Skip to content
/ workflows Public

A repository for reusable common workflows for the ion8 organisation.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ion8/workflows

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

62 Commits
.github
.github
 
 
scripts
scripts
 
 
README.md
README.md
 
 
header.svg
header.svg
 
 

Repository files navigation

Workflows Banner

This repo contains our reusable workflows, used in repositories across the organization.

✒️ Linting

ci-next.js.yaml

Build and test a Next.js application that uses yarn. Uses caching for the yarn downloads and Next.js build artifacts where possible.

If codeceptjs is not in the project dependencies, the test step will be skipped.

ci-python.yaml

Lint and test a Python application that uses poetry, flake8 and pytest. Uses caching for the poetry downloads.

If flake8, black, or pytest are not in the dependencies, their steps will be skipped.

🔐 Security

We'll be adding security workflows soon™️.

⭐ Compliance

For compliance reasons, we have templates that will generate a list of SOUP (Software of Unknown Pedigree). This works as follows:

We have two workflows stored in .github/workflows/.

  • cook-python-soup.yml
  • cook-js-soup.yml

Both will:

  • Accept a branch input to know which branch to push changes to.
  • Check out the target repository (the repo where the workflow is running).
  • Check out the workflows repository to access generate_soup.py.
  • Run the appropriate license scanning commands for pip-license or license-checker to generate a JSON file with dependencies
  • Run the Python script to parse the JSON file and generate a SOUP.md document with this information presented beautifully.
  • Commit and push changes to SOUP.md if any changes are detected.

How do I get SOUP CI/CD working in my repo?

In each target repository, you need to do two things:

  • Add the license dependency this workflow depends on. (That's pip-licenses for Python and license-checker for JavaScript)
  • Create a minimal workflow file that triggers on dependency changes and calls the reusable workflow from the workflows repository. See example below.

Python Repository Example

For a Python repo using Poetry, create .github/workflows/cook-soup-delicious.yml:

name: Cook up some delicious SOUP (Python)

on:
  # Trigger when dependencies change
  push:
    branches: [ main ]
    paths:
      - 'poetry.lock'
      - 'pyproject.toml'

  # Also allow manual triggering
  workflow_dispatch: 
    inputs: 
      branch: 
        type: string 
        default: "main"

jobs:
  call-python-soup:
    # Calls the reusable workflow from the workflows repo
    uses: ion8/workflows/.github/workflows/cook_python_soup.yml@main
    with:
      branch: 'main'

JavaScript Repository Example

For a JS repo using npm, create .github/workflows/cook-soup-delicious.yml:

name: Cook up some delicious SOUP (JavaScript)

on:
  # Trigger when dependencies change (npm lock file)
  push:
    branches: [ main ]
    paths:
      - 'package-lock.json'
      - 'package.json'
      - 'yarn.lock'

  # Also allow manual triggering
  workflow_dispatch: 
    inputs: 
      branch: 
        type: string 
        default: "main"

jobs:
  call-js-soup:
    uses: ion8/workflows/.github/workflows/cook_js_soup.yml@main
    with:
      branch: 'main'

About

A repository for reusable common workflows for the ion8 organisation.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages