This repository publishes reusable GitHub Actions workflows for monitoring app repositories.
Consumer repositories should reference workflow files in this repository by tag. For example:
uses: qlik-oss/qlik-cloud-monitoring-app-workflows/.github/workflows/comment_checklist_pr.yml@workflows-v1.0.0- The caller repository should contain
release.jsonat the repository root. - The caller repository should store
.qvffiles inassets/. - The
unbuild_appworkflow writes generated output todiff/and pushes changes back to the checked out branch. - Consumer repositories should enable Dependabot updates for
github-actionsso workflow tag bumps are proposed automatically.
Posts a pull request checklist comment using the app name from release.json.
name: Comment on PR
on:
pull_request:
types: [opened, synchronize]
branches: ["main"]
jobs:
verify:
uses: qlik-oss/qlik-cloud-monitoring-app-workflows/.github/workflows/comment_checklist_pr.yml@workflows-v1.0.0- This workflow is intended for pull request events.
- The caller job must run in a repository that has a
release.jsonfile with anameproperty. - The reusable workflow skips runs triggered by
dependabot[bot]andrenovate[bot].
Creates a draft GitHub release using the app name from release.json, all files in assets/, and any URLs listed in release.json.externalAssets.
name: Build a draft release
on:
workflow_dispatch:
inputs:
tag:
description: Release tag (for example `v1.0.0`)
required: true
type: string
jobs:
create-release:
permissions:
contents: write
uses: qlik-oss/qlik-cloud-monitoring-app-workflows/.github/workflows/draft_release_on_main.yml@workflows-v1.0.0
with:
tag: ${{ inputs.tag }}- The caller repository should ensure
assets/exists. release.json.externalAssetsis optional. If present, each URL is downloaded intoassets/before the release is drafted.- The caller job needs
contents: writepermission.
Imports each .qvf file from assets/, unbuilds it into diff/, downloads image assets, and pushes any generated diff changes back to the source branch.
name: Unbuild app
on:
pull_request:
types: [opened, synchronize]
branches: ["main"]
paths:
- "assets/**"
jobs:
unbuild:
permissions:
contents: write
uses: qlik-oss/qlik-cloud-monitoring-app-workflows/.github/workflows/unbuild_app.yml@workflows-v1.0.0
secrets:
QLIK_CLOUD_MONITORING_TENANT: ${{ secrets.QLIK_CLOUD_MONITORING_TENANT }}
QLIK_CLOUD_MONITORING_OAUTH_ID: ${{ secrets.QLIK_CLOUD_MONITORING_OAUTH_ID }}
QLIK_CLOUD_MONITORING_OAUTH_SECRET: ${{ secrets.QLIK_CLOUD_MONITORING_OAUTH_SECRET }}Use this only if you want a manual run and you know which branch should receive the generated diff/ commit.
name: Unbuild app manually
on:
workflow_dispatch:
inputs:
checkout_ref:
description: Branch to update with generated diff content
required: true
type: string
jobs:
unbuild:
permissions:
contents: write
uses: qlik-oss/qlik-cloud-monitoring-app-workflows/.github/workflows/unbuild_app.yml@workflows-v1.0.0
with:
checkout_ref: ${{ inputs.checkout_ref }}
secrets:
QLIK_CLOUD_MONITORING_TENANT: ${{ secrets.QLIK_CLOUD_MONITORING_TENANT }}
QLIK_CLOUD_MONITORING_OAUTH_ID: ${{ secrets.QLIK_CLOUD_MONITORING_OAUTH_ID }}
QLIK_CLOUD_MONITORING_OAUTH_SECRET: ${{ secrets.QLIK_CLOUD_MONITORING_OAUTH_SECRET }}- Required secrets:
QLIK_CLOUD_MONITORING_TENANTQLIK_CLOUD_MONITORING_OAUTH_IDQLIK_CLOUD_MONITORING_OAUTH_SECRET
- The caller job needs
contents: writepermission because the workflow commits and pushes the generateddiff/output.
- Publish releases from this repository using tags.
- Pin consumer repositories to a released tag such as
workflows-v1.0.0. - Update consumers by releasing a new tag here and allowing Dependabot to open version bump pull requests in downstream repositories.