diff --git a/.github/workflows/f5-cla.yml b/.github/workflows/f5-cla.yml index b00e475a..e2e84cf1 100644 --- a/.github/workflows/f5-cla.yml +++ b/.github/workflows/f5-cla.yml @@ -12,7 +12,7 @@ permissions: jobs: f5-cla: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - name: Run F5 CLA assistant if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have hereby read the F5 CLA and agree to its terms') || github.event_name == 'pull_request_target' diff --git a/.github/workflows/galaxy.yml b/.github/workflows/galaxy.yml index 318842c1..7553ee6b 100644 --- a/.github/workflows/galaxy.yml +++ b/.github/workflows/galaxy.yml @@ -1,25 +1,25 @@ --- -name: Ansible Galaxy import +name: Ansible Galaxy Role Import on: release: - types: - - published + types: [published] workflow_dispatch: +permissions: read-all jobs: - galaxy: - name: Galaxy - runs-on: ubuntu-22.04 + ansible-galaxy: + name: Import role to Ansible Galaxy + runs-on: ubuntu-24.04 steps: - name: Check out the codebase - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python 3 - uses: actions/setup-python@v5 + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: 3.x - - name: Install Ansible + - name: Install Ansible core run: pip3 install -r .github/workflows/requirements/requirements_galaxy.txt - - name: Import release to Ansible Galaxy + - name: Import role releases to Ansible Galaxy run: ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2) diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml index e920eae3..f3da3ca3 100644 --- a/.github/workflows/molecule.yml +++ b/.github/workflows/molecule.yml @@ -2,33 +2,31 @@ name: Molecule CI/CD on: pull_request: - branches: - - main + branches: [main] push: - branches: - - main - tags-ignore: - - "**" + branches: [main] + tags-ignore: ["**"] schedule: - cron: "0 0 1 * *" workflow_dispatch: +permissions: read-all jobs: ansible-lint: name: Ansible Lint - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - name: Check out the codebase - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python 3 - uses: actions/setup-python@v5 + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: 3.x - - name: Install Ansible Lint + - name: Install Ansible core and Ansible Lint run: pip3 install -r .github/workflows/requirements/requirements_ansible_lint.txt - - name: Install Ansible collection dependencies + - name: Install Ansible core collection dependencies run: ansible-galaxy install -r .github/workflows/requirements/requirements_ansible.yml - name: Run Ansible Lint @@ -36,7 +34,7 @@ jobs: molecule: name: Molecule - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 env: NGINX_CRT: ${{ secrets.NGINX_CRT }} NGINX_KEY: ${{ secrets.NGINX_KEY }} @@ -57,15 +55,15 @@ jobs: steps: - name: Check out the codebase if: ${{ !(contains(matrix.scenario, 'plus')) || (env.NGINX_CRT != 0 && env.NGINX_KEY != 0) }} - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Python 3 if: ${{ !(contains(matrix.scenario, 'plus')) || (env.NGINX_CRT != 0 && env.NGINX_KEY != 0) }} - uses: actions/setup-python@v5 + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: 3.x - - name: Install Molecule dependencies + - name: Install Ansible core and Molecule if: ${{ !(contains(matrix.scenario, 'plus')) || (env.NGINX_CRT != 0 && env.NGINX_KEY != 0) }} run: pip3 install -r .github/workflows/requirements/requirements_molecule.txt diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml deleted file mode 100644 index a533a4b5..00000000 --- a/.github/workflows/release-drafter.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: Release Drafter -on: - pull_request: - types: - - opened - - reopened - - synchronize - push: - branches: - - main - workflow_dispatch: -jobs: - update_release_draft: - name: Update release draft - runs-on: ubuntu-22.04 - steps: - - uses: release-drafter/release-drafter@v6 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..60d5dcfd --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,20 @@ +--- +name: Release Drafter +on: + push: + branches: [main] + pull_request_target: + types: [opened, reopened, synchronize] +permissions: read-all +jobs: + release-draft: + name: Update release draft + runs-on: ubuntu-24.04 + permissions: + contents: write + pull-requests: write + steps: + - name: Run release drafter + uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # v6.0.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/CHANGELOG.md b/CHANGELOG.md index cb0a5bbe..75ff0ca6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,9 +8,11 @@ BUG FIXES: TESTS: +- Add Molecule tests covering common NGINX use cases (web server, reverse proxy), enabling the NGINX stub status metrics, and NGINX Plus API and live metrics dashboard. - Update the platforms used in the various Molecule scenarios. - Use the local role name (`ansible-role-nginx-config`) instead of the fully qualified role name (`nginxinc.nginx_config`) in Molecule to ensure tests always work as intended in environments where the role has been already installed beforehand. -- Add Molecule tests covering common NGINX use cases (web server, reverse proxy), enabling the NGINX stub status metrics, and NGINX Plus API and live metrics dashboard. +- Update GitHub Actions to Ubuntu 24.04. +- Switch GitHub Actions from using tags to release hashes. MAINTENANCE: