrix: + platform: ${{ fromJSON(needs.gtp.outputs.test-platforms) }} + steps: + # yamllint disable-line rule:comments + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + # yamllint disable-line rule:comments + - uses: ruby/setup-ruby@v1.202.0 + with: + bundler-cache: true + ruby-version: 3.1.2 + - run: | + bin/kitchen test ${{ matrix.platform }} + test-conversion: + name: Test / Conversion + needs: + - pre-commit + - should-run + if: fromJSON(needs.should-run.outputs.should-run) + runs-on: ubuntu-latest + timeout-minutes: 5 + steps: + # yamllint disable-line rule:comments + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Convert the formula + run: | + export CONVERTED=test-the-use_this_template-button + git config user.email "test@example.com" + git config user.name "Test Name" + # Run the conversion script with debug output + DEBUG=true bin/convert-formula.sh "${CONVERTED}" + [ $(git rev-list HEAD --count) -eq 2 ] + # Quick visual check that correct files have been updated + git show --pretty="" --name-status + echo Done! + # yamllint disable-line rule:comments + - uses: ruby/setup-ruby@v1.202.0 + with: + bundler-cache: true + ruby-version: 3.1.2 + - name: Test / Kitchen + run: | + bin/kitchen list + bin/kitchen test default-debian-11-master-py3 From 0da7bce60cb4e2ebf617a5159d8e563765fe57f1 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 01:33:37 +0000 Subject: [PATCH 03/27] ci: use improved cache key set during container build --- .github/workflows/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 56d44b7b..291dd14a 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -47,19 +47,19 @@ jobs: name: Lint / `pre-commit` needs: should-run if: fromJSON(needs.should-run.outputs.should-run) - container: techneg/ci-pre-commit:v2.2.29 + container: techneg/ci-pre-commit:v2.3.1 runs-on: ubuntu-latest timeout-minutes: 5 steps: # yamllint disable-line rule:comments - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - name: Export Python package hash for caching - run: echo "PYTHON_SHA256=$PYTHON_SHA256" >> $GITHUB_ENV + - name: Export `CI_CACHE_ID` from container + run: echo "CI_CACHE_ID=$(cat /.ci_cache_id)" >> $GITHUB_ENV # yamllint disable-line rule:comments - uses: actions/cache@v4.1.2 with: path: ~/.cache/pre-commit - key: "pre-commit-4|${{ env.PYTHON_SHA256 }}|\ + key: "${{ env.CI_CACHE_ID }}|\ ${{ hashFiles('.pre-commit-config.yaml') }}" - name: Run `pre-commit` run: | From d2760dd3d6da602f18caad02fb1b16d3633abfb4 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 14:19:39 +0000 Subject: [PATCH 04/27] test(pre-commit): test for large files --- .pre-commit-config.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 01e4346d..43c3671d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -25,6 +25,10 @@ repos: description: Lint commit message against @commitlint/config-conventional rules stages: [commit-msg] additional_dependencies: ['@commitlint/config-conventional@17.1.0'] + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: check-added-large-files - repo: https://github.com/rubocop-hq/rubocop rev: v1.57.0 hooks: From c43350b41b464a8408118104e3b1a35064beb46d Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 14:21:11 +0000 Subject: [PATCH 05/27] test(pre-commit): check GitHub Actions files using `check-jsonschema` --- .pre-commit-config.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 43c3671d..52f537f0 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -29,6 +29,12 @@ repos: rev: v5.0.0 hooks: - id: check-added-large-files + - repo: https://github.com/python-jsonschema/check-jsonschema + rev: 0.29.4 + hooks: + - id: check-github-workflows + name: Check GitHub workflows with check-jsonschema + args: ["--verbose"] - repo: https://github.com/rubocop-hq/rubocop rev: v1.57.0 hooks: From 56750cf82cda3a3dc7af6e4808ef52f912d0a0f4 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 14:23:21 +0000 Subject: [PATCH 06/27] test(pre-commit): check Renovate config using `check-jsonschema` --- .pre-commit-config.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 52f537f0..6bf78e29 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -35,6 +35,10 @@ repos: - id: check-github-workflows name: Check GitHub workflows with check-jsonschema args: ["--verbose"] + - id: check-renovate + name: Check Renovate config with check-jsonschema + additional_dependencies: [json5==0.9.14] + args: ["--verbose"] - repo: https://github.com/rubocop-hq/rubocop rev: v1.57.0 hooks: From 7a14a38aa276272cfbc5267fc12c64b2f53b484f Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 14:35:14 +0000 Subject: [PATCH 07/27] test(pre-commit): check Gitlab CI config using `check-jsonschema` --- .pre-commit-config.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6bf78e29..b4b39506 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -35,6 +35,9 @@ repos: - id: check-github-workflows name: Check GitHub workflows with check-jsonschema args: ["--verbose"] + - id: check-gitlab-ci + name: Check Gitlab CI config with check-jsonschema + args: ["--verbose"] - id: check-renovate name: Check Renovate config with check-jsonschema additional_dependencies: [json5==0.9.14] From 3b57b29d9a0e7baea0da72a599e973a692cc57a6 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 14:58:50 +0000 Subject: [PATCH 08/27] test(pre-commit): improve defaults --- .pre-commit-config.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b4b39506..83eb6e28 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -15,7 +15,8 @@ ci: autoupdate_schedule: quarterly skip: [] submodules: false -default_stages: [commit] +default_install_hook_types: [commit-msg, pre-commit] +default_stages: [pre-commit] repos: - repo: https://github.com/dafyddj/commitlint-pre-commit-hook rev: v2.3.0 From bcd2d15dcbd86008275f944b6811dd0e899c5f7a Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 15:02:10 +0000 Subject: [PATCH 09/27] test(pre-commit): tidy up quoting --- .pre-commit-config.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 83eb6e28..f1973582 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -35,14 +35,14 @@ repos: hooks: - id: check-github-workflows name: Check GitHub workflows with check-jsonschema - args: ["--verbose"] + args: [--verbose] - id: check-gitlab-ci name: Check Gitlab CI config with check-jsonschema - args: ["--verbose"] + args: [--verbose] - id: check-renovate name: Check Renovate config with check-jsonschema additional_dependencies: [json5==0.9.14] - args: ["--verbose"] + args: [--verbose] - repo: https://github.com/rubocop-hq/rubocop rev: v1.57.0 hooks: @@ -96,7 +96,7 @@ repos: hooks: - id: rstcheck name: Check reST files using rstcheck - exclude: 'docs/CHANGELOG.rst' + exclude: docs/CHANGELOG.rst additional_dependencies: [sphinx==7.2.6] - repo: https://github.com/saltstack-formulas/mirrors-rst-lint rev: v1.3.2 From 819e892fe88c93f67d96b1feefd209b2ff87001e Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 15:59:50 +0000 Subject: [PATCH 10/27] ci: set full action versions for `commitlint.yml` --- .github/workflows/commitlint.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index cd8abb5b..612f8ace 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -8,5 +8,5 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: wagoid/commitlint-github-action@v5 + - uses: actions/checkout@v4.2.2 + - uses: wagoid/commitlint-github-action@v5.5.1 From 6374f7131c4f6754f58a7c0267d33e9e7679045c Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 16:00:18 +0000 Subject: [PATCH 11/27] ci(renovate): initial commit --- .github/renovate.json5 | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 .github/renovate.json5 diff --git a/.github/renovate.json5 b/.github/renovate.json5 new file mode 100644 index 00000000..f62e6614 --- /dev/null +++ b/.github/renovate.json5 @@ -0,0 +1,25 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "enabledManagers": [ + "github-actions", + "pre-commit", + ], + "extends": [ + "config:recommended", + ":enablePreCommit", + "helpers:pinGitHubActionDigests", + ], + "automergeStrategy": "merge-commit", + "packageRules": [ + { + "matchManagers": ["github-actions"], + "matchUpdateTypes": ["minor", "patch"], + "groupName": "github-actions minor/patch", + }, + { + "matchManagers": ["pre-commit"], + "matchUpdateTypes": ["minor", "patch"], + "groupName": "pre-commit hook minor/patch", + }, + ], +} From e7d8a876e8b3cae3dfb02b3a09a2e73440863699 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 16:22:01 +0000 Subject: [PATCH 12/27] ci(renovate): enable fork processing --- renovate.json | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 renovate.json diff --git a/renovate.json b/renovate.json new file mode 100644 index 00000000..7fc15173 --- /dev/null +++ b/renovate.json @@ -0,0 +1,36 @@ +{ + "forkProcessing": "enabled", + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "enabledManagers": [ + "github-actions", + "pre-commit" + ], + "extends": [ + "config:recommended", + ":enablePreCommit", + "helpers:pinGitHubActionDigests" + ], + "automergeStrategy": "merge-commit", + "packageRules": [ + { + "matchManagers": [ + "github-actions" + ], + "matchUpdateTypes": [ + "minor", + "patch" + ], + "groupName": "github-actions minor/patch" + }, + { + "matchManagers": [ + "pre-commit" + ], + "matchUpdateTypes": [ + "minor", + "patch" + ], + "groupName": "pre-commit hook minor/patch" + } + ] +} From 6cdace72e3f0a5708f5532cf1d7358a4e0498457 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 30 Nov 2024 16:25:25 +0000 Subject: [PATCH 13/27] chore(deps): update pre-commit hook minor/patch --- .pre-commit-config.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f1973582..2bcbf4dd 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,7 +31,7 @@ repos: hooks: - id: check-added-large-files - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.29.4 + rev: 0.30.0 hooks: - id: check-github-workflows name: Check GitHub workflows with check-jsonschema @@ -44,7 +44,7 @@ repos: additional_dependencies: [json5==0.9.14] args: [--verbose] - repo: https://github.com/rubocop-hq/rubocop - rev: v1.57.0 + rev: v1.69.0 hooks: - id: rubocop name: Check Ruby files with rubocop @@ -57,7 +57,7 @@ repos: files: ^.*\.(sh|bash|ksh)$ types: [] - repo: https://github.com/adrienverge/yamllint - rev: v1.32.0 + rev: v1.35.1 hooks: - id: yamllint name: Check YAML syntax with yamllint @@ -92,14 +92,14 @@ repos: name: Check Salt files using salt-lint files: ^.*\.(sls|jinja|j2|tmpl|tst)$ - repo: https://github.com/myint/rstcheck - rev: v6.2.0 + rev: v6.2.4 hooks: - id: rstcheck name: Check reST files using rstcheck exclude: docs/CHANGELOG.rst additional_dependencies: [sphinx==7.2.6] - repo: https://github.com/saltstack-formulas/mirrors-rst-lint - rev: v1.3.2 + rev: v1.4.0 hooks: - id: rst-lint name: Check reST files using rst-lint From 1f45e41e3c9a140323e65ce90fcc2af09ad47364 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sat, 30 Nov 2024 16:33:25 +0000 Subject: [PATCH 14/27] ci: comment to disable `yamllint` --- .github/workflows/commitlint.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index 612f8ace..92cbf780 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -8,5 +8,7 @@ jobs: lint: runs-on: ubuntu-latest steps: + # yamllint disable-line rule:comments - uses: actions/checkout@v4.2.2 + # yamllint disable-line rule:comments rule:line-length - uses: wagoid/commitlint-github-action@v5.5.1 From dbb58ad0ee3f83ebbfa84d452fdeaf70cbe50406 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 30 Nov 2024 16:34:33 +0000 Subject: [PATCH 15/27] chore(deps): pin dependencies --- .github/workflows/commitlint.yml | 4 ++-- .github/workflows/main.yml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index 92cbf780..8c7ba7b5 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -9,6 +9,6 @@ jobs: runs-on: ubuntu-latest steps: # yamllint disable-line rule:comments - - uses: actions/checkout@v4.2.2 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # yamllint disable-line rule:comments rule:line-length - - uses: wagoid/commitlint-github-action@v5.5.1 + - uses: wagoid/commitlint-github-action@9763196e10f27aef304c9b8b660d31d97fce0f99 # v5.5.1 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 291dd14a..31fb6e2b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -56,7 +56,7 @@ jobs: - name: Export `CI_CACHE_ID` from container run: echo "CI_CACHE_ID=$(cat /.ci_cache_id)" >> $GITHUB_ENV # yamllint disable-line rule:comments - - uses: actions/cache@v4.1.2 + - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 with: path: ~/.cache/pre-commit key: "${{ env.CI_CACHE_ID }}|\ @@ -82,7 +82,7 @@ jobs: # yamllint disable-line rule:comments - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # yamllint disable-line rule:comments - - uses: ruby/setup-ruby@v1.202.0 + - uses: ruby/setup-ruby@a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc # v1.202.0 with: bundler-cache: true ruby-version: 3.1.2 @@ -111,7 +111,7 @@ jobs: git show --pretty="" --name-status echo Done! # yamllint disable-line rule:comments - - uses: ruby/setup-ruby@v1.202.0 + - uses: ruby/setup-ruby@a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc # v1.202.0 with: bundler-cache: true ruby-version: 3.1.2 From c4aa5c9df01d0f2c5561480f7e7c7b5e9c1f74b4 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sun, 1 Dec 2024 20:20:19 +0000 Subject: [PATCH 16/27] ci: add a Release job using `semantic-release` --- .github/workflows/main.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 31fb6e2b..fff2ce6c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -119,3 +119,31 @@ jobs: run: | bin/kitchen list bin/kitchen test default-debian-11-master-py3 + results: + name: Release / Collect results + permissions: + contents: write + issues: write + pull-requests: write + checks: read + runs-on: ubuntu-latest + steps: + # yamllint disable-line rule:comments rule:line-length + - uses: poseidon/wait-for-status-checks@899c768d191b56eef585c18f8558da19e1f3e707 # v0.6.0 + with: + ignore: Release / Collect results + token: ${{ secrets.GITHUB_TOKEN }} + # yamllint disable-line rule:comments + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + # yamllint disable-line rule:comments rule:line-length + - uses: codfish/semantic-release-action@b621d34fabe0940f031e89b6ebfea28322892a10 # v3.5.0 + with: + branches: ma(in|ster) + dry-run: true + plugins: | + [ "@semantic-release/commit-analyzer", + "@semantic-release/release-notes-generator", + "@semantic-release/github" + ] + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 3834e758f3c58125da593505c7143966576ab6de Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Sun, 1 Dec 2024 21:42:45 +0000 Subject: [PATCH 17/27] ci: tweak the `semantic-release` config for GitHub * `branches` is double quoted as the action expects valid JSON(5) for that input, so a string must be quoted --- .github/workflows/main.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index fff2ce6c..d177f7c9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -138,12 +138,19 @@ jobs: # yamllint disable-line rule:comments rule:line-length - uses: codfish/semantic-release-action@b621d34fabe0940f031e89b6ebfea28322892a10 # v3.5.0 with: - branches: ma(in|ster) + branches: '"ma(in|ster)"' dry-run: true plugins: | - [ "@semantic-release/commit-analyzer", + [ + [ + "@semantic-release/commit-analyzer", + { + "releaseRules": "./release-rules.js" + } + ], "@semantic-release/release-notes-generator", "@semantic-release/github" ] + repository-url: ${{ github.repository }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 646249a3bec70645e704f4c811aea8cfc76fae3b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 2 Dec 2024 07:53:29 +0000 Subject: [PATCH 18/27] chore(deps): update techneg/ci-pre-commit docker tag to v2.3.2 --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d177f7c9..d885645d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -47,7 +47,7 @@ jobs: name: Lint / `pre-commit` needs: should-run if: fromJSON(needs.should-run.outputs.should-run) - container: techneg/ci-pre-commit:v2.3.1 + container: techneg/ci-pre-commit:v2.3.2 runs-on: ubuntu-latest timeout-minutes: 5 steps: From 2b797706c716ac015c005d15ac882c9ac4cf363e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 3 Dec 2024 11:50:00 +0000 Subject: [PATCH 19/27] chore(deps): update pre-commit hook rubocop-hq/rubocop to v1.69.1 --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2bcbf4dd..5d46b20a 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -44,7 +44,7 @@ repos: additional_dependencies: [json5==0.9.14] args: [--verbose] - repo: https://github.com/rubocop-hq/rubocop - rev: v1.69.0 + rev: v1.69.1 hooks: - id: rubocop name: Check Ruby files with rubocop From b425191b4eaea69c92a79db09cc7b8241a6525d6 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Wed, 4 Dec 2024 18:20:06 +0000 Subject: [PATCH 20/27] fix(pre-commit): exclude Copier files from `yamllint` --- .pre-commit-config.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2bcbf4dd..7b1ae10f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -71,6 +71,7 @@ repos: # 1. SLS files under directory `test/` which are state files # 2. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax # 3. YAML files heavily reliant on Jinja + # 4. `.copier-answers.yml` and related files which are auto-generated files: | (?x)^( .*\.yaml| @@ -82,6 +83,7 @@ repos: )$ exclude: | (?x)^( + \.copier-answers(\..+)?\.ya?ml| kitchen.vagrant.yml| test/.*/states/.*\.sls )$ From 4380e3508ed872933c216a472ccd6a8e39d396ba Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Wed, 4 Dec 2024 18:24:59 +0000 Subject: [PATCH 21/27] fix(pre-commit): improve capitalisation of `check-added-large-files` --- .pre-commit-config.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7b1ae10f..e143635e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,6 +30,7 @@ repos: rev: v5.0.0 hooks: - id: check-added-large-files + name: Check for added large files - repo: https://github.com/python-jsonschema/check-jsonschema rev: 0.30.0 hooks: From bb328b75a6ee738c621dc965634d4e807abb6421 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Wed, 4 Dec 2024 18:56:19 +0000 Subject: [PATCH 22/27] fix(gitignore): small improvements --- .gitignore | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 39752a7a..6faf912c 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,9 @@ __pycache__/ # C extensions *.so +# CI/CD Tooling +.gitlab-ci-local/ + # Distribution / packaging .Python env/ @@ -45,7 +48,7 @@ nosetests.xml coverage.xml *.cover .hypothesis/ -.kitchen +.kitchen/ .kitchen.local.yml kitchen.local.yml junit-*.xml @@ -110,12 +113,18 @@ ENV/ # Bundler .bundle/ +# Node.js/npm +node_modules/ + # copied `.md` files used for conversion to `.rst` using `m2r` docs/*.md # Vim *.sw? +# Salt package files (SPM) +*.spm + ## Collected when centralising formulas (check and sort) # `collectd-formula` .pytest_cache/ From e189b1442440cd9a0ba66f2079e22ad17373afad Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Thu, 5 Dec 2024 19:14:15 +0000 Subject: [PATCH 23/27] ci(renovate): enable the `bundler` manager --- .github/renovate.json5 | 1 + renovate.json | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index f62e6614..54c8143c 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,6 +1,7 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "enabledManagers": [ + "bundler", "github-actions", "pre-commit", ], diff --git a/renovate.json b/renovate.json index 7fc15173..0e71bfac 100644 --- a/renovate.json +++ b/renovate.json @@ -2,6 +2,7 @@ "forkProcessing": "enabled", "$schema": "https://docs.renovatebot.com/renovate-schema.json", "enabledManagers": [ + "bundler", "github-actions", "pre-commit" ], From fc3736d876139008617e98b1bc4355aa8869c256 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 5 Dec 2024 19:14:50 +0000 Subject: [PATCH 24/27] chore(deps): update actions/cache action to v4.2.0 --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d885645d..c4463a38 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -56,7 +56,7 @@ jobs: - name: Export `CI_CACHE_ID` from container run: echo "CI_CACHE_ID=$(cat /.ci_cache_id)" >> $GITHUB_ENV # yamllint disable-line rule:comments - - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: ~/.cache/pre-commit key: "${{ env.CI_CACHE_ID }}|\ From 0d86585971c3422656675dfd995dcb6a84e13450 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 5 Dec 2024 19:18:51 +0000 Subject: [PATCH 25/27] chore(deps): update dependency net-ssh to v7.3.0 --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index be16d6ee..29220c1d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -455,7 +455,7 @@ GEM mutex_m (0.1.2) net-scp (4.0.0) net-ssh (>= 2.6.5, < 8.0.0) - net-ssh (7.2.0) + net-ssh (7.3.0) net-ssh-gateway (2.0.0) net-ssh (>= 4.0.0) nokogiri (1.15.4) From 0c2158392bf54cacf521d30bd0ab5b6f6c4675e0 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Fri, 6 Dec 2024 02:22:05 +0000 Subject: [PATCH 26/27] ci(renovate): enable vulnerability alerts (from GitHub) --- .github/renovate.json5 | 3 +++ renovate.json | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 54c8143c..7f93fe8e 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -11,6 +11,9 @@ "helpers:pinGitHubActionDigests", ], "automergeStrategy": "merge-commit", + "vulnerabilityAlerts": { + "enabled": true, + }, "packageRules": [ { "matchManagers": ["github-actions"], diff --git a/renovate.json b/renovate.json index 0e71bfac..a3dc9557 100644 --- a/renovate.json +++ b/renovate.json @@ -12,6 +12,9 @@ "helpers:pinGitHubActionDigests" ], "automergeStrategy": "merge-commit", + "vulnerabilityAlerts": { + "enabled": true + }, "packageRules": [ { "matchManagers": [ From ce880a110d4e3002d54574b201b2b2dbc6e70ece Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 9 Dec 2024 09:04:41 +0000 Subject: [PATCH 27/27] chore(deps): update github-actions minor/patch --- .github/workflows/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c4463a38..18f44f0b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -47,7 +47,7 @@ jobs: name: Lint / `pre-commit` needs: should-run if: fromJSON(needs.should-run.outputs.should-run) - container: techneg/ci-pre-commit:v2.3.2 + container: techneg/ci-pre-commit:v2.3.3 runs-on: ubuntu-latest timeout-minutes: 5 steps: @@ -82,7 +82,7 @@ jobs: # yamllint disable-line rule:comments - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # yamllint disable-line rule:comments - - uses: ruby/setup-ruby@a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc # v1.202.0 + - uses: ruby/setup-ruby@2a18b06812b0e15bb916e1df298d3e740422c47e # v1.203.0 with: bundler-cache: true ruby-version: 3.1.2 @@ -111,7 +111,7 @@ jobs: git show --pretty="" --name-status echo Done! # yamllint disable-line rule:comments - - uses: ruby/setup-ruby@a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc # v1.202.0 + - uses: ruby/setup-ruby@2a18b06812b0e15bb916e1df298d3e740422c47e # v1.203.0 with: bundler-cache: true ruby-version: 3.1.2