feat: add workflow to check for non-releasable actions (#588)

* Add workflow * Try toJSON * Rename * Refactor * Prettify * Fix actionLint * Remove newline from print * Disable shellcheck * Disable shellcheck * Add comment for the shellcheck disable * Add remaining actions and update READMEs * Update .github/workflows/check-for-non-releasable-actions.yaml Co-authored-by: Horst Gutmann <[email protected]> * Try with cache * Try without jsonnet * Trigger on workflow changes * Add release-please-config.json as trigger * Replace with JS script * Add step name --------- Co-authored-by: Horst Gutmann <[email protected]>
grafana · Nov 29, 2024 · e16bf1a · e16bf1a
1 parent 9bf9163
commit e16bf1a
Show file tree

Hide file tree

Showing 6 changed files with 99 additions and 4 deletions.
diff --git a/.github/workflows/check-for-non-releasable-actions.yaml b/.github/workflows/check-for-non-releasable-actions.yaml
@@ -0,0 +1,63 @@
+name: Check for non-releasable actions
+on:
+  pull_request:
+    paths:
+      - actions/
+      - .github/workflows/check-for-non-releasable-actions.yaml
+      - release-please-config.json
+    types:
+      - edited
+      - opened
+      - ready_for_review
+      - synchronize
+
+  push:
+    branches:
+      - main
+    paths:
+      - actions/
+      - .github/workflows/check-for-non-releasable-actions.yaml
+      - release-please-config.json
+
+jobs:
+  check-for-non-releasable-actions:
+    permissions:
+      contents: read
+      id-token: write
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          sparse-checkout: |
+            ./actions
+            ./release-please-config.json
+
+      - name: Check for non-releasable actions
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const fs = require('fs/promises');
+            const releasePleaseConfig = JSON.parse(await fs.readFile('release-please-config.json', 'utf-8'));
+
+            const configuredPackageNames = new Set(Object.keys(releasePleaseConfig.packages));
+            const packageNames = new Set();
+
+            const folders = await fs.readdir('actions', { withFileTypes: true });
+            for (const folder of folders) {
+              if (folder.isDirectory()) {
+                packageNames.add('actions/' + folder.name);
+              }
+            }
+
+            const missingConfigurations = [...packageNames].filter(pkg => !configuredPackageNames.has(pkg));
+
+            if (missingConfigurations.length > 0) {
+              console.log('The following actions are missing from the release-please-config.json file and thus won\'t be automatically released:');
+              console.log(missingConfigurations.join('\n'));
+              console.log('Please add them in release-please-config.json!');
+            } else {
+              console.log('All actions are releasable!');
+            }
diff --git a/actions/syft-sbom-report/README.md b/actions/syft-sbom-report/README.md
@@ -4,6 +4,8 @@ Generate an SPDX SBOM Report and attached to Release Artifcats on Release Publis
 
 Example workflow:
 
+<!-- x-release-please-start-version -->
+
 ```yaml
 name: syft-sbom-ci
 on:
@@ -17,7 +19,9 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Anchore SBOM Action
-        uses: anchore/sbom-action@v0.15.10
+        uses: grafana/shared-workflows/actions@syft-sbom-v0.0.1
         with:
           artifact-name: ${{ github.event.repository.name }}-spdx.json
 ```
+
+<!-- x-release-please-end-version -->
diff --git a/actions/techdocs-rewrite-relative-links/README.md b/actions/techdocs-rewrite-relative-links/README.md
@@ -23,13 +23,15 @@ Then this link inside the file will be changed to ...
 [outside link](https://github.com/grafana/reponame/blob/main/README.md)
 ```
 
+<!-- x-release-please-start-version -->
+
 ```yaml
 - id: checkout-shared-workflows
   name: Checkout shared workflows
   uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
   with:
     repository: grafana/shared-workflows
-    ref: main
+    ref: techdocs-rewrite-relative-links-v0.0.1
     path: _shared-workflows
 
 - name: Rewrite relative links
@@ -45,6 +47,8 @@ Then this link inside the file will be changed to ...
     checkout-action-repository-path: _shared-workflows
 ```
 
+<!-- x-release-please-end-version -->
+
 Follow that up with the actions that should publish the docs to EngHub. See [the `publish-techdocs.yaml` workflow](https://github.com/grafana/shared-workflows/blob/main/.github/workflows/publish-techdocs.yaml) for details.
 
 ## Inputs

diff --git a/actions/trigger-argo-workflow/README.md b/actions/trigger-argo-workflow/README.md
@@ -37,10 +37,12 @@ parameters: |
 
 Here is an example of how to use this action:
 
+<!-- x-release-please-start-version -->
+
 ```yaml
 steps:
   - name: Trigger Argo Workflow
-uses: actions/trigger-argo-workflow@main
+uses: grafana/shared-workflows/actions/trigger-argo-workflow@trigger-argo-workflow-v0.0.1
 with:
   instance: "ops"
   namespace: "mynamespace"
@@ -50,3 +52,5 @@ with:
   extra_args: "--generate-name hello-world-"
   log_level: "debug"
 ```
+
+<!-- x-release-please-end-version -->
diff --git a/actions/validate-policy-bot-config/README.md b/actions/validate-policy-bot-config/README.md
@@ -9,6 +9,8 @@ See [https://github.com/palantir/policy-bot?tab=readme-ov-file#configuration](Po
 
 Example workflow:
 
+<!-- x-release-please-start-version -->
+
 ```yaml
 name: validate-policy-bot
 on:
@@ -25,5 +27,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Validate Policy Bot configuration
-        uses: grafana/shared-workflows/actions/validate-policy-bot-config@main
+        uses: grafana/shared-workflows/actions/validate-policy-bot-config@validate-policy-bot-config-v0.0.1
 ```
+
+<!-- x-release-please-end-version -->
diff --git a/release-please-config.json b/release-please-config.json
@@ -112,6 +112,22 @@
     "actions/setup-conftest": {
       "package-name": "setup-conftest",
       "extra-files": ["README.md"]
+    },
+    "actions/syft-sbom-report": {
+      "package-name": "syft-sbom-report",
+      "extra-files": ["README.md"]
+    },
+    "actions/techdocs-rewrite-relative-links": {
+      "package-name": "techdocs-rewrite-relative-links",
+      "extra-files": ["README.md"]
+    },
+    "actions/trigger-argo-workflow": {
+      "package-name": "trigger-argo-workflow",
+      "extra-files": ["README.md"]
+    },
+    "actions/validate-policy-bot-config": {
+      "package-name": "validate-policy-bot-config",
+      "extra-files": ["README.md"]
     }
   },
   "release-type": "simple",