From d5bae97c79a783b2b7044d3b166dd2f0495666e9 Mon Sep 17 00:00:00 2001 From: Tom Morelly Date: Fri, 13 Dec 2024 08:47:49 +1100 Subject: [PATCH] feat(GHA): add commitlint and semrel (#362) * feat(GHA): add commitlint and semrel * chore(pre-commit): pre-commit --------- Co-authored-by: Tom Morelly --- .github/workflows/commitlint.yml | 15 ++++++++ .github/workflows/monthly-snapshot.yml | 31 --------------- .github/workflows/release.yml | 26 +++++++++++++ .pre-commit-config.yaml | 16 ++++++++ .releaserc.json | 45 ++++++++++++++++++++++ CHANGELOG.md | 2 +- Makefile | 2 +- commitlint.config.js | 5 +++ examples/README_VAGRANT.md | 2 +- examples/bin/preinstall | 2 +- molecule/debian-11-enterprise/molecule.yml | 1 - molecule/verify.yml | 11 +++--- role_variables.md | 2 +- templates/vault_backend_dynamodb.j2 | 1 - templates/vault_backend_etcd.j2 | 1 - templates/vault_seal_gcpkms.j2 | 2 +- vault_releases.md | 2 +- 17 files changed, 119 insertions(+), 47 deletions(-) create mode 100644 .github/workflows/commitlint.yml delete mode 100644 .github/workflows/monthly-snapshot.yml create mode 100644 .github/workflows/release.yml create mode 100644 .pre-commit-config.yaml create mode 100644 .releaserc.json create mode 100644 commitlint.config.js diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml new file mode 100644 index 00000000..7a22fa5d --- /dev/null +++ b/.github/workflows/commitlint.yml @@ -0,0 +1,15 @@ +name: Lint Commit Messages +on: + push: + branches: + - main + pull_request: + +jobs: + commitlint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: wagoid/commitlint-github-action@v5 diff --git a/.github/workflows/monthly-snapshot.yml b/.github/workflows/monthly-snapshot.yml deleted file mode 100644 index b8bef663..00000000 --- a/.github/workflows/monthly-snapshot.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -name: Release Monthly Snapshot - -on: - schedule: - # Arbitrary time so we're not competing with all of the 0:00 jobs for compute - # Run at 03:42 on the 1st of every month. - - cron: "42 3 1 * *" - -jobs: - build: - name: Release Monthly Snapshot - runs-on: ubuntu-latest - steps: - - name: Get current date - id: date - run: echo "DATE=$(date +'%Y.%m.%d')" >> $GITHUB_ENV - - name: Checkout master Branch - uses: actions/checkout@v2 - with: - ref: 'master' - - name: Create Release - id: monthly-snapshot - uses: actions/create-release@latest - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ env.DATE }} - release_name: "Monthly snapshot for ${{ env.DATE }}" - draft: false - prerelease: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..cea990da --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,26 @@ +name: Semantic Releaser +on: + push: + branches: + - main + +permissions: + contents: write + packages: write + pull-requests: write + +jobs: + semrel: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Semantic Release + uses: cycjimmy/semantic-release-action@v4 + with: + extra_plugins: | + @semantic-release/changelog@6.0.0 + @semantic-release/git@10.0.0 + conventional-changelog-conventionalcommits@4.6.3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..dedddd18 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,16 @@ +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.4.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - id: check-case-conflict + - id: check-symlinks + - id: check-json + - id: mixed-line-ending + args: ["--fix=lf"] + - id: no-commit-to-branch + args: [--branch, main] + - id: pretty-format-json + args: [--autofix, --no-sort-keys] diff --git a/.releaserc.json b/.releaserc.json new file mode 100644 index 00000000..66b3eefd --- /dev/null +++ b/.releaserc.json @@ -0,0 +1,45 @@ +{ + "branches": [ + "main", + "master" + ], + "ci": false, + "plugins": [ + [ + "@semantic-release/commit-analyzer", + { + "preset": "conventionalcommits" + } + ], + [ + "@semantic-release/release-notes-generator", + { + "preset": "conventionalcommits" + } + ], + [ + "@semantic-release/github", + { + "successComment": "This ${issue.pull_request ? 'PR is included' : 'issue has been resolved'} in version ${nextRelease.version} :tada:", + "labels": false, + "releasedLabels": false + } + ], + [ + "@semantic-release/changelog", + { + "changelogFile": "CHANGELOG.md", + "changelogTitle": "# Changelog\n\nAll notable changes to this project will be documented in this file." + } + ], + [ + "@semantic-release/git", + { + "assets": [ + "CHANGELOG.md" + ], + "message": "chore(release): version ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" + } + ] + ] +} diff --git a/CHANGELOG.md b/CHANGELOG.md index d51465be..2c5fa247 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,7 +22,7 @@ ## v2.5.5 - become_user vault_user when modifying files in vault_home -## v2.5.4 +## v2.5.4 - New installation instructions ## v2.5.3 diff --git a/Makefile b/Makefile index 668d52cd..6ee7ae9f 100644 --- a/Makefile +++ b/Makefile @@ -6,4 +6,4 @@ help: ## list makefile targets .PHONY: lint lint: ## lint - ansible-lint -c .ansible-lint \ No newline at end of file + ansible-lint -c .ansible-lint diff --git a/commitlint.config.js b/commitlint.config.js new file mode 100644 index 00000000..e2b685b1 --- /dev/null +++ b/commitlint.config.js @@ -0,0 +1,5 @@ +// commitlint.config.js +module.exports = { + extends: ['@commitlint/config-conventional'], + ignores: [(message) => /^Bumps \[.+]\(.+\) from .+ to .+\.$/m.test(message)], + } diff --git a/examples/README_VAGRANT.md b/examples/README_VAGRANT.md index 2c9a6495..4bc38719 100644 --- a/examples/README_VAGRANT.md +++ b/examples/README_VAGRANT.md @@ -82,4 +82,4 @@ If you notice an error like *vm: The '' provisioner could not be found.* make su 7. http://www.vagrantup.com/ 8. https://www.virtualbox.org/ 9. https://github.com/adrienthebo/vagrant-hosts -10. https://vagrant-libvirt.github.io/vagrant-libvirt \ No newline at end of file +10. https://vagrant-libvirt.github.io/vagrant-libvirt diff --git a/examples/bin/preinstall b/examples/bin/preinstall index 2752f83d..fdea71b2 100755 --- a/examples/bin/preinstall +++ b/examples/bin/preinstall @@ -50,4 +50,4 @@ function add_host { fi } -add_host \ No newline at end of file +add_host diff --git a/molecule/debian-11-enterprise/molecule.yml b/molecule/debian-11-enterprise/molecule.yml index 7cc7dfca..f9506f57 100644 --- a/molecule/debian-11-enterprise/molecule.yml +++ b/molecule/debian-11-enterprise/molecule.yml @@ -30,4 +30,3 @@ provisioner: vault_install_hashi_repo: true vault_bin_path: /usr/bin vault_group: vault - diff --git a/molecule/verify.yml b/molecule/verify.yml index b310867f..be22d216 100644 --- a/molecule/verify.yml +++ b/molecule/verify.yml @@ -28,7 +28,7 @@ register: download_goss until: download_goss is succeeded retries: 3 - + - name: Copy Goss tests to remote template: src: "{{ item }}" @@ -36,12 +36,12 @@ mode: 0644 with_fileglob: - "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/molecule/_tests/test_*.j2" - + - name: Register test files shell: "ls {{ goss_test_directory }}/test_*.yml" changed_when: false register: test_files - + - name: Execute Goss tests environment: # yamllint disable-line rule:line-length @@ -50,15 +50,14 @@ changed_when: false register: test_results with_items: "{{ test_files.stdout_lines }}" - + - name: Display details about the Goss results debug: msg: "{{ item.stdout_lines }}" with_items: "{{ test_results.results }}" - + - name: Fail when tests fail fail: msg: "Goss failed to validate" when: item.rc != 0 with_items: "{{ test_results.results }}" - diff --git a/role_variables.md b/role_variables.md index afcfbd87..e0f6630e 100644 --- a/role_variables.md +++ b/role_variables.md @@ -1120,7 +1120,7 @@ variable. Attempts to download the package from `vault_zip_url` if zip is not fo Since v2.5.9 of this role you can also install Vault Enterprise via the HashiCorp Repo. In order to install Vault Enterprise via the HashiCorp Repo, set `vault_install_hashi_repo: true*` as well as `vault_enterprise: true`. -**Warning:** Non-Enterprise Package will be removed if already installed and vault_enterprise is set to *true* and vice versa. +**Warning:** Non-Enterprise Package will be removed if already installed and vault_enterprise is set to *true* and vice versa. # Vault Enterprise with HSM diff --git a/templates/vault_backend_dynamodb.j2 b/templates/vault_backend_dynamodb.j2 index 62caf45d..3a67c0c1 100644 --- a/templates/vault_backend_dynamodb.j2 +++ b/templates/vault_backend_dynamodb.j2 @@ -30,4 +30,3 @@ backend "dynamodb" { session_token = "{{ vault_dynamodb_session_token }}" {% endif %} } - diff --git a/templates/vault_backend_etcd.j2 b/templates/vault_backend_etcd.j2 index 89e1e30b..3edfcf20 100644 --- a/templates/vault_backend_etcd.j2 +++ b/templates/vault_backend_etcd.j2 @@ -20,4 +20,3 @@ backend "etcd" { tls_key_file = "{{ vault_backend_tls_private_path }}/{{ vault_backend_tls_key_file }}" {% endif -%} } - diff --git a/templates/vault_seal_gcpkms.j2 b/templates/vault_seal_gcpkms.j2 index c8a6ee3c..e6189a08 100644 --- a/templates/vault_seal_gcpkms.j2 +++ b/templates/vault_seal_gcpkms.j2 @@ -6,4 +6,4 @@ seal "gcpckms" { region = "{{ vault_gkms_region }}" key_ring = "{{ vault_gkms_key_ring }}" crypto_key = "{{ vault_gkms_crypto_key }}" -} \ No newline at end of file +} diff --git a/vault_releases.md b/vault_releases.md index cf642289..6af215b7 100644 --- a/vault_releases.md +++ b/vault_releases.md @@ -83,4 +83,4 @@ To install a specific version of a package, the version is added to the package ``` $ dnf install vault-enterprise-1.18.2+ent ``` -Notice that, different to the Debian package, the trailing `-1` is not required. \ No newline at end of file +Notice that, different to the Debian package, the trailing `-1` is not required.