25.0.2 #271

Workflow file for this run

.github/workflows/ansible-publish.yml at cf05717

	name: Publish Ansible Collection
	on:
	release:
	types: [ published ]
	jobs:
	ansible-publish:
	runs-on: ubuntu-latest
	steps:
	- name: Install Python v3.11
	uses: actions/setup-python@v5
	with:
	python-version: '3.11'

	- name: Checkout
	uses: actions/checkout@v2.3.1

	- name: Initialise the build system
	run: \|
	chmod u+x $GITHUB_WORKSPACE/build/bin/*.sh
	$GITHUB_WORKSPACE/build/bin/initbuild.sh
	source $GITHUB_WORKSPACE/build/bin/.functions.sh
	python -m pip install -q ansible==2.10.3 yamllint

	# Note: Use "--format standard" to ensure filenames and line numbers are in the output
	# https://gitanswer.com/yamllint-missing-filenames-and-line-numbers-in-github-action-output-python-794550803
	- name: Validate that the ansible collection lints successfully
	run: \|
	yamllint --format standard -c $GITHUB_WORKSPACE/yamllint.yaml $GITHUB_WORKSPACE/ibm/mas_devops

	- name: Build the Ansible collection
	run: \|
	$GITHUB_WORKSPACE/build/bin/build-collection.sh

	- name: Upload Ansible Collection
	uses: svenstaro/upload-release-action@v2
	with:
	repo_token: ${{ secrets.GITHUB_TOKEN }}
	file: ${{ github.workspace }}/ibm/mas_devops/ibm-mas_devops-${{ env.VERSION }}.tar.gz
	asset_name: ibm-mas_devops-${{ env.VERSION }}.tar.gz
	tag: ${{ github.ref }}
	overwrite: true

	# Publish
	- name: Publish Collection
	run: \|
	ansible-galaxy collection publish ${{ github.workspace }}/ibm/mas_devops/ibm-mas_devops-${{ env.VERSION }}.tar.gz --token=${{ secrets.ANSIBLE_GALAXY_TOKEN }}

	# Execution environment
	- name: Build the Ansible execution environment
	run: \|
	podman login --username "${{ secrets.REDHAT_USERNAME }}" --password "${{ secrets.REDHAT_PASSWORD }}" registry.redhat.io
	$GITHUB_WORKSPACE/build/bin/build-execution-environment.sh

	- name: Push the Ansible execution environment container image (master)
	id: docker-push-master
	if: github.ref == 'refs/heads/master'
	run: \|
	podman tag ibmmas/ansible-devops-ee:master quay.io/ibmmas/ansible-devops-ee:master
	podman images
	podman login --username "${{ secrets.QUAYIO_USERNAME }}" --password "${{ secrets.QUAYIO_PASSWORD }}" quay.io
	podman push quay.io/ibmmas/ansible-devops-ee:master

	- name: Push the Ansible execution environment container image (latest)
	id: docker-push-latest
	if: github.event_name == 'release'
	run: \|
	podman tag ibmmas/ansible-devops-ee quay.io/ibmmas/ansible-devops-ee:latest
	podman tag ibmmas/ansible-devops-ee quay.io/ibmmas/ansible-devops-ee:${{ env.DOCKER_TAG }}
	podman images
	podman login --username "${{ secrets.QUAYIO_USERNAME }}" --password "${{ secrets.QUAYIO_PASSWORD }}" quay.io
	podman push quay.io/ibmmas/ansible-devops-ee:latest
	podman push quay.io/ibmmas/ansible-devops-ee:${{ env.DOCKER_TAG }}

	- name: Trigger ibm-mas/cli rebuild on Ansible Collection release
	run: \|
	curl -XPOST https://api.github.com/repos/ibm-mas/cli/actions/workflows/build-cli.yml/dispatches \
	-H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" \
	-u ${{ secrets.ACTIONS_KEY }} \
	--data '{"ref": "master"}'
	- uses: actions/checkout@v4

	- name: Perform dependency check
	uses: dependency-check/Dependency-Check_Action@main
	id: owasp-depcheck
	with:
	project: 'ansible-devops'
	path: '.'
	format: 'HTML'
	args: >
	--failOnCVSS 7
	--enableRetired

	- name: Upload dependency check results
	uses: actions/upload-artifact@v4
	with:
	name: OWASP dependency check report
	path: ${{github.workspace}}/reports
	retention-days: 90

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

25.0.2 #271

Workflow file

25.0.2 #271

Jobs

Run details

Workflow file for this run