113 lines
4.1 KiB
YAML
113 lines
4.1 KiB
YAML
name: Pull request check
|
||
on:
|
||
workflow_call:
|
||
inputs:
|
||
node-version:
|
||
description: "Set node version"
|
||
default: 20
|
||
type: string
|
||
yarn-commands:
|
||
description: "yarn-commands"
|
||
default: |-
|
||
yarn install
|
||
yarn test
|
||
type: string
|
||
notification_enabled:
|
||
description: "Включение оповещений о разворачивании, требуется иметь url для оповещений в vault"
|
||
default: false
|
||
required: false
|
||
type: boolean
|
||
custom_notification_hook_enabled:
|
||
description: "Использовать ли кастомный url хук для оповещений (должен лежать в vault секрете проекта)"
|
||
default: false
|
||
required: false
|
||
type: boolean
|
||
notification_channel:
|
||
description: "Канал для оповещений о результатах деплоя"
|
||
default: internal_projects_notifications
|
||
required: false
|
||
type: string
|
||
vault_secrets_base_path:
|
||
description: 'Базовый путь для секретов проекта в vault'
|
||
required: false
|
||
type: string
|
||
sonar_enabled:
|
||
default: false
|
||
required: false
|
||
type: boolean
|
||
secrets:
|
||
VAULT_ROLE_ID:
|
||
required: true
|
||
VAULT_SECRET_ID:
|
||
required: true
|
||
|
||
env:
|
||
vault_main_base_path: dev/wilix/main/data/ci
|
||
|
||
jobs:
|
||
check:
|
||
name: check and test
|
||
runs-on: ubuntu-latest
|
||
steps:
|
||
- uses: https://github.com/actions/checkout@v3
|
||
- name: Use Node.js ${{ inputs.node-version }}
|
||
uses: https://github.com/actions/setup-node@v3
|
||
with:
|
||
node-version: ${{ inputs.node-version }}
|
||
- run: ${{ inputs.yarn-commands }}
|
||
|
||
- name: dockerfile lint check
|
||
uses: https://github.com/hadolint/hadolint-action@v3.1.0
|
||
with:
|
||
dockerfile: Dockerfile
|
||
|
||
- name: Get general notification url
|
||
if: ${{ inputs.notification_enabled && ! inputs.custom_notification_hook_enabled && (job.status == 'success' || job.status == 'failure') }}
|
||
uses: https://github.com/hashicorp/vault-action@v2
|
||
with:
|
||
url: https://vault.wilix.dev
|
||
method: approle
|
||
roleId: ${{ secrets.VAULT_ROLE_ID }}
|
||
secretId: ${{ secrets.VAULT_SECRET_ID }}
|
||
secrets: |
|
||
${{ env.vault_main_base_path }} notification_url | MATTERMOST_WEBHOOK_URL ;
|
||
|
||
- name: Get custom notification url
|
||
if: ${{ inputs.notification_enabled && inputs.custom_notification_hook_enabled && (job.status == 'success' || job.status == 'failure') }}
|
||
uses: https://github.com/hashicorp/vault-action@v2
|
||
with:
|
||
url: https://vault.wilix.dev
|
||
method: approle
|
||
roleId: ${{ secrets.VAULT_ROLE_ID }}
|
||
secretId: ${{ secrets.VAULT_SECRET_ID }}
|
||
secrets: |
|
||
${{ inputs.vault_secrets_base_path }} notification_url | MATTERMOST_WEBHOOK_URL ;
|
||
|
||
- name: prepare failed notification body
|
||
if: ${{ inputs.notification_enabled && job.status == 'failure' }}
|
||
uses: https://github.com/finnp/create-file-action@master
|
||
env:
|
||
FILE_NAME: "mattermost.json"
|
||
FILE_DATA: |
|
||
{
|
||
"channel": "${{ inputs.notification_channel }}",
|
||
"attachments": [
|
||
{
|
||
"fallback": "Проверка упала ${{ gitea.repository }}",
|
||
"text": "@${{ gitea.actor }} упала тестовая сборка",
|
||
"color": "#FF0000",
|
||
"fields": [
|
||
{
|
||
"short": true,
|
||
"title": "Сборка",
|
||
"value": "https://git.wilix.dev/${{ gitea.repository }}/actions/runs/${{ gitea.run_id }}"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
|
||
- name: loop fail notification
|
||
if: ${{ inputs.notification_enabled && job.status == 'failure' }}
|
||
uses: https://github.com/mattermost/action-mattermost-notify@master
|