From 9063d4ee84eed3e831064a71c65cea68f64598f7 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 5 Jul 2024 16:39:28 +0000 Subject: [PATCH] ci: use renovate, update CI and precommit and automate docs --- .github/dependabot.yaml | 6 -- .github/workflows/ci.yaml | 56 +++----------- .github/workflows/release.yaml | 6 +- .github/workflows/update-dependencies.yaml | 25 +++++++ .pre-commit-config.yaml | 22 ++++-- .python-version | 2 +- .releaserc.json | 14 +--- action.yaml | 0 download/README.md | 87 +++++++++++++++++----- requirements.txt | 6 ++ script/update-action-readme | 16 ++++ upload/README.md | 85 +++++++++++++++++---- 12 files changed, 214 insertions(+), 111 deletions(-) delete mode 100644 .github/dependabot.yaml create mode 100644 .github/workflows/update-dependencies.yaml delete mode 100644 action.yaml create mode 100644 requirements.txt create mode 100755 script/update-action-readme diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml deleted file mode 100644 index 253bcb7..0000000 --- a/.github/dependabot.yaml +++ /dev/null @@ -1,6 +0,0 @@ -version: 2 -updates: - - package-ecosystem: github-actions - directory: / - schedule: - interval: daily diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 5be2fc8..1a3db5b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -2,6 +2,7 @@ name: CI on: pull_request: + push: branches: [main] jobs: @@ -9,7 +10,7 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: open-turo/actions-gha/lint@v1 + - uses: open-turo/actions-gha/lint@v2 with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -18,8 +19,7 @@ jobs: runs-on: ubuntu-latest needs: [test-upload, test-download] steps: - # This test is for node-based actions, we want to test our actions - - uses: open-turo/actions-gha/test@v1 + - uses: open-turo/actions-gha/test@v2 with: checkout-repo: true github-token: ${{ secrets.GITHUB_TOKEN }} @@ -32,30 +32,16 @@ jobs: S3_BUCKET: actions-s3-artifact-test steps: - name: Checkout - uses: actions/checkout@v3 - - name: Create python requirements, for caching - run: | - cat > requirements.txt <<-EOF - awscli - awscli-local[ver1] - boto3>=1.20 - botocore<1.28.0,>=1.27.80 - localstack - pyopenssl - EOF + uses: actions/checkout@v4 - name: Setup Python dependency cache - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version-file: .python-version cache: "pip" - name: Install python dependencies run: pip install -r requirements.txt - # TODO: Replace this for faster localstack startup, particularly docker - # image caching or using a leaner image - name: Setup LocalStack uses: HarshCasper/setup-localstack@v0.1.1 - # env: - # LOCALSTACK_API_KEY: ${{ secrets.LOCALSTACK_API_KEY }} - name: Create S3 bucket in localstack run: awslocal s3 mb "s3://${S3_BUCKET}" - name: Upload individual files @@ -113,26 +99,14 @@ jobs: S3_BUCKET: actions-s3-artifact-test steps: - name: Checkout - uses: actions/checkout@v3 - - name: Create python requirements, for caching - run: | - cat > requirements.txt <<-EOF - awscli - awscli-local[ver1] - boto3>=1.20 - botocore<1.28.0,>=1.27.80 - localstack - pyopenssl - EOF + uses: actions/checkout@v4 - name: Setup Python dependency cache - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version-file: .python-version cache: "pip" - name: Install python dependencies run: pip install -r requirements.txt - # TODO: Replace this for faster localstack startup, particularly docker - # image caching or using a leaner image - name: Setup LocalStack uses: HarshCasper/setup-localstack@v0.1.1 - name: Create S3 bucket in localstack @@ -225,26 +199,14 @@ jobs: S3_BUCKET: actions-s3-artifact-test steps: - name: Checkout - uses: actions/checkout@v3 - - name: Create python requirements, for caching - run: | - cat > requirements.txt <<-EOF - awscli - awscli-local[ver1] - boto3>=1.20 - botocore<1.28.0,>=1.27.80 - localstack - pyopenssl - EOF + uses: actions/checkout@v4 - name: Setup Python dependency cache - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version-file: .python-version cache: "pip" - name: Install python dependencies run: pip install -r requirements.txt - # TODO: Replace this for faster localstack startup, particularly docker - # image caching or using a leaner image - name: Setup LocalStack uses: HarshCasper/setup-localstack@v0.1.1 - name: Create S3 bucket in localstack diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8981018..4c9c73a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -9,7 +9,7 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: open-turo/actions-gha/lint@v1 + - uses: open-turo/actions-gha/lint@v2 with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -17,7 +17,7 @@ jobs: name: Test runs-on: ubuntu-latest steps: - - uses: open-turo/actions-gha/test@v1 + - uses: open-turo/actions-gha/test@v2 with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -28,6 +28,6 @@ jobs: name: Release runs-on: ubuntu-latest steps: - - uses: open-turo/actions-gha/release@v1 + - uses: open-turo/actions-gha/release@v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/update-dependencies.yaml b/.github/workflows/update-dependencies.yaml new file mode 100644 index 0000000..85d1ca8 --- /dev/null +++ b/.github/workflows/update-dependencies.yaml @@ -0,0 +1,25 @@ +name: Update dependencies +concurrency: update-dependencies + +on: + schedule: + # Every day at midnight + - cron: "0 0 * * *" + workflow_dispatch: + issue_comment: + types: + - edited + pull_request: + types: + - edited + +jobs: + update-dependencies: + runs-on: ubuntu-latest + name: Update dependencies + steps: + - name: Checkout + uses: actions/checkout@v4 + - uses: open-turo/action-renovate@v1 + with: + github-token: ${{ secrets.OPEN_TURO_GITHUB_TOKEN }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2e7b01d..3cc6108 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,26 +1,34 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.1.0 # Use the ref you want to point at + rev: v4.6.0 # Use the ref you want to point at hooks: - id: check-json - id: check-yaml - - id: pretty-format-json - args: - - --autofix - id: end-of-file-fixer - id: trailing-whitespace + - repo: https://github.com/pre-commit/mirrors-eslint + rev: v9.6.0 + hooks: + - id: eslint - repo: https://github.com/pre-commit/mirrors-prettier - rev: v2.5.1 + rev: v3.1.0 hooks: - id: prettier stages: [commit] - repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook - rev: v8.0.0 + rev: v9.16.0 hooks: - id: commitlint stages: [commit-msg] additional_dependencies: ["@open-turo/commitlint-config-conventional"] - repo: https://github.com/rhysd/actionlint - rev: v1.6.8 + rev: v1.7.1 hooks: - id: actionlint + - repo: local + hooks: + - id: update-action-readme + name: update-action-readme + entry: ./script/update-action-readme + language: script + files: '.*action\.yaml$' diff --git a/.python-version b/.python-version index 8d7f852..1445aee 100644 --- a/.python-version +++ b/.python-version @@ -1 +1 @@ -3.10.4 +3.10.14 diff --git a/.releaserc.json b/.releaserc.json index df364cb..db57aea 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -1,15 +1,3 @@ { - "branches": [ - "main", - { - "channel": "next", - "name": "(f|b|c)/*", - "prerelease": "beta-<%= (/^\\w+-\\d+/.exec(name.substr(2)) || [])[0] %>" - } - ], - "plugins": [ - "@semantic-release/commit-analyzer", - "@semantic-release/release-notes-generator", - "@semantic-release/github" - ] + "extends": "@open-turo/semantic-release-config" } diff --git a/action.yaml b/action.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/download/README.md b/download/README.md index 5107394..0e7c0b6 100644 --- a/download/README.md +++ b/download/README.md @@ -1,6 +1,13 @@ # Github Action S3 Artifact Download -This action downloads a file or directory from an S3 bucket. + + + +## Description + +GitHub Action that builds Node based repository + + ## Usage @@ -127,25 +134,69 @@ This example shows how to make a passthrough failure download attempt. not-found: ignore ``` + + ## Inputs -| parameter | description | required | default | -| --------------------- | ------------------------------------------------------------- | -------- | --------- | -| path | Path to download artifacts to | `false` | . | -| strip | Strip leading path components from downloaded artifacts | `false` | | -| s3uri | S3 uri to artifact to download | `true` | | -| not-found | What to do if the artifact is not found (error, warn, ignore) | `false` | error | -| aws-access-key-id | AWS access key ID of the S3 location | `false` | | -| aws-secret-access-key | AWS secret access key ID of the S3 location | `false` | | -| aws-region | AWS region of the S3 location | `false` | us-east-1 | - -## Outputs - -| parameter | description | -| --------- | -------------------------------------------- | -| s3uri | S3 URL for uploaded artifact | -| success | Whether the artifact download was successful | - +| parameter | description | required | default | +| --- | --- | --- | --- | +| checkout-repo | Perform checkout as first step of action | `false` | true | +| build-script | Custom script to run, should be defined in package.json. | `false` | build | +| github-token | GitHub token that can checkout the repository. e.g. 'secrets.GITHUB_TOKEN' | `true` | ${{ github.token }} | +| npm-auth-token | The Node Package Manager (npm) authentication token. This token is used to authenticate against a private NPM registry configured via a .npmrc file. | `false` | | +| npm-token | The Node Package Manager (npm) authentication token. This token is used to authenticate against the NPM registry. | `false` | | + + ## Runs This action is a `composite` action. + +## Usage + +```yaml +- uses: @ + with: + path: + # Path to download artifacts to + # + # Required: false + # Default: . + + strip: + # Strip leading path components from downloaded artifacts + # + # Required: false + # Default: "" + + s3uri: + # S3 uri to artifact to download + # + # Required: true + # Default: "" + + not-found: + # What to do if the artifact is not found (error, warn, ignore) + # + # Required: false + # Default: error + + aws-access-key-id: + # AWS access key ID of the S3 location + # + # Required: false + # Default: "" + + aws-secret-access-key: + # AWS secret access key ID of the S3 location + # + # Required: false + # Default: "" + + aws-region: + # AWS region of the S3 location + # + # Required: false + # Default: us-east-1 +``` + + diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..a60af0f --- /dev/null +++ b/requirements.txt @@ -0,0 +1,6 @@ +awscli==1.33.21 +awscli-local==0.22.0 +boto3==1.34.139 +botocore==1.34.139 +localstack==3.5.0 +pyOpenSSL==24.1.0 diff --git a/script/update-action-readme b/script/update-action-readme new file mode 100755 index 0000000..33bf225 --- /dev/null +++ b/script/update-action-readme @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +set -e + +for i in $*; do + # ignore if the file does not end with /action.yaml + if [[ "$i" != *"/action.yaml" ]]; then + echo "skipping: ${i}" + continue + fi + + echo "npx action-docs --no-banner -s "${i}"" + cd $(dirname "$i") + npx action-docs@2 --no-banner -s action.yaml -u README.md || echo "action-docs failed for $i" + cd - +done diff --git a/upload/README.md b/upload/README.md index 86fd9be..579cd71 100644 --- a/upload/README.md +++ b/upload/README.md @@ -1,6 +1,13 @@ # Github Action S3 Artifact upload -This action uploads one or multiple files to an s3 uri location. + + + +## Description + +GitHub Action that builds Node based repository + + ## Usage @@ -91,23 +98,69 @@ key `YYYY-MM-DD` as name. aws-region: ${{ secrets.AWS_REGION }} ``` + + ## Inputs -| parameter | description | required | default | -| --------------------- | ------------------------------------------------------------------ | -------- | -------------------------------------------------------------------- | -| path | Path(s) to the artifacts to upload | `true` | | -| s3uri | S3 url for bucket and path prefix of the artifact | `true` | | -| key | Artifact key name (a unique hash or timestamp or other identifier) | `false` | ${{ github.sha }}-${{ github.run_number }}-${{ github.run_attempt }} | -| aws-access-key-id | AWS access key ID of the S3 location | `false` | | -| aws-secret-access-key | AWS secret access key ID of the S3 location | `false` | | -| aws-region | AWS region of the S3 location | `false` | us-east-1 | - -## Outputs - -| parameter | description | -| --------- | ---------------------------- | -| s3uri | S3 URL for uploaded artifact | - +| parameter | description | required | default | +| --- | --- | --- | --- | +| checkout-repo | Perform checkout as first step of action | `false` | true | +| build-script | Custom script to run, should be defined in package.json. | `false` | build | +| github-token | GitHub token that can checkout the repository. e.g. 'secrets.GITHUB_TOKEN' | `true` | ${{ github.token }} | +| npm-auth-token | The Node Package Manager (npm) authentication token. This token is used to authenticate against a private NPM registry configured via a .npmrc file. | `false` | | +| npm-token | The Node Package Manager (npm) authentication token. This token is used to authenticate against the NPM registry. | `false` | | + + ## Runs This action is a `composite` action. + +## Usage + +```yaml +- uses: @ + with: + path: + # Path(s) to the artifacts to upload + # + # Required: true + # Default: "" + + s3uri: + # S3 url for bucket and path prefix of the artifact + # + # Required: true + # Default: "" + + key: + # Artifact key name (a unique hash or timestamp or other identifier) + # + # Required: false + # Default: ${{ github.sha }}-${{ github.run_number }}-${{ github.run_attempt }} + + aws-access-key-id: + # AWS access key ID of the S3 location + # + # Required: false + # Default: "" + + aws-secret-access-key: + # AWS secret access key ID of the S3 location + # + # Required: false + # Default: "" + + aws-region: + # AWS region of the S3 location + # + # Required: false + # Default: us-east-1 + + compress: + # Whether to build a tarball of the artifacts before uploading + # + # Required: false + # Default: true +``` + +