From e16bf1ac180d7b6c9c13a6e556b24e0f7dc0d57c Mon Sep 17 00:00:00 2001
From: Dimitris Sotirakis <dimitrios.sotirakis@grafana.com>
Date: Fri, 29 Nov 2024 15:48:47 +0200
Subject: [PATCH] feat: add workflow to check for non-releasable actions (#588)
* Add workflow
* Try toJSON
* Rename
* Refactor
* Prettify
* Fix actionLint
* Remove newline from print
* Disable shellcheck
* Disable shellcheck
* Add comment for the shellcheck disable
* Add remaining actions and update READMEs
* Update .github/workflows/check-for-non-releasable-actions.yaml
Co-authored-by: Horst Gutmann <horst.gutmann@grafana.com>
* Try with cache
* Try without jsonnet
* Trigger on workflow changes
* Add release-please-config.json as trigger
* Replace with JS script
* Add step name
---------
Co-authored-by: Horst Gutmann <horst.gutmann@grafana.com>
---
.../check-for-non-releasable-actions.yaml | 63 +++++++++++++++++++
actions/syft-sbom-report/README.md | 6 +-
.../techdocs-rewrite-relative-links/README.md | 6 +-
actions/trigger-argo-workflow/README.md | 6 +-
actions/validate-policy-bot-config/README.md | 6 +-
release-please-config.json | 16 +++++
6 files changed, 99 insertions(+), 4 deletions(-)
create mode 100644 .github/workflows/check-for-non-releasable-actions.yaml
diff --git a/.github/workflows/check-for-non-releasable-actions.yaml b/.github/workflows/check-for-non-releasable-actions.yaml
new file mode 100644
index 000000000..7266d5451
--- /dev/null
+++ b/.github/workflows/check-for-non-releasable-actions.yaml
@@ -0,0 +1,63 @@
+name: Check for non-releasable actions
+on:
+ pull_request:
+ paths:
+ - actions/
+ - .github/workflows/check-for-non-releasable-actions.yaml
+ - release-please-config.json
+ types:
+ - edited
+ - opened
+ - ready_for_review
+ - synchronize
+
+ push:
+ branches:
+ - main
+ paths:
+ - actions/
+ - .github/workflows/check-for-non-releasable-actions.yaml
+ - release-please-config.json
+
+jobs:
+ check-for-non-releasable-actions:
+ permissions:
+ contents: read
+ id-token: write
+ runs-on: ubuntu-latest
+ timeout-minutes: 5
+
+ steps:
+ - name: Checkout Code
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ with:
+ sparse-checkout: |
+ ./actions
+ ./release-please-config.json
+
+ - name: Check for non-releasable actions
+ uses: actions/github-script@v7
+ with:
+ script: |
+ const fs = require('fs/promises');
+ const releasePleaseConfig = JSON.parse(await fs.readFile('release-please-config.json', 'utf-8'));
+
+ const configuredPackageNames = new Set(Object.keys(releasePleaseConfig.packages));
+ const packageNames = new Set();
+
+ const folders = await fs.readdir('actions', { withFileTypes: true });
+ for (const folder of folders) {
+ if (folder.isDirectory()) {
+ packageNames.add('actions/' + folder.name);
+ }
+ }
+
+ const missingConfigurations = [...packageNames].filter(pkg => !configuredPackageNames.has(pkg));
+
+ if (missingConfigurations.length > 0) {
+ console.log('The following actions are missing from the release-please-config.json file and thus won\'t be automatically released:');
+ console.log(missingConfigurations.join('\n'));
+ console.log('Please add them in release-please-config.json!');
+ } else {
+ console.log('All actions are releasable!');
+ }
diff --git a/actions/syft-sbom-report/README.md b/actions/syft-sbom-report/README.md
index 3d7a42cdd..ac27dba75 100644
--- a/actions/syft-sbom-report/README.md
+++ b/actions/syft-sbom-report/README.md
@@ -4,6 +4,8 @@ Generate an SPDX SBOM Report and attached to Release Artifcats on Release Publis
Example workflow:
+<!-- x-release-please-start-version -->
+
```yaml
name: syft-sbom-ci
on:
@@ -17,7 +19,9 @@ jobs:
- name: Checkout
uses: actions/checkout@v4
- name: Anchore SBOM Action
- uses: anchore/sbom-action@v0.15.10
+ uses: grafana/shared-workflows/actions@syft-sbom-v0.0.1
with:
artifact-name: ${{ github.event.repository.name }}-spdx.json
```
+
+<!-- x-release-please-end-version -->
diff --git a/actions/techdocs-rewrite-relative-links/README.md b/actions/techdocs-rewrite-relative-links/README.md
index 55f8c989c..54aaea220 100644
--- a/actions/techdocs-rewrite-relative-links/README.md
+++ b/actions/techdocs-rewrite-relative-links/README.md
@@ -23,13 +23,15 @@ Then this link inside the file will be changed to ...
[outside link](https://github.com/grafana/reponame/blob/main/README.md)
```
+<!-- x-release-please-start-version -->
+
```yaml
- id: checkout-shared-workflows
name: Checkout shared workflows
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
repository: grafana/shared-workflows
- ref: main
+ ref: techdocs-rewrite-relative-links-v0.0.1
path: _shared-workflows
- name: Rewrite relative links
@@ -45,6 +47,8 @@ Then this link inside the file will be changed to ...
checkout-action-repository-path: _shared-workflows
```
+<!-- x-release-please-end-version -->
+
Follow that up with the actions that should publish the docs to EngHub. See [the `publish-techdocs.yaml` workflow](https://github.com/grafana/shared-workflows/blob/main/.github/workflows/publish-techdocs.yaml) for details.
## Inputs
diff --git a/actions/trigger-argo-workflow/README.md b/actions/trigger-argo-workflow/README.md
index 1e2a11d65..fde28af87 100644
--- a/actions/trigger-argo-workflow/README.md
+++ b/actions/trigger-argo-workflow/README.md
@@ -37,10 +37,12 @@ parameters: |
Here is an example of how to use this action:
+<!-- x-release-please-start-version -->
+
```yaml
steps:
- name: Trigger Argo Workflow
-uses: actions/trigger-argo-workflow@main
+uses: grafana/shared-workflows/actions/trigger-argo-workflow@trigger-argo-workflow-v0.0.1
with:
instance: "ops"
namespace: "mynamespace"
@@ -50,3 +52,5 @@ with:
extra_args: "--generate-name hello-world-"
log_level: "debug"
```
+
+<!-- x-release-please-end-version -->
diff --git a/actions/validate-policy-bot-config/README.md b/actions/validate-policy-bot-config/README.md
index 78cc4b0bc..9b9c80512 100644
--- a/actions/validate-policy-bot-config/README.md
+++ b/actions/validate-policy-bot-config/README.md
@@ -9,6 +9,8 @@ See [https://github.com/palantir/policy-bot?tab=readme-ov-file#configuration](Po
Example workflow:
+<!-- x-release-please-start-version -->
+
```yaml
name: validate-policy-bot
on:
@@ -25,5 +27,7 @@ jobs:
- name: Checkout
uses: actions/checkout@v4
- name: Validate Policy Bot configuration
- uses: grafana/shared-workflows/actions/validate-policy-bot-config@main
+ uses: grafana/shared-workflows/actions/validate-policy-bot-config@validate-policy-bot-config-v0.0.1
```
+
+<!-- x-release-please-end-version -->
diff --git a/release-please-config.json b/release-please-config.json
index ed961deb1..78c4d1bda 100644
--- a/release-please-config.json
+++ b/release-please-config.json
@@ -112,6 +112,22 @@
"actions/setup-conftest": {
"package-name": "setup-conftest",
"extra-files": ["README.md"]
+ },
+ "actions/syft-sbom-report": {
+ "package-name": "syft-sbom-report",
+ "extra-files": ["README.md"]
+ },
+ "actions/techdocs-rewrite-relative-links": {
+ "package-name": "techdocs-rewrite-relative-links",
+ "extra-files": ["README.md"]
+ },
+ "actions/trigger-argo-workflow": {
+ "package-name": "trigger-argo-workflow",
+ "extra-files": ["README.md"]
+ },
+ "actions/validate-policy-bot-config": {
+ "package-name": "validate-policy-bot-config",
+ "extra-files": ["README.md"]
}
},
"release-type": "simple",