refactor(github): simplify the whole CI (reducing the number of execu…

…table workflows) Signed-off-by: kilianpaquier <[email protected]>
kilianpaquier · Nov 24, 2024 · e827276 · e827276
1 parent 6c7c547
commit e827276
Show file tree

Hide file tree

Showing 119 changed files with 3,268 additions and 4,214 deletions.
diff --git a/.github/actions/version/action.yml b/.github/actions/version/action.yml
diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
@@ -0,0 +1,130 @@
+# Code generated by craft; DO NOT EDIT.
+
+name: CICD
+run-name: CICD
+
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - ready_for_review
+  push:
+    branches:
+      - alpha
+      - beta
+      - dev
+      - develop
+      - development
+      - next
+      - staging
+      - main
+      - master
+      - v[0-9]+.x
+      - v[0-9]+.[0-9]+.x
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+
+  version:
+    name: Version
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.draft == false && github.ref_protected == false) }}
+    environment: version
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+    outputs:
+      branch_sha: ${{ steps.version.outputs.branch_sha }}
+      release: ${{ steps.version.outputs.release }}
+      version: ${{ steps.version.outputs.version }}
+    steps:
+      - uses: actions/checkout@v4
+      # https://github.com/marketplace/actions/action-for-semantic-release
+      - id: semrel_version
+        continue-on-error: true
+        uses: cycjimmy/semantic-release-action@v4
+        with:
+          dry_run: true
+          semantic_version: 24
+          extra_plugins: |
+            @semantic-release/changelog
+            @semantic-release/commit-analyzer
+            @semantic-release/exec
+            @semantic-release/git
+            @semantic-release/github
+            @semantic-release/release-notes-generator
+            conventional-changelog-conventionalcommits
+            semantic-release-license
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - id: version
+        run: |
+          echo "branch_sha=$(echo "${GITHUB_REF_NAME}" | sha256sum | cut -c -8)" >> $GITHUB_OUTPUT
+          if [ "${SEMREL_INFO_NEXT_VERSION}" != "" ]; then
+            echo "version=v${SEMREL_INFO_NEXT_VERSION#v}" >> $GITHUB_OUTPUT
+            echo "release=$([[ "${SEMREL_INFO_NEXT_VERSION#v}" =~ ^[0-9]+(\.[0-9]+){2}$ ]] && echo "true" || echo "false")" >> $GITHUB_OUTPUT
+          else
+            DESCRIBE=$(git describe --tags || echo "v1.0.0")
+            echo "version=v${DESCRIBE#v}" >> $GITHUB_OUTPUT
+            echo "release=false" >> $GITHUB_OUTPUT
+          fi
+        env:
+          SEMREL_INFO_NEXT_VERSION: ${{ steps.semrel_version.outputs.new_release_version }}
+      - run: echo ${VERSION}
+        env:
+          VERSION: ${{ steps.version.outputs.version }}
+
+  golang:
+    name: Golang
+    needs: version
+    uses: ./.github/workflows/golang.yml
+    permissions:
+      checks: write
+    with:
+      event_name: ${{ github.event_name }}
+      version: ${{ needs.version.outputs.version }}
+    secrets: inherit
+
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'push' && github.ref_protected == 'true' }}
+    environment: release
+    needs:
+      - version
+      - golang
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v4
+        with:
+          name: build
+          path: dist
+      # https://github.com/marketplace/actions/action-for-semantic-release
+      - id: semrel_version
+        continue-on-error: true
+        uses: cycjimmy/semantic-release-action@v4
+        with:
+          dry_run: false
+          semantic_version: 24
+          extra_plugins: |
+            @semantic-release/changelog
+            @semantic-release/commit-analyzer
+            @semantic-release/exec
+            @semantic-release/git
+            @semantic-release/github
+            @semantic-release/release-notes-generator
+            conventional-changelog-conventionalcommits
+            semantic-release-license
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/golang.yml b/.github/workflows/golang.yml
@@ -4,53 +4,22 @@ name: Golang
 run-name: Golang
 
 on:
-  pull_request:
-    types:
-      - opened
-      - reopened
-      - synchronize
-      - ready_for_review
-  push:
-    branches:
-      - alpha
-      - beta
-      - dev
-      - develop
-      - development
-      - next
-      - staging
-      - main
-      - master
-      - v[0-9]+.[0-9]+.x
-      - v[0-9]+.x
   workflow_call:
     inputs:
-      build:
-        description: Whether to run build job or not
-        required: false
-        type: boolean
       version:
-        description: Build version to use in build metadata
+        description: Build version to use in build metadata.
+        required: true
+        type: string
+      event_name:
+        description: GitHub Actions real event_name since it will always 'workflow_dispatch' by default.
         required: true
         type: string
-  workflow_dispatch:
 
 jobs:
 
-  run-workflow:
-    name: Run Workflow
-    runs-on: ubuntu-latest
-    if: ${{ github.event_name != 'pull_request' || (github.event_name == 'pull_request' && github.event.pull_request.draft == false && github.ref_protected != true) }}
-    outputs:
-      skip: ${{ steps.skip.outputs.skip }}
-    steps:
-      - id: skip
-        run: echo "Running workflow" && echo "skip=false" >> $GITHUB_OUTPUT
-
   go-vulncheck:
     name: Go Vulnerability Check
     runs-on: ubuntu-latest
-    needs: run-workflow
     steps:
       - uses: golang/govulncheck-action@v1
         with:
@@ -61,7 +30,6 @@ jobs:
   go-lint:
     name: Go Lint
     runs-on: ubuntu-latest
-    needs: run-workflow
     permissions:
       checks: write
     steps:
@@ -80,7 +48,6 @@ jobs:
   go-test:
     name: Go Test
     runs-on: ${{ matrix.os }}
-    needs: run-workflow
     strategy:
       fail-fast: false
       matrix:
@@ -99,8 +66,7 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
       - run: mkdir -p reports/
       - run: go test ./... -coverpkg="./..." -covermode="count" -coverprofile="reports/go-coverage.native.out" -timeout=15s
-      - if: ${{ ! startsWith(github.head_ref, 'dependabot') && ! startsWith(github.head_ref, 'renovate') }}
-        uses: codecov/codecov-action@v4
+      - uses: codecov/codecov-action@v4
         with:
           codecov_yml_path: .codecov.yml
           disable_search: true
@@ -114,9 +80,7 @@ jobs:
   go-build:
     name: Go Build
     runs-on: ubuntu-latest
-    if: ${{ inputs.build }}
     needs:
-      - run-workflow
       - go-test
     steps:
       - uses: actions/checkout@v4
@@ -126,7 +90,8 @@ jobs:
           go-version-file: go.mod
           token: ${{ secrets.GITHUB_TOKEN }}
       # https://github.com/marketplace/actions/goreleaser-action
-      - uses: goreleaser/goreleaser-action@v6
+      - if: ${{ hashFiles('.goreleaser.yml') != '' }}
+        uses: goreleaser/goreleaser-action@v6
         with:
           args: release --clean --config .goreleaser.yml --skip=validate --skip=announce --skip=publish --snapshot
         env: