fix: Fixed GitHub Release Workflow #117
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [master] | |
| pull_request: | |
| env: | |
| NAMESPACE: zscaler | |
| COLLECTION_NAME: ziacloud | |
| PYTHON_VERSION: 3.8 | |
| jobs: | |
| ## --------------------------------------------------------------------------- | |
| ## 1) Sanity is required: | |
| ## https://docs.ansible.com/ansible/latest/dev_guide/testing_sanity.html | |
| ## --------------------------------------------------------------------------- | |
| sanity: | |
| name: Sanity (Ⓐ${{ matrix.ansible }}) | |
| strategy: | |
| matrix: | |
| include: | |
| - ansible: "2.14" | |
| python_ver: "3.11" | |
| - ansible: "2.15" | |
| python_ver: "3.11" | |
| - ansible: "2.16" | |
| python_ver: "3.11" | |
| - ansible: "2.17" | |
| python_ver: "3.11" | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| path: ./ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }} | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python_ver }} | |
| - name: Install Poetry | |
| uses: Gr1N/setup-poetry@v9 | |
| # Install the head of the given branch (devel, stable-2.10) | |
| - name: Install ansible-base (${{ matrix.ansible }}) | |
| run: poetry run pip install https://github.com/ansible/ansible/archive/stable-${{ matrix.ansible }}.tar.gz --disable-pip-version-check | |
| - name: Create lock file | |
| run: poetry lock | |
| - name: Install dependencies | |
| run: poetry install | |
| - name: Run sanity tests | |
| timeout-minutes: 10 | |
| run: poetry run make new-sanity | |
| ## --------------------------------------------------------------------------- | |
| ## 3) Release | |
| ## --------------------------------------------------------------------------- | |
| release: | |
| name: release | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/master' | |
| needs: [sanity] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # (A) OLD TASK: This writes ~/.ansible/galaxy_token | |
| # We'll remove it later so it's not included in the final tarball. | |
| - name: Set up Galaxy auth | |
| run: | | |
| mkdir -p ~/.ansible | |
| echo "token: $GALAXY_API_KEY" > ~/.ansible/galaxy_token | |
| env: | |
| GALAXY_API_KEY: ${{ secrets.GALAXY_API_KEY }} | |
| shell: bash | |
| # (B) Create ansible.cfg with credentials for Galaxy and Automation Hub | |
| # We'll remove this file before building or packaging the collection. | |
| - name: Set up Automation Hub and Galaxy ansible.cfg | |
| run: | | |
| cat << EOF > ansible.cfg | |
| [galaxy] | |
| server_list = automation_hub, release_galaxy | |
| [galaxy_server.automation_hub] | |
| url=${{ secrets.AUTOMATION_HUB_URL }} | |
| auth_url=${{ secrets.AUTOMATION_HUB_SSO_URL }} | |
| token=${{ secrets.AUTOMATION_HUB_API_TOKEN }} | |
| [galaxy_server.release_galaxy] | |
| url=https://galaxy.ansible.com/ | |
| token=${{ secrets.GALAXY_API_KEY }} | |
| EOF | |
| shell: bash | |
| # (C) Remove the ansible.cfg and galaxy_token | |
| # so they don't leak into the final built artifact or logs. | |
| - name: Remove temporary auth files | |
| run: | | |
| rm -f ansible.cfg | |
| rm -rf ~/.ansible | |
| # (D) Import GPG key (signing) | |
| - name: Import GPG key | |
| id: import_gpg | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| with: | |
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.PASSPHRASE }} | |
| # (E) Create release and publish to GitHub Releases (semantic-release) | |
| - name: Create release and publish | |
| id: release | |
| uses: cycjimmy/semantic-release-action@v4 | |
| with: | |
| semantic_version: 17.1.1 | |
| extra_plugins: | | |
| conventional-changelog-conventionalcommits@^4.4.0 | |
| @semantic-release/changelog@^5.0.1 | |
| @semantic-release/git@^9.0.0 | |
| @semantic-release/exec@^5.0.0 | |
| env: | |
| GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # (F) Store built collection (artifact) AFTER we removed ansible.cfg | |
| - name: Store built collection | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: collection | |
| path: | | |
| *.tar.gz | |
| ## --------------------------------------------------------------------------- | |
| ## 4) Documentation | |
| ## --------------------------------------------------------------------------- | |
| docs: | |
| name: docs | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/master' | |
| needs: [release] | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./ansible_collections/zscaler/ziacloud | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| path: ./ansible_collections/zscaler/ziacloud | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: 3.9 | |
| - name: Install Poetry | |
| uses: Gr1N/setup-poetry@v9 | |
| - name: Add ansible-core | |
| run: poetry add ansible-core^2.14 | |
| - name: Add antsibull-docs | |
| run: poetry add antsibull-docs^2.10.0 | |
| - name: Install dependencies | |
| run: poetry install | |
| - name: Build the collection | |
| run: poetry run ansible-galaxy collection build | |
| - name: Install built collection | |
| run: poetry run ansible-galaxy collection install *.tar.gz | |
| - name: Generate documentation | |
| run: poetry run make docs | |
| # This is here for right now because the action to deploy seems to assume | |
| # (and not have a configuration option to) mirror the actions/checkout@v4 | |
| # the with.path spec. | |
| - name: Move the repo to where the deploy action is looking for it | |
| run: | | |
| cd ../../../.. | |
| mv ziacloud-ansible the_repo | |
| mv the_repo/ansible_collections/zscaler/ziacloud ziacloud-ansible | |
| mkdir -p ziacloud-ansible/ansible_collections/zscaler/ziacloud | |
| - name: Deploy to GitHub Pages | |
| uses: JamesIves/[email protected] | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| branch: gh-pages | |
| folder: docs/html | |
| clean: true |