refactor: simplify the whole CI (reducing the number of executable wo…

…rkflows) and rework engine to avoid multiple weird types Signed-off-by: kilianpaquier <[email protected]>
kilianpaquier · Dec 2, 2024 · cdc3185 · cdc3185
1 parent 6c7c547
commit cdc3185
Show file tree

Hide file tree

Showing 571 changed files with 4,928 additions and 26,837 deletions.
diff --git a/.github/actions/version/action.yml b/.github/actions/version/action.yml
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -25,6 +25,7 @@ updates:
       prefix: ci
     reviewers:
       - kilianpaquier
+
   - package-ecosystem: gomod
     directory: /
     schedule:

diff --git a/..._golang/.github/workflows/golang.yml.tmpl → .github/workflows/ci.yml b/..._golang/.github/workflows/golang.yml.tmpl → .github/workflows/ci.yml
@@ -1,10 +1,7 @@
 # Code generated by craft; DO NOT EDIT.
 
-name: Golang
-run-name: Golang
-
-<<- $gocli := and (gt (len .Clis) 0) (not .NoGoreleaser) >>
-<<- $docker := and .Docker (gt .Binaries 0) >>
+name: CICD
+run-name: CICD
 
 on:
   pull_request:
@@ -22,37 +19,75 @@ on:
       - development
       - next
       - staging
-<<- if not .IsAutoRelease >>
       - main
       - master
-      - v[0-9]+.[0-9]+.x
       - v[0-9]+.x
-<<- end >>
-  workflow_call:
+      - v[0-9]+.[0-9]+.x
+  workflow_dispatch:
     inputs:
-<<- if $gocli >>
-      build:
-        description: Whether to run build job or not
-        required: false
+      dry_run:
+        description: Whether to run all impacting jobs in dry run or preview mode.
         type: boolean
-<<- end >>
-      version:
-        description: Build version to use in build metadata
-        required: true
-        type: string
-  workflow_dispatch:
 
-jobs:
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
 
+jobs:
   run-workflow:
     name: Run Workflow
     runs-on: ubuntu-latest
     if: ${{ github.event_name != 'pull_request' || (github.event_name == 'pull_request' && github.event.pull_request.draft == false && github.ref_protected != true) }}
-    outputs:
-      skip: ${{ steps.skip.outputs.skip }}
     steps:
       - id: skip
-        run: echo "Running workflow" && echo "skip=false" >> $GITHUB_OUTPUT
+        run: echo "Running workflow"
+
+  version:
+    name: Version
+    runs-on: ubuntu-latest
+    needs: run-workflow
+    if: ${{ github.event_name != 'pull_request' }}
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+      id-token: none
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      # https://github.com/marketplace/actions/action-for-semantic-release
+      - id: semrel_version
+        uses: cycjimmy/semantic-release-action@v4
+        with:
+          dry_run: true
+          semantic_version: 24
+          extra_plugins: |
+            @semantic-release/changelog
+            @semantic-release/commit-analyzer
+            @semantic-release/exec
+            @semantic-release/git
+            @semantic-release/github
+            @semantic-release/release-notes-generator
+            conventional-changelog-conventionalcommits
+            semantic-release-license
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - id: version
+        run: |
+          if [ "${SEMREL_INFO_NEXT_VERSION}" != "" ]; then
+            echo "version=v${SEMREL_INFO_NEXT_VERSION#v}" >> $GITHUB_OUTPUT
+          else
+            DESCRIBE=$(git describe --tags || echo "v0.0.0")
+            echo "version=v${DESCRIBE#v}" >> $GITHUB_OUTPUT
+          fi
+        env:
+          SEMREL_INFO_NEXT_VERSION: ${{ steps.semrel_version.outputs.new_release_version }}
+      - run: echo ${VERSION}
+        env:
+          VERSION: ${{ steps.version.outputs.version }}
 
   go-vulncheck:
     name: Go Vulnerability Check
@@ -83,13 +118,6 @@ jobs:
       - uses: golangci/golangci-lint-action@v6
         with:
           args: --config .golangci.yml --timeout 240s --fast --sort-results --out-format checkstyle:reports/go-ci-lint.checkstyle.xml,colored-line-number
-<<- if has "sonar" .CI.Options >>
-      - uses: actions/upload-artifact@v4
-        with:
-          name: lint
-          path: reports
-          retention-days: 1
-<<- end >>
 
   go-test:
     name: Go Test
@@ -102,8 +130,6 @@ jobs:
           - macos-latest
           - ubuntu-latest
           - windows-latest
-    env:
-      OS: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
@@ -113,9 +139,7 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
       - run: mkdir -p reports/
       - run: go test ./... -coverpkg="./..." -covermode="count" -coverprofile="reports/go-coverage.native.out" -timeout=15s
-<<- if has "codecov" .CI.Options >>
-      - if: ${{ ! startsWith(github.head_ref, 'dependabot') && ! startsWith(github.head_ref, 'renovate') }}
-        uses: codecov/codecov-action@v4
+      - uses: codecov/codecov-action@v4
         with:
           codecov_yml_path: .codecov.yml
           disable_search: true
@@ -125,23 +149,14 @@ jobs:
           flags: ${{ matrix.os }}
           slug: ${{ github.repository }}
           token: ${{ secrets.CODECOV_TOKEN }}
-<<- end >>
-<<- if has "sonar" .CI.Options >>
-      - uses: actions/upload-artifact@v4
-        with:
-          name: coverage
-          path: reports
-          retention-days: 1
-<<- end >>
-
-<<- if $gocli >>
+        env:
+          OS: ${{ matrix.os }}
 
   go-build:
     name: Go Build
     runs-on: ubuntu-latest
-    if: ${{ inputs.build }}
     needs:
-      - run-workflow
+      - version
       - go-test
     steps:
       - uses: actions/checkout@v4
@@ -151,11 +166,12 @@ jobs:
           go-version-file: go.mod
           token: ${{ secrets.GITHUB_TOKEN }}
       # https://github.com/marketplace/actions/goreleaser-action
-      - uses: goreleaser/goreleaser-action@v6
+      - if: ${{ hashFiles('.goreleaser.yml') != '' }}
+        uses: goreleaser/goreleaser-action@v6
         with:
           args: release --clean --config .goreleaser.yml --skip=validate --skip=announce --skip=publish --snapshot
         env:
-          VERSION: ${{ inputs.version }}
+          VERSION: ${{ needs.version.outputs.version }}
       - uses: actions/upload-artifact@v4
         with:
           name: build
@@ -166,47 +182,43 @@ jobs:
             !dist/*.yaml
             !dist/*/
           retention-days: 1
-<<- end >>
-
-<<- if has "sonar" .CI.Options >>
 
-  sonar-analysis:
-    name: Sonar Analysis
+  release:
+    name: Release
     runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'push' && github.ref_protected == 'true' }}
+    environment:
+      name: release
+      url: ${{ github.server_url }}/${{ github.repository_owner }}/${{ github.repository }}/releases/tag/${{ steps.semrel_version.outputs.new_release_version }}
     needs:
-      - run-workflow
-      - go-lint
-      - go-test
-    env:
-      SONAR_USER_HOME: .sonar
+      - go-build
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+      id-token: none
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - uses: actions/download-artifact@v4
         with:
-          merge-multiple: true
-          path: reports
-      - uses: actions/cache@v4
-        with:
-          path: ${{ env.SONAR_USER_HOME }}
-          key: sonar-cache
-      - uses: sonarsource/sonarcloud-github-action@master
-        if: ${{ github.event_name == 'pull_request' }}
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          name: build
+          path: dist
+      # https://github.com/marketplace/actions/action-for-semantic-release
+      - id: semrel_version
+        uses: cycjimmy/semantic-release-action@v4
         with:
-          args: |
-            -Dproject.settings=sonar.properties
-            -Dsonar.pullrequest.base=${{ github.base_ref }}
-            -Dsonar.pullrequest.branch=${{ github.head_ref }}
-            -Dsonar.pullrequest.key=${{ github.event.issue.number }}
-      - uses: sonarsource/sonarcloud-github-action@master
-        if: ${{ github.event_name == 'push' }}
+          dry_run: ${{ inputs.dry_run == 'true' }}
+          semantic_version: 24
+          extra_plugins: |
+            @semantic-release/changelog
+            @semantic-release/commit-analyzer
+            @semantic-release/exec
+            @semantic-release/git
+            @semantic-release/github
+            @semantic-release/release-notes-generator
+            conventional-changelog-conventionalcommits
+            semantic-release-license
         env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        with:
-          args: |
-            -Dproject.settings=sonar.properties
-            -Dsonar.branch.name=${{ github.ref_name }}
-<<- end >>
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -10,7 +10,7 @@
 # We have attempted to detect the languages in your repository. Please check
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
-#
+
 name: CodeQL
 run-name: CodeQL
 

diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml
@@ -19,7 +19,6 @@ on:
       - v[0-9]+.x
 
 jobs:
-
   go-dependency-submission:
     name: Go Dependency Submission
     runs-on: ubuntu-latest