diff --git a/.github/workflows/_gitops-delete-tags.yml b/.github/workflows/_gitops-delete-tags.yml new file mode 100644 index 0000000..bf56b66 --- /dev/null +++ b/.github/workflows/_gitops-delete-tags.yml @@ -0,0 +1,25 @@ +########################## +## Delete Tags - GitOps ## +########################## + +# JOB: Delete Git Tags, acting as push events that trigger Git Ops Workflows +# TRIGGER: when PR from 'release' to 'main/master' Closes with Code Merge +# AND PR title starts with '[GITOPS]' +# AND PR has 'auto-deploy' Label +# REQUIRES: Secret GH_PAT_CONTENT_RW with Repo Content RW permission/access + +on: + pull_request: + types: [closed] + branches: + - main + - master +jobs: + delete_tags: + if: github.event.pull_request.merged == true && + github.event.pull_request.head.ref == 'release' && + contains(github.event.pull_request.labels.*.name, 'auto-deploy') + uses: ./.github/workflows/go-delete-tags.yml + secrets: + # pass in GITHUB PAT with Repo Content RW permission/access + GH_PAT_CONTENT_RW: ${{ secrets.GA_WORKFLOWS_CI_PR_RW_AND_ACTIONS_RW }} diff --git a/CHANGELOG.md b/CHANGELOG.md index cd822bc..bb548a4 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,17 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](https://semver.org/). +## 1.12.1-dev (2024-09-19) + +### Changes + +#### Docs +- add 'Setup Automatic Clean-Up' How-to Guide + +#### CI +- automatically delete git ops tags, after they served their purpose +- + ## 1.12.0 (2024-09-19) ### Changes diff --git a/docs/api/ref_go-tag-main.md b/docs/api/ref_go-tag-main.md index caba49f..3afb2da 100644 --- a/docs/api/ref_go-tag-main.md +++ b/docs/api/ref_go-tag-main.md @@ -27,10 +27,12 @@ Event Trigger: `workflow_call` #### Optional Inputs +{% raw %} - `main_branch` - type: _string_ - Description: Name of the Main Branch. Example: main, master - Default: `${{ github.event.pull_request.base.ref || vars.GIT_MAIN_BRANCH || 'main' }}` +{% endraw %} ### Secrets diff --git a/docs/guides/gitops/index.md b/docs/guides/gitops/index.md index 6f657b7..e69f34f 100644 --- a/docs/guides/gitops/index.md +++ b/docs/guides/gitops/index.md @@ -41,6 +41,14 @@ For more on what is `Git Ops` and `Git Ops Processes` see the [Git Ops Topics Pa [:octicons-arrow-right-24: Setup ](./setup/guide_setup_main_manual_acceptance.md) +- :material-clock-fast:{ .lg .middle } __Setup Automatic Clean-Up__ + + --- + + Automatically delete Git Ops Tags, after they have served their purpose + + [:octicons-arrow-right-24: Setup ](./setup/guide_setup_automatic_tags_deletion.md) + diff --git a/docs/guides/gitops/setup/guide_setup_automatic_tags_deletion.md b/docs/guides/gitops/setup/guide_setup_automatic_tags_deletion.md new file mode 100644 index 0000000..bd8eeab --- /dev/null +++ b/docs/guides/gitops/setup/guide_setup_automatic_tags_deletion.md @@ -0,0 +1,60 @@ +--- +tags: + - how-to + - guide +--- + +# Automatically `Clean Up` Git Ops Tags + +This guide shows you how to add `Automatic Clean Up` of Git Ops tags, in the `Release Me` **Git Ops Process**. + +## Prerequisites +- a `github repository` +- account with permission to **Repository Settings** + +## Guide + +To **automatically delete** all Git Ops **Tags**, such as `release-me` and `auto-prod-*`, after they served their purpose in the `Release Me` **Git Ops Process**, follow the below steps. + +`Automatic Clean Up` in the *last phase* of `Release Me` Git Ops Process, follow below steps. + +### 1. Create a Workflow, that when Triggered deletes the Git Ops Tags + +Populate file `.github/workflows/gitops-delete-tags.yml` with content: +{% raw %} +```yaml +on: + pull_request: + types: [closed] + branches: + - main + - master +jobs: + delete_tags: + if: github.event.pull_request.merged == true && + github.event.pull_request.head.ref == 'release' && + contains(github.event.pull_request.labels.*.name, 'auto-deploy') + uses: boromir674/automated-workflows/.github/workflows/go-delete-tags.yml@18b20a331650752492a8ed614feb4057216b6547 # v1.12.0 + secrets: + # pass in GITHUB PAT with Repo Content RW permission/access + GH_PAT_CONTENT_RW: ${{ secrets.GH_TOKEN_CONTENT_RW }} +``` +{% endraw %} +to automatically delete all Git Ops tags, such as `release-me` and `auto-prod-*`, when a PR bearing the `auto-deploy` Label, closes with Code Merge, from `release` to `main/master` branch. + + closes with Code Mergeopen **PR to release**, when `release-me` git tag events happen. + +[//]: # (This is a comment) + +### 2. Grant required Permissions to delete remote Git Tags + + 1. Generate a **PAT**, scoped for your repository, bearing the `read/write` permission for: + - *Contents* + 2. Make PAT available to your repo as a `Repository Secret` + 1. Create **Repository Secret** with **name** `GH_TOKEN_CONTENT_RW` + 2. Set the `GH_TOKEN_CONTENT_RW` **Repository Secret Value** to the generated **PAT** + +## Congratulations :partying_face: + +Now, you should have **guaranteed** that all Tags serving as Git Events, +**shall be deleted** when running the `Release Me` **Git Ops Process** diff --git a/mkdocs.yml b/mkdocs.yml index 50e8a4d..55f602f 100755 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -112,6 +112,7 @@ nav: - "Setup Release Me - Phase 2": "guides/gitops/setup/guide_setup_gitops_release_me_phase_2.md" - "Automated Acceptance": "guides/gitops/setup/guide_setup_main_automated_acceptance.md" - "Manual Acceptance": "guides/gitops/setup/guide_setup_main_manual_acceptance.md" + - "Automatic Clean-Up": "guides/gitops/setup/guide_setup_automatic_tags_deletion.md" - "RUN": - "Release Me": "guides/gitops/run/guide_run_gitops_release_me_process.md" - API References: