forked from filipeforattini/ff-iac-github-actions
-
Notifications
You must be signed in to change notification settings - Fork 0
145 lines (119 loc) · 4.14 KB
/
pkg.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: app
concurrency:
group: ${{github.workflow}}-${{github.event_name}}
#--------------------------------------------------#
# Triggers #
#--------------------------------------------------#
on:
workflow_call:
inputs:
mainBranch:
type: string
required: false
default: master
description: "Main repository branch may interfere with versioning"
ecosystem:
type: string
required: false
description: "Special prefix that will be added to the image name"
staticAnalysis:
type: boolean
required: false
default: false
description: "Enable static analysis scans"
autoVersioning:
type: boolean
required: false
default: true
description: "Enable auto versioning with semantic versioning"
buildDirectory:
type: string
required: false
default: "dist"
description: "Output directory from build"
#--------------------------------------------------#
# Workflow Jobs #
#--------------------------------------------------#
jobs:
#--------------------------------------------------#
# Setup Jobs #
#--------------------------------------------------#
Setup:
runs-on: ubuntu-latest
outputs:
Event: ${{steps.analysis.outputs.event}}
Analysis: ${{steps.analysis.outputs.result}}
Environment: ${{steps.analysis.outputs.environment}}
steps:
# pre-job
- name: Setup | Cloning repository
uses: actions/checkout@v3
# job
- name: Pipeline config scrapper
id: analysis
uses: filipeforattini/ff-iac-github-actions/.github/actions/config-scrapper@main
with:
writeSummary: true
#--------------------------------------------------#
# Static Analysis #
#--------------------------------------------------#
Static-Analysis:
runs-on: ubuntu-latest
if: needs.Setup.outputs.Event == 'push'
needs: Setup
permissions:
security-events: write
steps:
# pre-job
- name: Setup | Cloning repository
uses: actions/checkout@v3
if: inputs.staticAnalysis
with:
token: "${{secrets.GITHUB_TOKEN}}"
fetch-depth: '0'
persist-credentials: false
#job
- name: Run code analysis
uses: filipeforattini/ff-iac-github-actions/.github/actions/pack-static-code-analysis@main
if: inputs.staticAnalysis
with:
token: "${{secrets.PIPELINE_DEPLOY_TOKEN}}"
language: ${{needs.Setup.outputs.Language}}
#--------------------------------------------------#
# Release #
#--------------------------------------------------#
Release:
runs-on: ubuntu-latest
if: needs.Setup.outputs.Event == 'push'
needs:
- Static-Analysis
outputs:
Version: ${{ steps.versioning.outputs.version }}
steps:
# pre-job
- name: Setup | Cloning repository
uses: actions/checkout@v3
with:
fetch-depth: 0
# persist-credentials: false
- name: Setup | Pipeline config scrapper
uses: filipeforattini/ff-iac-github-actions/.github/actions/config-scrapper@main
id: analysis
# release
- name: Semantic Release
uses: filipeforattini/ff-iac-github-actions/.github/actions/pack-semantic-release@main
if: inputs.autoVersioning
with:
writeSummary: true
token: ${{secrets.PIPELINE_DEPLOY_TOKEN}}
installNode: true
npmPlugin: true
defaultBranch: ${{ inputs.mainBranch }}
author: ${{steps.analysis.outputs.commiter_name}}
email: ${{steps.analysis.outputs.commiter_email}}
files: '["package.json","dist/**/*.{js,css}"]'
- name: Current Version
id: versioning
run: |
echo "version=$(cat package.json | jq -r '.version')" >> $GITHUB_OUTPUT
echo -e "\n\nINFO current version = $(cat package.json | jq -r '.version')\n\n"