mirror of
https://github.com/ovh/debian-cis.git
synced 2024-12-22 22:15:24 +01:00
Add github actions
Add shellcheck, shellfmt, release, prerelease, functionnal tests
This commit is contained in:
parent
45ccd337b4
commit
3f20f99e50
19
.github/workflows/functionnal-tests.yml
vendored
Normal file
19
.github/workflows/functionnal-tests.yml
vendored
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
name: Run functionnal tests
|
||||
on:
|
||||
- pull_request
|
||||
jobs:
|
||||
functionnal-tests-docker-debian9:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@v2
|
||||
- name: Run the tests debian9
|
||||
run: ./tests/docker_build_and_run_tests.sh debian9
|
||||
functionnal-tests-docker-debian10:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@v2
|
||||
- name: Run the tests debian10
|
||||
run: ./tests/docker_build_and_run_tests.sh debian10
|
64
.github/workflows/pre-release.yml
vendored
Normal file
64
.github/workflows/pre-release.yml
vendored
Normal file
@ -0,0 +1,64 @@
|
||||
---
|
||||
name: Create Pre-Release
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
jobs:
|
||||
build:
|
||||
name: Create Pre-Release
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# CHECKOUT CODE
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
# BUILD THE .DEB PACKAGE
|
||||
- name: Build
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y build-essential devscripts debhelper
|
||||
sudo debuild -us -uc
|
||||
find ../ -name "*.deb" -exec mv {} cis-hardening.deb \;
|
||||
# DELETE THE TAG NAMED LATEST AND THE CORRESPONDING RELEASE
|
||||
- name: Delete the tag latest and the release latest
|
||||
uses: dev-drprasad/delete-tag-and-release@v0.1.2
|
||||
with:
|
||||
delete_release: true
|
||||
tag_name: latest
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
# GET LATEST VERSION TAG
|
||||
- name: Get latest version tag
|
||||
uses: actions-ecosystem/action-get-latest-tag@v1
|
||||
id: get-latest-tag
|
||||
# GENERATE CHANGELOG CORRESPONDING TO COMMIT BETWEEN HEAD AND COMPUTED LAST TAG
|
||||
- name: Generate changelog
|
||||
id: changelog
|
||||
uses: metcalfc/changelog-generator@v0.4.4
|
||||
with:
|
||||
myToken: ${{ secrets.GITHUB_TOKEN }}
|
||||
head-ref: ${{ github.sha }}
|
||||
base-ref: ${{ steps.get-latest-tag.outputs.tag }}
|
||||
# CREATE RELEASE NAMED LATEST
|
||||
- name: Create Release
|
||||
id: create_release
|
||||
uses: actions/create-release@v1.1.4
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
tag_name: latest
|
||||
release_name: Pre-release
|
||||
body: ${{ steps.changelog.outputs.changelog }}
|
||||
draft: false
|
||||
prerelease: true
|
||||
# UPLOAD PACKAGE .DEB
|
||||
- name: Upload Release deb
|
||||
id: upload-release-asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./cis-hardening.deb
|
||||
asset_name: cis-hardening.deb
|
||||
asset_content_type: application/vnd.debian.binary-package
|
22
.github/workflows/shellcheck_and_shellfmt.yml
vendored
Normal file
22
.github/workflows/shellcheck_and_shellfmt.yml
vendored
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
name: Run shell-linter
|
||||
on:
|
||||
- push
|
||||
- pull_request
|
||||
jobs:
|
||||
sh-checker:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@v2
|
||||
- name: Run the sh-checker
|
||||
uses: luizm/action-sh-checker@v0.1.8
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Optional if sh_checker_comment is false.
|
||||
SHELLCHECK_OPTS: --color=always --shell=bash -x --source-path=SCRIPTDIR # Optional: exclude some shellcheck warnings.
|
||||
SHFMT_OPTS: -l -i 4 -w # Optional: pass arguments to shfmt.
|
||||
with:
|
||||
sh_checker_comment: true
|
||||
sh_checker_exclude: |
|
||||
src/
|
||||
debian/postrm
|
56
.github/workflows/tagged-release.yml
vendored
Normal file
56
.github/workflows/tagged-release.yml
vendored
Normal file
@ -0,0 +1,56 @@
|
||||
---
|
||||
name: Create Release
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- 'v*'
|
||||
jobs:
|
||||
build:
|
||||
name: Create Release
|
||||
# only runs on master
|
||||
if: github.event.base_ref == 'refs/heads/master'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Get latest version number
|
||||
id: vars
|
||||
run: echo ::set-output name=tag::${GITHUB_REF#refs/*/}
|
||||
# CHECKOUT CODE
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
ref: ${{ steps.vars.outputs.tag }}
|
||||
# BUILD THE .DEB PACKAGE
|
||||
- name: Build
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y build-essential devscripts debhelper
|
||||
sudo debuild -us -uc
|
||||
find ../ -name "*.deb" -exec mv {} cis-hardening.deb \;
|
||||
#GENERATE CHANGELOG CORRESPONDING TO ENTRY IN DEBIAN/CHANGELOG
|
||||
- name: Generate changelog
|
||||
run: sed -n -e "/cis-hardening ($(echo ${{ steps.vars.outputs.tag }} | tr -d 'v'))/,/ -- / p" debian/changelog | tail -n +3 | head -n -2 > changelog.md
|
||||
- name: debug
|
||||
run: cat changelog.md
|
||||
# CREATE RELEASE
|
||||
- name: Create Release
|
||||
id: create_release
|
||||
uses: actions/create-release@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
tag_name: ${{ github.ref }}
|
||||
release_name: Release ${{ github.ref }}
|
||||
body_path: changelog.md
|
||||
draft: false
|
||||
prerelease: false
|
||||
# UPLOAD PACKAGE .DEB
|
||||
- name: Upload Release deb
|
||||
id: upload-release-asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./cis-hardening.deb
|
||||
asset_name: cis-hardening.deb
|
||||
asset_content_type: application/vnd.debian.binary-package
|
Loading…
Reference in New Issue
Block a user