├── CODEOWNERS ├── README.md ├── .vscode └── settings.json └── .github ├── workflows ├── job_status_check.yml ├── reference_gen_test.yml ├── puppet_module_dep_checker.yml ├── workflow_conclusion_slack_notifier.yml ├── changed_files.yml └── should_run_check.yml └── changed_files.yml /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # added by slack-gitbot 2 | * @puppetlabs/abide-team -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # cem_workflows 2 | 3 | This repo holds the reusable workflows for the CEM modules' CI. Workflows in this repo should be [written as reusabled workflows](https://docs.github.com/en/actions/using-workflows/reusing-workflows) usable between both cem_linux and cem_windows. 4 | -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "[yaml]": { 3 | "editor.insertSpaces": true, 4 | "editor.tabSize": 2, 5 | "editor.autoIndent": "advanced", 6 | "editor.quickSuggestions": { 7 | "other": true, 8 | "comments": false, 9 | "strings": true 10 | } 11 | } 12 | } -------------------------------------------------------------------------------- /.github/workflows/job_status_check.yml: -------------------------------------------------------------------------------- 1 | name: Job Status Check 2 | 3 | on: 4 | workflow_call: 5 | inputs: 6 | job_result: 7 | description: 'The result of the job' 8 | required: true 9 | type: string 10 | 11 | jobs: 12 | job_status_check: 13 | runs-on: ubuntu-latest 14 | steps: 15 | - name: Check job status 16 | run: | 17 | [[ "${{ inputs.job_result }}" == "failure" || "${{ inputs.job_result }}" == "cancelled" ]] && exit 1 || exit 0 18 | -------------------------------------------------------------------------------- /.github/changed_files.yml: -------------------------------------------------------------------------------- 1 | # This file is used by .github/workflows/changed_files.yml and 2 | # .github/workflows/should_run_check.yml to catagorize changed files 3 | # for conditional jobs. The patterns are used by the changed-files action 4 | # which is found here: https://github.com/tj-actions/changed-files 5 | all: 6 | - '**/*' 7 | puppet: 8 | - '**/*.pp' 9 | ruby: 10 | - '**/*.rb' 11 | other: 12 | - '**/*' 13 | - '!**/*.pp' 14 | - '!**/*.rb' 15 | benchmarks: 16 | - manifests/benchmarks/**/*.pp 17 | facts: 18 | - lib/facter/**/*.rb 19 | features: 20 | - lib/puppet/feature/**/*.rb 21 | functions: 22 | - lib/puppet/functions/*.rb 23 | - lib/puppet/functions/**/*.rb 24 | - lib/puppet/parser/functions/**/*.rb 25 | hiera: 26 | - data/**/*.yaml 27 | plans: 28 | - plans/**/* 29 | providers: 30 | - lib/puppet/provider/**/*.rb 31 | puppet_x: 32 | - lib/puppet_x/**/*.rb 33 | tasks: 34 | - tasks/**/* 35 | tests_acceptance: 36 | - spec/acceptance/**/*.yaml 37 | - spec/acceptance/**/*.pp 38 | - cem_acpt_config.yaml 39 | tests_data: 40 | - spec/data_tests/**/*.yaml 41 | tests_unit: 42 | - spec/classes/**/*.rb 43 | - spec/defines/**/*.rb 44 | - spec/files/**/* 45 | - spec/functions/**/*.rb 46 | - spec/tasks/**/*.rb 47 | - spec/unit/**/*.rb 48 | - spec/spec_helper.rb 49 | - spec/spec_helper_local.rb 50 | types: 51 | - lib/puppet/type/**/*.rb 52 | utils: 53 | - manifests/utils/**/*.pp 54 | workflows: 55 | - .github/workflows/*.yml 56 | - .github/changed_files.yml 57 | -------------------------------------------------------------------------------- /.github/workflows/reference_gen_test.yml: -------------------------------------------------------------------------------- 1 | name: "REFERENCE.md Generation Test" 2 | 3 | on: 4 | workflow_call: 5 | secrets: 6 | forge_token: 7 | required: true 8 | 9 | jobs: 10 | reference_gen_test: 11 | runs-on: ubuntu-22.04 12 | env: 13 | PUPPET_AUTH_TOKEN: ${{ secrets.forge_token }} 14 | BUNDLE_RUBYGEMS___PUPPETCORE__PUPPET__COM: "forge-key:${{ secrets.forge_token }}" 15 | 16 | steps: 17 | - name: "Checkout Source" 18 | uses: actions/checkout@v4 19 | with: 20 | fetch-depth: 0 21 | persist-credentials: false 22 | 23 | - name: "Setup Ruby" 24 | uses: ruby/setup-ruby@v1 25 | with: 26 | ruby-version: '3.2' 27 | 28 | - name: "Install gems" 29 | run: | 30 | gem install pry abide_dev_utils 31 | 32 | - name: "Regenerate REFERENCE.md" 33 | run: | 34 | rm -f REFERENCE.md 35 | abide sce generate reference -o REFERENCE.md 36 | test -s REFERENCE.md || exit 1 37 | 38 | - name: "Checkout main/REFERENCE.md" 39 | uses: actions/checkout@v3 40 | with: 41 | repository: ${{ github.repository }} 42 | path: main 43 | fetch-depth: 0 44 | persist-credentials: false 45 | 46 | - name: "Display diff output" 47 | run: | 48 | diff REFERENCE.md main/REFERENCE.md && echo $? > diffreturncode.txt || echo $? > diffreturncode.txt 49 | test `cat diffreturncode.txt` -le 1 || exit 1 50 | 51 | -------------------------------------------------------------------------------- /.github/workflows/puppet_module_dep_checker.yml: -------------------------------------------------------------------------------- 1 | name: "Puppet Module Dependency Checker" 2 | 3 | on: 4 | workflow_call: 5 | inputs: 6 | puppet_major_version: 7 | description: 'Puppet version (7.0, 8.0, etc.)' 8 | required: true 9 | type: string 10 | puppet_ruby_version: 11 | description: 'Puppet Ruby version (2.7, 3.2, etc.)' 12 | required: true 13 | type: string 14 | secrets: 15 | forge_token: 16 | required: true 17 | 18 | jobs: 19 | puppet_module_dep_checker: 20 | runs-on: ubuntu-22.04 21 | env: 22 | PUPPET_GEM_VERSION: "~> ${{ inputs.puppet_major_version }}" 23 | PUPPET_AUTH_TOKEN: ${{ secrets.forge_token }} 24 | BUNDLE_RUBYGEMS___PUPPETCORE__PUPPET__COM: "forge-key:${{ secrets.forge_token }}" 25 | CEM_LINUX_NO_AUGEAS: 'true' 26 | 27 | steps: 28 | - name: "Checkout Source" 29 | uses: actions/checkout@v4 30 | with: 31 | fetch-depth: 0 32 | persist-credentials: false 33 | 34 | - name: "Activate Ruby ${{ inputs.puppet_ruby_version }}" 35 | uses: ruby/setup-ruby@v1 36 | with: 37 | ruby-version: ${{ inputs.puppet_ruby_version }} 38 | bundler-cache: true 39 | 40 | - name: Print bundle environment 41 | run: | 42 | echo ::group::bundler environment 43 | bundle env 44 | echo ::endgroup:: 45 | 46 | - name: "Check dependencies for Puppet v${{ inputs.puppet_major_version }}" 47 | run: | 48 | bundle exec dependency-checker metadata.json 49 | -------------------------------------------------------------------------------- /.github/workflows/workflow_conclusion_slack_notifier.yml: -------------------------------------------------------------------------------- 1 | name: Workflow Conclusion Slack Notifier 2 | 3 | on: 4 | workflow_call: 5 | inputs: 6 | workflow_name: 7 | description: 'The name of the workflow' 8 | required: false 9 | type: string 10 | default: '' 11 | display_title: 12 | description: 'The display title of the workflow run' 13 | required: false 14 | type: string 15 | default: '' 16 | conclusion: 17 | description: 'The result of the workflow run' 18 | required: false 19 | type: string 20 | default: '' 21 | html_url: 22 | description: 'The HTML URL of the workflow run' 23 | required: false 24 | type: string 25 | default: '' 26 | repo_full_name: 27 | description: 'The full name of the repository' 28 | required: false 29 | type: string 30 | default: '' 31 | secrets: 32 | slack_webhook_url: 33 | description: 'The Slack webhook URL' 34 | required: true 35 | 36 | jobs: 37 | notify-slack: 38 | runs-on: ubuntu-latest 39 | steps: 40 | - name: Set Payload Parameters 41 | id: payload-params 42 | run: | 43 | echo "workflow=${{ github.event.workflow_run.name }}" >> $GITHUB_OUTPUT 44 | echo "title=${{ format('{0}: {1}', github.event.workflow_run.event, github.event.workflow_run.display_title) }}" >> $GITHUB_OUTPUT 45 | echo "result=${{ github.event.workflow_run.conclusion }}" >> $GITHUB_OUTPUT 46 | echo "url=${{ github.event.workflow_run.html_url }}" >> $GITHUB_OUTPUT 47 | echo "repo=${{ github.event.repository.full_name }}" >> $GITHUB_OUTPUT 48 | 49 | - name: Send workflow conclusion payload to Slack 50 | uses: slackapi/slack-github-action@v1.23.0 51 | env: 52 | SLACK_WEBHOOK_URL: ${{ secrets.slack_webhook_url }} 53 | with: 54 | payload: | 55 | { 56 | "workflow": "${{ steps.payload-params.outputs.workflow }}", 57 | "title": "${{ steps.payload-params.outputs.title }}", 58 | "result": "${{ steps.payload-params.outputs.result == 'success' && '🟢' || '🔴' }} ${{ steps.payload-params.outputs.result }}", 59 | "url": "${{ steps.payload-params.outputs.url }}", 60 | "repo": "${{ steps.payload-params.outputs.repo }}" 61 | } 62 | -------------------------------------------------------------------------------- /.github/workflows/changed_files.yml: -------------------------------------------------------------------------------- 1 | name: Changed Files 2 | 3 | on: 4 | workflow_call: 5 | outputs: 6 | all: 7 | description: "All changed files" 8 | value: ${{ jobs.changed_files.outputs.all }} 9 | puppet: 10 | description: "All changed Puppet files" 11 | value: ${{ jobs.changed_files.outputs.puppet }} 12 | ruby: 13 | description: "All changed Ruby files" 14 | value: ${{ jobs.changed_files.outputs.ruby }} 15 | other: 16 | description: "All changed files that are not Puppet or Ruby" 17 | value: ${{ jobs.changed_files.outputs.other }} 18 | benchmarks: 19 | description: "All changed benchmark files" 20 | value: ${{ jobs.changed_files.outputs.benchmarks }} 21 | facts: 22 | description: "All changed fact files" 23 | value: ${{ jobs.changed_files.outputs.facts }} 24 | features: 25 | description: "All changed feature files" 26 | value: ${{ jobs.changed_files.outputs.features }} 27 | hiera: 28 | description: "All changed hiera files" 29 | value: ${{ jobs.changed_files.outputs.hiera }} 30 | plans: 31 | description: "All changed plan files" 32 | value: ${{ jobs.changed_files.outputs.plans }} 33 | providers: 34 | description: "All changed provider files" 35 | value: ${{ jobs.changed_files.outputs.providers }} 36 | puppet_x: 37 | description: "All changed puppet_x files" 38 | value: ${{ jobs.changed_files.outputs.puppet_x }} 39 | tasks: 40 | description: "All changed task files" 41 | value: ${{ jobs.changed_files.outputs.tasks }} 42 | tests_acceptance: 43 | description: "All changed acceptance test files" 44 | value: ${{ jobs.changed_files.outputs.tests_acceptance }} 45 | tests_data: 46 | description: "All changed data test files" 47 | value: ${{ jobs.changed_files.outputs.tests_data }} 48 | tests_unit: 49 | description: "All changed unit test files" 50 | value: ${{ jobs.changed_files.outputs.tests_unit }} 51 | types: 52 | description: "All changed type files" 53 | value: ${{ jobs.changed_files.outputs.types }} 54 | utils: 55 | description: "All changed util files" 56 | value: ${{ jobs.changed_files.outputs.utils }} 57 | workflows: 58 | description: "All changed workflow files" 59 | value: ${{ jobs.changed_files.outputs.workflows }} 60 | 61 | jobs: 62 | changed_files: 63 | runs-on: ubuntu-latest 64 | outputs: 65 | all: "${{ steps.changed-files-yaml.outputs.all_all_changed_and_modified_files_count }}" 66 | puppet: "${{ steps.changed-files-yaml.outputs.puppet_all_changed_and_modified_files_count }}" 67 | ruby: "${{ steps.changed-files-yaml.outputs.ruby_all_changed_and_modified_files_count }}" 68 | other: "${{ steps.changed-files-yaml.outputs.other_all_changed_and_modified_files_count }}" 69 | benchmarks: "${{ steps.changed-files-yaml.outputs.benchmarks_all_changed_and_modified_files_count }}" 70 | facts: "${{ steps.changed-files-yaml.outputs.facts_all_changed_and_modified_files_count }}" 71 | features: "${{ steps.changed-files-yaml.outputs.features_all_changed_and_modified_files_count }}" 72 | hiera: "${{ steps.changed-files-yaml.outputs.hiera_all_changed_and_modified_files_count }}" 73 | plans: "${{ steps.changed-files-yaml.outputs.plans_all_changed_and_modified_files_count }}" 74 | providers: "${{ steps.changed-files-yaml.outputs.providers_all_changed_and_modified_files_count }}" 75 | puppet_x: "${{ steps.changed-files-yaml.outputs.puppet_x_all_changed_and_modified_files_count }}" 76 | tasks: "${{ steps.changed-files-yaml.outputs.tasks_all_changed_and_modified_files_count }}" 77 | tests_acceptance: "${{ steps.changed-files-yaml.outputs.tests_acceptance_all_changed_and_modified_files_count }}" 78 | tests_data: "${{ steps.changed-files-yaml.outputs.tests_data_all_changed_and_modified_files_count }}" 79 | tests_unit: "${{ steps.changed-files-yaml.outputs.tests_unit_all_changed_and_modified_files_count }}" 80 | types: "${{ steps.changed-files-yaml.outputs.types_all_changed_and_modified_files_count }}" 81 | utils: "${{ steps.changed-files-yaml.outputs.utils_all_changed_and_modified_files_count }}" 82 | workflows: "${{ steps.changed-files-yaml.outputs.workflows_all_changed_and_modified_files }}" 83 | steps: 84 | - name: Checkout Source 85 | uses: actions/checkout@v4 86 | 87 | - name: Get all changed files 88 | id: changed-files-yaml 89 | uses: step-security/changed-files@v45 90 | with: 91 | files_yaml_from_source_file: .github/changed_files.yml 92 | -------------------------------------------------------------------------------- /.github/workflows/should_run_check.yml: -------------------------------------------------------------------------------- 1 | # This workflow is used to determine what tests should run based on the files 2 | # that have changed in the PR. It is used by the CI workflow to determine what 3 | # tests to run. 4 | name: Should Run Check 5 | 6 | on: 7 | workflow_call: 8 | outputs: 9 | all: 10 | description: "Whether or not to run all the tests" 11 | value: "${{ jobs.should_run_check.outputs.all }}" 12 | spec: 13 | description: "Whether or not to run RSpec unit tests" 14 | value: "${{ jobs.should_run_check.outputs.spec }}" 15 | acpt: 16 | description: "Whether or not to run acceptance tests" 17 | value: "${{ jobs.should_run_check.outputs.acpt }}" 18 | data: 19 | description: "Whether or not to run data tests" 20 | value: "${{ jobs.should_run_check.outputs.data }}" 21 | reference_gen: 22 | description: "Whether or not to run reference generation tests" 23 | value: "${{ jobs.should_run_check.outputs.reference_gen }}" 24 | 25 | jobs: 26 | should_run_check: 27 | runs-on: ubuntu-latest 28 | outputs: 29 | all: "${{ steps.should_run.outputs.all }}" 30 | spec: "${{ steps.should_run.outputs.spec }}" 31 | acpt: "${{ steps.should_run.outputs.acpt }}" 32 | data: "${{ steps.should_run.outputs.data }}" 33 | reference_gen: "${{ steps.should_run.outputs.reference_gen }}" 34 | steps: 35 | - name: Print inherited github context 36 | run: | 37 | echo ::group::github context 38 | echo "event: ${{ github.event }}" 39 | echo "event_name: ${{ github.event_name }}" 40 | echo "event_path: ${{ github.event_path }}" 41 | echo ::endgroup:: 42 | 43 | - name: Checkout 44 | uses: actions/checkout@v4 45 | 46 | - name: Get all changed files 47 | id: changed_files 48 | uses: tj-actions/changed-files@v45 49 | with: 50 | files_yaml_from_source_file: .github/changed_files.yml 51 | 52 | - name: Find out what should run 53 | id: should_run 54 | shell: python 55 | run: | 56 | import os 57 | workflow_files = '${{ steps.changed_files.outputs.workflows_all_changed_and_modified_files }}'.split(' ') 58 | # Always run all tests for workflow_dispatch and nightlies 59 | if '${{ github.event_name }}' != 'pull_request': 60 | os.system('echo "all=true" >> $GITHUB_OUTPUT') 61 | exit(0) 62 | for x in workflow_files: 63 | if x == '.github/workflows/ci.yml': 64 | os.system('echo "all=true" >> $GITHUB_OUTPUT') 65 | exit(0) 66 | spec_counts = [ 67 | ${{ steps.changed_files.outputs.puppet_all_changed_and_modified_files_count }}, 68 | ${{ steps.changed_files.outputs.ruby_all_changed_and_modified_files_count }}, 69 | ${{ steps.changed_files.outputs.tests_unit_all_changed_and_modified_files_count }} 70 | ] 71 | acpt_counts = [ 72 | ${{ steps.changed_files.outputs.puppet_all_changed_and_modified_files_count }}, 73 | ${{ steps.changed_files.outputs.ruby_all_changed_and_modified_files_count }}, 74 | ${{ steps.changed_files.outputs.hiera_all_changed_and_modified_files_count }}, 75 | ${{ steps.changed_files.outputs.tests_acceptance_all_changed_and_modified_files_count }} 76 | ] 77 | data_counts = [ 78 | ${{ steps.changed_files.outputs.hiera_all_changed_and_modified_files_count }}, 79 | ${{ steps.changed_files.outputs.tests_data_all_changed_and_modified_files_count }} 80 | ] 81 | reference_counts = [ 82 | ${{ steps.changed_files.outputs.puppet_all_changed_and_modified_files_count }}, 83 | ${{ steps.changed_files.outputs.ruby_all_changed_and_modified_files_count }}, 84 | ${{ steps.changed_files.outputs.hiera_all_changed_and_modified_files_count }}, 85 | ] 86 | for x in spec_counts: 87 | if x != 0: 88 | os.system('echo "spec=true" >> $GITHUB_OUTPUT') 89 | break 90 | for x in acpt_counts: 91 | if x != 0: 92 | os.system('echo "acpt=true" >> $GITHUB_OUTPUT') 93 | break 94 | for x in data_counts: 95 | if x != 0: 96 | os.system('echo "data=true" >> $GITHUB_OUTPUT') 97 | break 98 | for x in reference_counts: 99 | if x != 0: 100 | os.system('echo "reference_gen=true" >> $GITHUB_OUTPUT') 101 | break 102 | 103 | - name: Print should run checks 104 | run: | 105 | echo ::group::should run check 106 | echo "all: ${{ steps.should_run.outputs.all }}" 107 | echo "spec: ${{ steps.should_run.outputs.spec }}" 108 | echo "acpt: ${{ steps.should_run.outputs.acpt }}" 109 | echo "data: ${{ steps.should_run.outputs.data }}" 110 | echo "reference_gen: ${{ steps.should_run.outputs.reference_gen }}" 111 | echo ::endgroup:: 112 | --------------------------------------------------------------------------------