From e5e242a20a5eeade1d8bb4d85f0b2f32379d7b00 Mon Sep 17 00:00:00 2001 From: Evgeniy Frolov Date: Mon, 9 Dec 2024 15:26:26 +0300 Subject: [PATCH] chore(ci): update notifications (#279) Signed-off-by: Evgeniy Frolov --- .github/workflows/_notification.yml | 73 +++++++++++++++++++ .../docs_cli_and_api_partials_checker.yml | 6 +- .github/workflows/lint.yaml | 4 +- .github/workflows/release_please.yml | 58 +++++++-------- .github/workflows/tests.yml | 52 ++++++------- .github/workflows/trdl_publisher.yml | 48 ++++++------ .github/workflows/trdl_releaser.yml | 54 ++++++-------- .../website_broken_links_checker.yml | 1 - .github/workflows/website_converge.yml | 46 +++++------- .github/workflows/website_review.yml | 32 ++++---- .github/workflows/website_review_dismiss.yml | 28 ++++--- .github/workflows/website_test.yml | 24 +++--- 12 files changed, 232 insertions(+), 194 deletions(-) create mode 100644 .github/workflows/_notification.yml diff --git a/.github/workflows/_notification.yml b/.github/workflows/_notification.yml new file mode 100644 index 00000000..c43309f2 --- /dev/null +++ b/.github/workflows/_notification.yml @@ -0,0 +1,73 @@ +name: xxxxx(internal) + +on: + workflow_call: + secrets: + webhook: + description: "Loop webhook URL" + required: true + notificationChannel: + description: "Loop notification channel" + required: true + loopNotificationGroup: + description: "Loop notification group" + required: false + +defaults: + run: + shell: bash + +jobs: + _: + runs-on: ubuntu-22.04 + timeout-minutes: 10 + steps: + - name: Run workflow status conclusion manager + uses: technote-space/workflow-conclusion-action@v3 + + - if: env.WORKFLOW_CONCLUSION == 'failure' + name: get failed jobs + id: failed_jobs + run: | + echo 'failed<> $GITHUB_OUTPUT + echo "$(curl ${{ github.api_url }}/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/jobs | jq -r '.jobs[]| select (.conclusion == "failure") | .html_url')" >> $GITHUB_OUTPUT + echo 'EOF' >> $GITHUB_OUTPUT + - if: (env.WORKFLOW_CONCLUSION == 'failure' && startsWith(github.ref, 'refs/pull/')) + name: get user + id: get_user + run: | + echo username=$(curl ${{ github.api_url }}/users/${{ github.triggering_actor }} | jq -r '.name' | tr '[:upper:]' '[:lower:]' | tr " " . ) >> $GITHUB_OUTPUT + + - if: "(env.WORKFLOW_CONCLUSION == 'failure' && ! startsWith(github.ref, 'refs/pull/'))" + name: Failure notify + uses: mattermost/action-mattermost-notify@master + with: + MATTERMOST_WEBHOOK_URL: ${{ secrets.webhook }} + MATTERMOST_CHANNEL: ${{ secrets.notificationChannel }} + TEXT: | + ${{ secrets.loopNotificationGroup }} Прод упал в ${{ github.repository }} :pepe_monkaw: + [${{ github.workflow }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) ${{ github.ref_name }} :pepe_deadge: + Упавшие джобы: + ${{ steps.failed_jobs.outputs.failed }} + + - if: env.WORKFLOW_CONCLUSION == 'success' + name: Success notify + uses: mattermost/action-mattermost-notify@master + with: + MATTERMOST_WEBHOOK_URL: ${{ secrets.webhook }} + MATTERMOST_CHANNEL: ${{ secrets.notificationChannel }} + TEXT: | + Workflow успешно завершился в ${{ github.repository }} :bender: + [${{ github.workflow }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) ${{ github.ref_name }} :success: + + - if: (env.WORKFLOW_CONCLUSION == 'failure' && startsWith(github.ref, 'refs/pull/')) + name: Failure notify for PRs + uses: mattermost/action-mattermost-notify@master + with: + MATTERMOST_WEBHOOK_URL: ${{ secrets.webhook }} + MATTERMOST_CHANNEL: ${{ secrets.notificationChannel }} + TEXT: | + @${{ steps.get_user.outputs.username }} Проблема в ветке в ${{ github.repository }} :press_f: + [${{ github.workflow }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) ${{ github.ref_name }} :pepe_deadge: + Упавшие джобы: + ${{ steps.failed_jobs.outputs.failed }} diff --git a/.github/workflows/docs_cli_and_api_partials_checker.yml b/.github/workflows/docs_cli_and_api_partials_checker.yml index 4e297be1..5e52c4b8 100644 --- a/.github/workflows/docs_cli_and_api_partials_checker.yml +++ b/.github/workflows/docs_cli_and_api_partials_checker.yml @@ -2,9 +2,9 @@ name: CLI and API partials checker on: push: paths: - - '.github/workflows/docs_cli_and_api_partials_checker.yml' - - 'client/cmd/**' - - 'server/**' + - ".github/workflows/docs_cli_and_api_partials_checker.yml" + - "client/cmd/**" + - "server/**" workflow_dispatch: jobs: diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index d93e0711..25c2b26b 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -2,7 +2,7 @@ name: Lint on: push: paths: - - '**/*.go' + - "**/*.go" workflow_dispatch: jobs: @@ -15,7 +15,7 @@ jobs: max-parallel: 6 fail-fast: false matrix: - directory: [ "client", "server", "e2e" ] + directory: ["client", "server", "e2e"] steps: - name: Checkout code uses: actions/checkout@v4 diff --git a/.github/workflows/release_please.yml b/.github/workflows/release_please.yml index 5bb7d368..46fac475 100644 --- a/.github/workflows/release_please.yml +++ b/.github/workflows/release_please.yml @@ -2,42 +2,42 @@ name: Do release PR or GitHub release on: push: branches: - - main + - main workflow_dispatch: jobs: release-please: runs-on: ubuntu-latest steps: - - uses: werf/third-party-release-please-action@werf - with: - release-type: go - token: ${{ secrets.RELEASE_PLEASE_TOKEN }} - release-notes-header: "## Changelog" - release-notes-footer: | - ## Installation - Download `trdl` Vault plugin binaries from here: - * [Linux amd64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/linux-amd64/bin/vault-plugin-secrets-trdl) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/linux-amd64/bin/vault-plugin-secrets-trdl.sig)) - * [Linux arm64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/linux-arm64/bin/vault-plugin-secrets-trdl) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/linux-arm64/bin/vault-plugin-secrets-trdl.sig)) - * [macOS amd64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/darwin-amd64/bin/vault-plugin-secrets-trdl) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/darwin-amd64/bin/vault-plugin-secrets-trdl.sig)) - * [macOS arm64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/darwin-arm64/bin/vault-plugin-secrets-trdl) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/darwin-arm64/bin/vault-plugin-secrets-trdl.sig)) - * [Windows amd64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/windows-amd64/bin/vault-plugin-secrets-trdl.exe) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/windows-amd64/bin/vault-plugin-secrets-trdl.exe.sig)) + - uses: werf/third-party-release-please-action@werf + with: + release-type: go + token: ${{ secrets.RELEASE_PLEASE_TOKEN }} + release-notes-header: "## Changelog" + release-notes-footer: | + ## Installation + Download `trdl` Vault plugin binaries from here: + * [Linux amd64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/linux-amd64/bin/vault-plugin-secrets-trdl) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/linux-amd64/bin/vault-plugin-secrets-trdl.sig)) + * [Linux arm64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/linux-arm64/bin/vault-plugin-secrets-trdl) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/linux-arm64/bin/vault-plugin-secrets-trdl.sig)) + * [macOS amd64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/darwin-amd64/bin/vault-plugin-secrets-trdl) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/darwin-amd64/bin/vault-plugin-secrets-trdl.sig)) + * [macOS arm64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/darwin-arm64/bin/vault-plugin-secrets-trdl) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/darwin-arm64/bin/vault-plugin-secrets-trdl.sig)) + * [Windows amd64](https://storage.googleapis.com/trdl-server-tuf/targets/releases/{{> version }}/windows-amd64/bin/vault-plugin-secrets-trdl.exe) ([PGP signature](https://storage.googleapis.com/trdl-server-tuf/targets/signatures/{{> version }}/windows-amd64/bin/vault-plugin-secrets-trdl.exe.sig)) - These binaries were signed with PGP and could be verified with [this PGP public key](https://trdl.dev/trdl-server.asc). + These binaries were signed with PGP and could be verified with [this PGP public key](https://trdl.dev/trdl-server.asc). - Download `trdl` client binaries from here: - * [Linux amd64](https://tuf.trdl.dev/targets/releases/{{> version }}/linux-amd64/bin/trdl) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/linux-amd64/bin/trdl.sig)) - * [Linux arm64](https://tuf.trdl.dev/targets/releases/{{> version }}/linux-arm64/bin/trdl) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/linux-arm64/bin/trdl.sig)) - * [macOS amd64](https://tuf.trdl.dev/targets/releases/{{> version }}/darwin-amd64/bin/trdl) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/darwin-amd64/bin/trdl.sig)) - * [macOS arm64](https://tuf.trdl.dev/targets/releases/{{> version }}/darwin-arm64/bin/trdl) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/darwin-arm64/bin/trdl.sig)) - * [Windows amd64](https://tuf.trdl.dev/targets/releases/{{> version }}/windows-amd64/bin/trdl.exe) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/windows-amd64/bin/trdl.exe.sig)) + Download `trdl` client binaries from here: + * [Linux amd64](https://tuf.trdl.dev/targets/releases/{{> version }}/linux-amd64/bin/trdl) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/linux-amd64/bin/trdl.sig)) + * [Linux arm64](https://tuf.trdl.dev/targets/releases/{{> version }}/linux-arm64/bin/trdl) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/linux-arm64/bin/trdl.sig)) + * [macOS amd64](https://tuf.trdl.dev/targets/releases/{{> version }}/darwin-amd64/bin/trdl) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/darwin-amd64/bin/trdl.sig)) + * [macOS arm64](https://tuf.trdl.dev/targets/releases/{{> version }}/darwin-arm64/bin/trdl) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/darwin-arm64/bin/trdl.sig)) + * [Windows amd64](https://tuf.trdl.dev/targets/releases/{{> version }}/windows-amd64/bin/trdl.exe) ([PGP signature](https://tuf.trdl.dev/targets/signatures/{{> version }}/windows-amd64/bin/trdl.exe.sig)) - These binaries were signed with PGP and could be verified with [this PGP public key](https://trdl.dev/trdl-client.asc). + These binaries were signed with PGP and could be verified with [this PGP public key](https://trdl.dev/trdl-client.asc). - For example, `trdl` client binary can be downloaded, verified with `gpg` and then installed to `~/bin/` on Linux with these commands: - ```shell - curl -sSLO "https://tuf.trdl.dev/targets/releases/{{> version }}/linux-amd64/bin/trdl" -O "https://tuf.trdl.dev/targets/signatures/{{> version }}/linux-amd64/bin/trdl.sig" - curl -sSL https://trdl.dev/trdl-client.asc | gpg --import - gpg --verify trdl.sig trdl - install -D trdl ~/bin/trdl - ``` + For example, `trdl` client binary can be downloaded, verified with `gpg` and then installed to `~/bin/` on Linux with these commands: + ```shell + curl -sSLO "https://tuf.trdl.dev/targets/releases/{{> version }}/linux-amd64/bin/trdl" -O "https://tuf.trdl.dev/targets/signatures/{{> version }}/linux-amd64/bin/trdl.sig" + curl -sSL https://trdl.dev/trdl-client.asc | gpg --import + gpg --verify trdl.sig trdl + install -D trdl ~/bin/trdl + ``` diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 0c259aea..9adb5a9a 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -1,30 +1,30 @@ name: Tests on: push: + branches: [main] paths: - - 'client/scripts/ci' - - 'client/scripts/minio' - - '.github/workflows/tests.yml' - - '**/*.go' + - "client/scripts/ci" + - "client/scripts/minio" + - ".github/workflows/tests.yml" + - "**/*.go" - go.mod schedule: - - cron: '0 8 * * *' + - cron: "0 8 * * *" + pull_request: repository_dispatch: - types: [ tests ] + types: [tests] workflow_dispatch: jobs: - tests: name: Tests strategy: fail-fast: false matrix: - directory: [ server ] - os: [ ubuntu-latest ] + directory: [server] + os: [ubuntu-latest] runs-on: ${{ matrix.os }} steps: - - name: Checkout code uses: actions/checkout@v4 @@ -39,20 +39,20 @@ jobs: export TRDL_TEST_COVERAGE_DIR=$GITHUB_WORKSPACE/tests_coverage/tests/${{ matrix.os }}/${{ matrix.directory }} mkdir -p $TRDL_TEST_COVERAGE_DIR echo TRDL_TEST_COVERAGE_DIR=$TRDL_TEST_COVERAGE_DIR >> $GITHUB_ENV - + # git user ./e2e/scripts/ci/git.sh - + # install gpg sudo apt-get update sudo apt-get install gpg - + # install git-signatures git clone https://github.com/werf/3p-git-signatures.git cd 3p-git-signatures make install echo "~/.local/bin" >> $GITHUB_PATH - + # install ginkgo go install github.com/onsi/ginkgo/v2/ginkgo@latest shell: bash @@ -72,10 +72,9 @@ jobs: strategy: fail-fast: false matrix: - os: [ ubuntu-latest ] + os: [ubuntu-latest] runs-on: ${{ matrix.os }} steps: - - name: Checkout code uses: actions/checkout@v4 @@ -100,11 +99,11 @@ jobs: # git user ./scripts/ci/git.sh - + # install gpg sudo apt-get update sudo apt-get install gpg - + # install git-signatures git clone https://github.com/werf/3p-git-signatures.git cd 3p-git-signatures @@ -130,7 +129,6 @@ jobs: - e2e_tests runs-on: ubuntu-latest steps: - - name: Checkout code uses: actions/checkout@v4 @@ -180,14 +178,8 @@ jobs: name: Notification if: always() needs: upload_coverage - runs-on: ubuntu-latest - steps: - - - uses: technote-space/workflow-conclusion-action@v2 - - - name: Notify - uses: rtCamp/action-slack-notify@v2 - env: - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - SLACK_COLOR: ${{ env.WORKFLOW_CONCLUSION }} - MSG_MINIMAL: "ref,actions url" + uses: ./.github/workflows/_notification.yml + secrets: + loopNotificationGroup: ${{ secrets.LOOP_NOTIFICATION_GROUP }} + webhook: ${{ secrets.LOOP_NOTIFICATION_WEBHOOK }} + notificationChannel: ${{ secrets.LOOP_NOTIFICATION_CHANNEL }} diff --git a/.github/workflows/trdl_publisher.yml b/.github/workflows/trdl_publisher.yml index 31e3d21c..ea013117 100644 --- a/.github/workflows/trdl_publisher.yml +++ b/.github/workflows/trdl_publisher.yml @@ -12,36 +12,30 @@ jobs: name: Publish release channels using trdl server runs-on: ubuntu-latest steps: - - name: Publish client channels - uses: werf/trdl-vault-actions/publish@main - with: - vault-addr: ${{ secrets.TRDL_VAULT_ADDR }} - project-name: trdl - vault-auth-method: approle - vault-role-id: ${{ secrets.TRDL_VAULT_ROLE_ID }} - vault-secret-id: ${{ secrets.TRDL_VAULT_SECRET_ID }} + - name: Publish client channels + uses: werf/trdl-vault-actions/publish@main + with: + vault-addr: ${{ secrets.TRDL_VAULT_ADDR }} + project-name: trdl + vault-auth-method: approle + vault-role-id: ${{ secrets.TRDL_VAULT_ROLE_ID }} + vault-secret-id: ${{ secrets.TRDL_VAULT_SECRET_ID }} - - name: Publish server channels - uses: werf/trdl-vault-actions/publish@main - with: - vault-addr: ${{ secrets.TRDL_VAULT_ADDR }} - project-name: trdl-server - vault-auth-method: approle - vault-role-id: ${{ secrets.TRDL_VAULT_ROLE_ID_FOR_TRDL_SERVER }} - vault-secret-id: ${{ secrets.TRDL_VAULT_SECRET_ID_FOR_TRDL_SERVER }} + - name: Publish server channels + uses: werf/trdl-vault-actions/publish@main + with: + vault-addr: ${{ secrets.TRDL_VAULT_ADDR }} + project-name: trdl-server + vault-auth-method: approle + vault-role-id: ${{ secrets.TRDL_VAULT_ROLE_ID_FOR_TRDL_SERVER }} + vault-secret-id: ${{ secrets.TRDL_VAULT_SECRET_ID_FOR_TRDL_SERVER }} notification: name: Notification if: always() needs: publish - runs-on: ubuntu-latest - steps: - - - uses: technote-space/workflow-conclusion-action@v2 - - - name: Notify - uses: rtCamp/action-slack-notify@v2 - env: - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - SLACK_COLOR: ${{ env.WORKFLOW_CONCLUSION }} - MSG_MINIMAL: "ref,actions url" + uses: ./.github/workflows/_notification.yml + secrets: + loopNotificationGroup: ${{ secrets.LOOP_NOTIFICATION_GROUP }} + webhook: ${{ secrets.LOOP_NOTIFICATION_WEBHOOK }} + notificationChannel: ${{ secrets.LOOP_NOTIFICATION_CHANNEL }} diff --git a/.github/workflows/trdl_releaser.yml b/.github/workflows/trdl_releaser.yml index fb52d4c8..2b758959 100644 --- a/.github/workflows/trdl_releaser.yml +++ b/.github/workflows/trdl_releaser.yml @@ -9,38 +9,32 @@ jobs: name: Perform trdl release using trdl server runs-on: ubuntu-latest steps: - - name: Release client - uses: werf/trdl-vault-actions/release@main - with: - vault-addr: ${{ secrets.TRDL_VAULT_ADDR }} - project-name: trdl - git-tag: ${{ github.event.ref }} - vault-auth-method: approle - vault-role-id: ${{ secrets.TRDL_VAULT_ROLE_ID }} - vault-secret-id: ${{ secrets.TRDL_VAULT_SECRET_ID }} + - name: Release client + uses: werf/trdl-vault-actions/release@main + with: + vault-addr: ${{ secrets.TRDL_VAULT_ADDR }} + project-name: trdl + git-tag: ${{ github.event.ref }} + vault-auth-method: approle + vault-role-id: ${{ secrets.TRDL_VAULT_ROLE_ID }} + vault-secret-id: ${{ secrets.TRDL_VAULT_SECRET_ID }} - - name: Release server - uses: werf/trdl-vault-actions/release@main - with: - vault-addr: ${{ secrets.TRDL_VAULT_ADDR }} - project-name: trdl-server - git-tag: ${{ github.event.ref }} - vault-auth-method: approle - vault-role-id: ${{ secrets.TRDL_VAULT_ROLE_ID_FOR_TRDL_SERVER }} - vault-secret-id: ${{ secrets.TRDL_VAULT_SECRET_ID_FOR_TRDL_SERVER }} + - name: Release server + uses: werf/trdl-vault-actions/release@main + with: + vault-addr: ${{ secrets.TRDL_VAULT_ADDR }} + project-name: trdl-server + git-tag: ${{ github.event.ref }} + vault-auth-method: approle + vault-role-id: ${{ secrets.TRDL_VAULT_ROLE_ID_FOR_TRDL_SERVER }} + vault-secret-id: ${{ secrets.TRDL_VAULT_SECRET_ID_FOR_TRDL_SERVER }} notification: name: Notification - if: ${{ always() && startsWith(github.ref, 'refs/tags/v') }} + if: always() && startsWith(github.ref, 'refs/tags/v') needs: release - runs-on: ubuntu-latest - steps: - - - uses: technote-space/workflow-conclusion-action@v2 - - - name: Notify - uses: rtCamp/action-slack-notify@v2 - env: - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - SLACK_COLOR: ${{ env.WORKFLOW_CONCLUSION }} - MSG_MINIMAL: "ref,actions url" + uses: ./.github/workflows/_notification.yml + secrets: + loopNotificationGroup: ${{ secrets.LOOP_NOTIFICATION_GROUP }} + webhook: ${{ secrets.LOOP_NOTIFICATION_WEBHOOK }} + notificationChannel: ${{ secrets.LOOP_NOTIFICATION_CHANNEL }} diff --git a/.github/workflows/website_broken_links_checker.yml b/.github/workflows/website_broken_links_checker.yml index d4fa1086..3bfeb650 100644 --- a/.github/workflows/website_broken_links_checker.yml +++ b/.github/workflows/website_broken_links_checker.yml @@ -15,7 +15,6 @@ jobs: matrix: lang: [ru, en] steps: - - name: Checkout code uses: actions/checkout@v4 diff --git a/.github/workflows/website_converge.yml b/.github/workflows/website_converge.yml index 54699879..cfef5cbf 100644 --- a/.github/workflows/website_converge.yml +++ b/.github/workflows/website_converge.yml @@ -3,45 +3,37 @@ on: push: branches: [main] paths: - - '.github/workflows/website_converge.yml' - - 'docs/**' + - ".github/workflows/website_converge.yml" + - "docs/**" workflow_dispatch: env: WERF_REPO: "ghcr.io/${{ github.repository_owner }}/trdl" jobs: - converge: name: Converge site to Production runs-on: ubuntu-latest-4-cores steps: - - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Converge - uses: werf/actions/converge@v1.2 - with: - env: production - kube-config-base64-data: ${{ secrets.KUBECONFIG_BASE64_PROD }} - env: - WERF_DIR: "docs" + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Converge + uses: werf/actions/converge@v1.2 + with: + env: production + kube-config-base64-data: ${{ secrets.KUBECONFIG_BASE64_PROD }} + env: + WERF_DIR: "docs" notification: name: Notification if: always() needs: converge - runs-on: ubuntu-latest - steps: - - - uses: technote-space/workflow-conclusion-action@v2 - - - name: Notify - uses: rtCamp/action-slack-notify@v2 - env: - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - SLACK_COLOR: ${{ env.WORKFLOW_CONCLUSION }} - MSG_MINIMAL: "ref,actions url" + uses: ./.github/workflows/_notification.yml + secrets: + loopNotificationGroup: ${{ secrets.LOOP_NOTIFICATION_GROUP }} + webhook: ${{ secrets.LOOP_NOTIFICATION_WEBHOOK }} + notificationChannel: ${{ secrets.LOOP_NOTIFICATION_CHANNEL }} diff --git a/.github/workflows/website_review.yml b/.github/workflows/website_review.yml index d9ca457a..44fcfaa0 100644 --- a/.github/workflows/website_review.yml +++ b/.github/workflows/website_review.yml @@ -8,28 +8,26 @@ env: WERF_REPO: "ghcr.io/${{ github.repository_owner }}/trdl" jobs: - converge: name: Converge to Review runs-on: ubuntu-latest-4-cores if: github.event.label.name == 'review docs' || contains( github.event.pull_request.labels.*.name, 'review docs' ) steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Print review URL - env: - ENV_URL: "review-${{ github.event.number }}.trdl.dev.flant.com" - run: | + - name: Print review URL + env: + ENV_URL: "review-${{ github.event.number }}.trdl.dev.flant.com" + run: | echo "https://${ENV_URL}" - - name: Converge - uses: werf/actions/converge@v1.2 - with: - env: review-${{ github.event.number }} - kube-config-base64-data: ${{ secrets.KUBECONFIG_BASE64_DEV }} - env: - WERF_DIR: "docs" + - name: Converge + uses: werf/actions/converge@v1.2 + with: + env: review-${{ github.event.number }} + kube-config-base64-data: ${{ secrets.KUBECONFIG_BASE64_DEV }} + env: + WERF_DIR: "docs" diff --git a/.github/workflows/website_review_dismiss.yml b/.github/workflows/website_review_dismiss.yml index c782ee18..343862f8 100644 --- a/.github/workflows/website_review_dismiss.yml +++ b/.github/workflows/website_review_dismiss.yml @@ -8,24 +8,22 @@ env: WERF_REPO: "ghcr.io/${{ github.repository_owner }}/trdl" jobs: - dismiss: name: Dismiss runs-on: ubuntu-latest-4-cores if: github.event.label.name == 'review docs' || contains( github.event.pull_request.labels.*.name, 'review docs' ) steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Dismiss - uses: werf/actions/dismiss@v1.2 - continue-on-error: true - with: - env: review-${{ github.event.number }} - kube-config-base64-data: ${{ secrets.KUBECONFIG_BASE64_DEV }} - env: - WERF_DIR: "docs" - WERF_WITH_NAMESPACE: true + - name: Dismiss + uses: werf/actions/dismiss@v1.2 + continue-on-error: true + with: + env: review-${{ github.event.number }} + kube-config-base64-data: ${{ secrets.KUBECONFIG_BASE64_DEV }} + env: + WERF_DIR: "docs" + WERF_WITH_NAMESPACE: true diff --git a/.github/workflows/website_test.yml b/.github/workflows/website_test.yml index b3493e10..510eb9cc 100644 --- a/.github/workflows/website_test.yml +++ b/.github/workflows/website_test.yml @@ -8,22 +8,20 @@ env: WERF_REPO: "ghcr.io/${{ github.repository_owner }}/trdl" jobs: - converge: name: Converge to Test runs-on: ubuntu-latest-4-cores if: github.event.label.name == 'test docs' || contains( github.event.pull_request.labels.*.name, 'test docs' ) steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Converge - uses: werf/actions/converge@v1.2 - with: - env: test - kube-config-base64-data: ${{ secrets.KUBECONFIG_BASE64_DEV }} - env: - WERF_DIR: "docs" + - name: Converge + uses: werf/actions/converge@v1.2 + with: + env: test + kube-config-base64-data: ${{ secrets.KUBECONFIG_BASE64_DEV }} + env: + WERF_DIR: "docs"