diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml deleted file mode 100644 index 9434518..0000000 --- a/.github/workflows/commit-lint.yml +++ /dev/null @@ -1,32 +0,0 @@ -# ------------------------------------------------------------- # -# Note: this file is automatically managed in template-template # -# ------------------------------------------------------------- # - -name: commit-lint - -on: [push, pull_request] - -jobs: - deduplicate: - timeout-minutes: 5 - - runs-on: ubuntu-latest - - # run once - if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository - - steps: - - run: echo ::info ::duplicate check ran successfully - - commit-lint: - timeout-minutes: 5 - - needs: deduplicate - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - uses: ahmadnassri/action-commit-lint@v1.3.3 - with: - config: .github/linters/.commit-lint.yml diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml new file mode 100644 index 0000000..5496784 --- /dev/null +++ b/.github/workflows/pull_request.yml @@ -0,0 +1,112 @@ +# ------------------------------------------------------------- # +# Note: this file is automatically managed in template-template # +# ------------------------------------------------------------- # + +on: pull_request + +name: pull_request + +jobs: + pr-screen: + runs-on: ubuntu-20.04 + + # only run for external PRs + if: github.event.pull_request.head.repo.full_name != github.repository + + steps: + - run: echo ::debug::pr screen complete + working-directory: ${{ github.workspace }} + + commit-lint: + needs: pr-screen + + timeout-minutes: 5 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - uses: ahmadnassri/action-commit-lint@v1 + with: + config: .github/linters/.commit-lint.yml + + super-linter: + needs: pr-screen + + timeout-minutes: 5 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - uses: github/super-linter@v3.15.5 + env: + LOG_LEVEL: ERROR + VALIDATE_ALL_CODEBASE: false + FILTER_REGEX_EXCLUDE: '/github/workspace/README.md|test/fixtures/*' + GITHUB_TOKEN: ${{ github.token }} + + npm-audit: + needs: pr-screen + + timeout-minutes: 5 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - uses: actions/setup-node@v2.1.5 + + - run: npm audit --audit-level=critical + + test-strategy: + needs: + - commit-lint + - super-linter + - npm-audit + + timeout-minutes: 5 + + runs-on: ubuntu-latest + + outputs: + matrix: ${{ steps.parse.outputs.matrix }} + + steps: + - uses: actions/checkout@v2 + - id: parse + run: echo "::set-output name=matrix::$(jq -c . < .github/matrix.json)" + + test-run: + needs: test-strategy + + timeout-minutes: 5 + + name: ${{ matrix.name || format('node v{0} @ {1}', matrix.node-version, matrix.os) || 'test-step' }} + + strategy: + matrix: ${{ fromJSON(needs.test-strategy.outputs.matrix) }} + + runs-on: ${{ matrix.os }} + + steps: + - uses: actions/setup-node@v2.1.5 + with: + node-version: ${{ matrix.node-version }} + + - uses: actions/checkout@v2 + with: + submodules: true + + - uses: actions/cache@v2.1.4 + with: + path: ~/.npm + key: ${{ matrix.os }}-${{ matrix.node-version }}-${{ hashFiles('**/package-lock.json') }} + + - run: npm ci + - run: npm run test:ci diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/pull_request_target.yml similarity index 61% rename from .github/workflows/auto-merge.yml rename to .github/workflows/pull_request_target.yml index 8cef786..748965f 100644 --- a/.github/workflows/auto-merge.yml +++ b/.github/workflows/pull_request_target.yml @@ -2,20 +2,34 @@ # Note: this file is automatically managed in template-template # # ------------------------------------------------------------- # -name: auto-merge - on: pull_request_target +name: pull_request_target + jobs: auto-merge: + # only run for dependabot + if: github.actor == 'dependabot[bot]' + timeout-minutes: 5 runs-on: ubuntu-latest - if: github.actor == 'dependabot[bot]' - steps: - uses: actions/checkout@v2 - uses: ahmadnassri/action-dependabot-auto-merge@v2.4 with: github-token: ${{ secrets.GH_TOKEN }} + + template-sync: + timeout-minutes: 20 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - uses: ahmadnassri/action-template-repository-sync@v1 + with: + github-token: ${{ secrets.GH_TOKEN }} + dry-run: true diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000..4dd2e8a --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,165 @@ +# ------------------------------------------------------------- # +# Note: this file is automatically managed in template-template # +# ------------------------------------------------------------- # + +on: push + +name: push + +jobs: + commit-lint: + timeout-minutes: 5 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - uses: ahmadnassri/action-commit-lint@v1 + with: + config: .github/linters/.commit-lint.yml + + super-linter: + timeout-minutes: 5 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - uses: github/super-linter@v3.15.5 + env: + LOG_LEVEL: ERROR + VALIDATE_ALL_CODEBASE: false + FILTER_REGEX_EXCLUDE: '/github/workspace/README.md|test/fixtures/*' + GITHUB_TOKEN: ${{ github.token }} + + npm-audit: + timeout-minutes: 5 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - uses: actions/setup-node@v2.1.5 + + - run: npm audit --audit-level=critical + + test-strategy: + needs: + - commit-lint + - super-linter + - npm-audit + + timeout-minutes: 5 + + runs-on: ubuntu-latest + + outputs: + matrix: ${{ steps.parse.outputs.matrix }} + + steps: + - uses: actions/checkout@v2 + - id: parse + run: echo "::set-output name=matrix::$(jq -c . < .github/matrix.json)" + + test-run: + needs: test-strategy + + timeout-minutes: 5 + + name: ${{ matrix.name || format('node v{0} @ {1}', matrix.node-version, matrix.os) || 'test-step' }} + + strategy: + matrix: ${{ fromJSON(needs.test-strategy.outputs.matrix) }} + + runs-on: ${{ matrix.os }} + + steps: + - uses: actions/setup-node@v2.1.5 + with: + node-version: ${{ matrix.node-version }} + + - uses: actions/checkout@v2 + with: + submodules: true + + - uses: actions/cache@v2.1.4 + with: + path: ~/.npm + key: ${{ matrix.os }}-${{ matrix.node-version }}-${{ hashFiles('**/package-lock.json') }} + + - run: npm ci + - run: npm run test:ci + + release: + needs: test-run + + # only runs on main branch + if: ${{ github.ref == 'refs/heads/master' }} + + timeout-minutes: 20 + + runs-on: ubuntu-latest + + outputs: + published: ${{ steps.release.outputs.published }} + version: ${{ steps.release.outputs.release-version }} + + steps: + - uses: actions/checkout@v2 + with: + submodules: true + + - id: release + uses: ahmadnassri/action-semantic-release@v1 + with: + config: ${{ github.workspace }}/.semantic.json + env: + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + + mirror: + needs: release + + timeout-minutes: 5 + + runs-on: ubuntu-latest + + if: needs.release.outputs.published == 'true' + + steps: + - uses: actions/checkout@v2 + with: + submodules: true + + - uses: ahmadnassri/action-github-registry-npm-proxy@v2 + with: + token: ${{ secrets.GH_TOKEN }} + scope: ${{ github.repository_owner }} + + - name: publish to github registry + run: | + jq '.name = "@'${GITHUB_REPOSITORY/node-/}'"' package.json > /tmp/package.json; mv /tmp/package.json . + npm version --no-git-tag-version v${{ needs.release.outputs.version }} + npm publish + + template-sync: + needs: release + + timeout-minutes: 20 + + runs-on: ubuntu-latest + + steps: + - uses: ahmadnassri/action-workflow-queue@v1 + + - uses: actions/checkout@v2 + + - uses: ahmadnassri/action-template-repository-sync@v1 + with: + github-token: ${{ secrets.GH_TOKEN }} + dry-run: true diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml deleted file mode 100644 index 390ca87..0000000 --- a/.github/workflows/readme.yml +++ /dev/null @@ -1,54 +0,0 @@ -# ------------------------------------------------------------- # -# Note: this file is automatically managed in template-template # -# ------------------------------------------------------------- # - -name: readme - -on: - push: - branches: master - paths: - - docs/** - - colophon.yml - - .github/workflows/readme.yml - -jobs: - readme: - timeout-minutes: 5 - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - uses: docker://pandoc/core:2.11.4 - with: - args: >- - --metadata-file=colophon.yml - --template=docs/README.template - --output=README.md - --from=gfm - --to=gfm - --fail-if-warnings - --wrap=preserve - --reference-links - docs/README.md - - - uses: actions/github-script@v4.0.2 - with: - github-token: ${{secrets.GH_TOKEN}} - script: | - const { readFileSync } = require('fs') - - const path = 'README.md' - - const content = readFileSync(`${process.env.GITHUB_WORKSPACE}/${path}`) - - const { data } = await github.repos.getContent({ ...context.repo, path }) - - if (Buffer.from(data.content, 'base64').compare(content) === 0) return - - await github.repos.createOrUpdateFileContents({...context.repo, path, - sha: data.sha, - message: 'docs(readme): update readme', - content: content.toString('base64') - }) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 8ca6b4c..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,65 +0,0 @@ -# ----------------------------------------------------------- # -# Note: this file originates in ahmadnassri/template-node-lib # -# ----------------------------------------------------------- # - -name: release - -on: - workflow_run: - workflows: [ test ] - branches: [ master ] - types: [ completed ] - -jobs: - release: - timeout-minutes: 20 - - runs-on: ubuntu-latest - - outputs: - published: ${{ steps.release.outputs.published }} - version: ${{ steps.release.outputs.release-version }} - - steps: - - uses: ahmadnassri/action-workflow-run-wait@v1 - with: - delay: 10000 - timeout: 900000 - ignore-cancelled: true - - - uses: actions/checkout@v2 - with: - submodules: true - - - id: release - uses: ahmadnassri/action-semantic-release@v1 - with: - config: ${{ github.workspace }}/.semantic.json - env: - NPM_TOKEN: ${{ secrets.NPM_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - - mirror: - needs: release - - timeout-minutes: 5 - - runs-on: ubuntu-latest - - if: needs.release.outputs.published == 'true' - - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - - uses: ahmadnassri/action-github-registry-npm-proxy@v2 - with: - token: ${{ secrets.GH_TOKEN }} - scope: ${{ github.repository_owner }} - - - name: publish to github registry - run: | - jq '.name = "@'${GITHUB_REPOSITORY/node-/}'"' package.json > /tmp/package.json; mv /tmp/package.json . - npm version --no-git-tag-version v${{ needs.release.outputs.version }} - npm publish diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml deleted file mode 100644 index 05b9bc1..0000000 --- a/.github/workflows/super-linter.yml +++ /dev/null @@ -1,41 +0,0 @@ -# ------------------------------------------------------------- # -# Note: this file is automatically managed in template-template # -# ------------------------------------------------------------- # - -name: super-linter - -on: [ push, pull_request ] - -jobs: - deduplicate: - timeout-minutes: 5 - - runs-on: ubuntu-latest - - # run once - if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository - - steps: - - run: echo ::info ::duplicate check ran successfully - - super-linter: - timeout-minutes: 5 - - needs: deduplicate - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - uses: github/super-linter@v3.17.1 - env: - GITHUB_TOKEN: ${{ github.token }} - LOG_LEVEL: ERROR - VALIDATE_ALL_CODEBASE: false - VALIDATE_SHELL_SHFMT: false - VALIDATE_JSCPD: false - VALIDATE_TERRAFORM_TERRASCAN: false - FILTER_REGEX_EXCLUDE: '.*test/fixtures/*' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 9832bfa..0000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,78 +0,0 @@ -# ----------------------------------------------------------- # -# Note: this file originates in ahmadnassri/template-node-lib # -# ----------------------------------------------------------- # - -name: test - -on: [ push, pull_request ] - -env: - NODE_ENV: test - -jobs: - deduplicate: - timeout-minutes: 5 - - runs-on: ubuntu-latest - - # run on external PRs, but not on our internal PRs - if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository - - steps: - - run: echo ::info ::duplicate check ran successfully - - audit: - timeout-minutes: 5 - - needs: deduplicate - - runs-on: ubuntu-latest - - steps: - - uses: actions/setup-node@v2.1.5 - - uses: actions/checkout@v2 - - run: npm audit --audit-level=critical - - strategy: - timeout-minutes: 5 - - needs: deduplicate - - runs-on: ubuntu-latest - - outputs: - matrix: ${{ steps.parse.outputs.matrix }} - - steps: - - uses: actions/checkout@v2 - - id: parse - run: echo "::set-output name=matrix::$(jq -c . < .github/matrix.json)" - - test: - needs: [ strategy, audit ] - - timeout-minutes: 5 - - name: ${{ matrix.name || format('node v{0} @ {1}', matrix.node-version, matrix.os) }} - - strategy: - matrix: ${{ fromJSON(needs.strategy.outputs.matrix) }} - - runs-on: ${{ matrix.os }} - - steps: - - uses: actions/setup-node@v2.1.5 - with: - node-version: ${{ matrix.node-version }} - - - uses: actions/checkout@v2 - with: - submodules: true - - - uses: actions/cache@v2.1.5 - with: - path: ~/.npm - key: ${{ matrix.os }}-${{ matrix.node-version }}-${{ hashFiles('**/package-lock.json') }} - - - run: npm ci - - run: npm run test:ci diff --git a/.pandoc.yml b/.pandoc.yml new file mode 100644 index 0000000..6684462 --- /dev/null +++ b/.pandoc.yml @@ -0,0 +1,11 @@ +input-file: docs/README.md +output-file: README.md +metadata-file: colophon.yml +template: docs/README.template + +from: gfm +to: gfm + +wrap: preserve +reference-links: true +fail-if-warnings: false diff --git a/docker-compose.yml b/docker-compose.yml index eab72a1..6452957 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -18,27 +18,21 @@ services: lint: image: github/super-linter:v3 volumes: - - ./:/tmp/lint + - ./:/github/workspace environment: RUN_LOCAL: 'true' LOG_LEVEL: 'ERROR' MULTI_STATUS: 'false' + IGNORE_GITIGNORED_FILES: 'true' + DEFAULT_WORKSPACE: /github/workspace + FILTER_REGEX_EXCLUDE: '/github/workspace/README.md|test/fixtures/*' # ---- readme generator ---- # readme: - image: pandoc/core:2.11.4 + image: pandoc/core:2.13 volumes: - ./:/data - command: >- - --metadata-file=colophon.yml - --template=docs/README.template - --output=README.md - --from=gfm - --to=gfm - --fail-if-warnings - --wrap=preserve - --reference-links - docs/README.md + command: --defaults=.pandoc.yml test: <<: *node