Skip to content

Commit 0420621

Browse files
wislerttwislertt
authored
feat: init repo (#1)
1 parent be17fbe commit 0420621

27 files changed

+4089
-1
lines changed

.github/renovate.json5

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
{
2+
$schema: "https://docs.renovatebot.com/renovate-schema.json",
3+
extends: ["config:recommended"],
4+
}

.github/workflows/cd.yml

Lines changed: 74 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,74 @@
1+
name: cd
2+
3+
# Note: Ensure CD pipeline is idempotent to safely handle re-runs from push,
4+
# workflow dispatch, and tag versioning triggers
5+
on:
6+
push:
7+
branches:
8+
- main
9+
workflow_dispatch:
10+
11+
permissions:
12+
contents: write
13+
issues: write
14+
pull-requests: write
15+
16+
jobs:
17+
# ====================================================
18+
# Versioning and Release
19+
# ====================================================
20+
semantic-release:
21+
name: semantic-release
22+
uses: wislertt/zerv/.github/workflows/shared-semantic-release.yml@v0
23+
with:
24+
allowed_workflow_dispatch_branches: '["main"]'
25+
fail_on_invalid_workflow_dispatch_ref: true
26+
27+
zerv-versioning:
28+
needs: semantic-release
29+
if: needs.semantic-release.outputs.is_valid_semantic_release == 'true'
30+
uses: wislertt/zerv/.github/workflows/shared-zerv-versioning.yml@v0
31+
32+
create-version-prefix-tags:
33+
needs: zerv-versioning
34+
uses: wislertt/zerv/.github/workflows/shared-create-tags.yml@v0
35+
with:
36+
tags: >-
37+
[
38+
"${{ fromJson(needs.zerv-versioning.outputs.versions).v_major }}",
39+
"${{ fromJson(needs.zerv-versioning.outputs.versions).v_major_minor }}"
40+
]
41+
42+
# ====================================================
43+
# Test and Lint
44+
# ====================================================
45+
test:
46+
uses: ./.github/workflows/test.yml
47+
secrets:
48+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
49+
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
50+
51+
# ====================================================
52+
# Deployment with environment
53+
# ====================================================
54+
deploy-all-env:
55+
needs: zerv-versioning
56+
uses: ./.github/workflows/deploy-all-env.yml
57+
with:
58+
semver: ${{ fromJson(needs.zerv-versioning.outputs.versions).semver }}
59+
pep440: ${{ fromJson(needs.zerv-versioning.outputs.versions).pep440 }}
60+
docker_tag: ${{ fromJson(needs.zerv-versioning.outputs.versions).docker_tag }}
61+
deploy_labels: '{"deploy-d": true, "deploy-n": true, "deploy-p": true}'
62+
lock_key_owner: ${{ github.ref }}-${{ github.sha }}-${{ github.run_id }}
63+
unlock_after_deploy: true
64+
65+
# ====================================================
66+
# Deployment without environment
67+
# ====================================================
68+
deploy-no-env:
69+
needs: zerv-versioning
70+
uses: ./.github/workflows/deploy-no-env.yml
71+
with:
72+
semver: ${{ fromJson(needs.zerv-versioning.outputs.versions).semver }}
73+
pep440: ${{ fromJson(needs.zerv-versioning.outputs.versions).pep440 }}
74+
docker_tag: ${{ fromJson(needs.zerv-versioning.outputs.versions).docker_tag }}

.github/workflows/ci.yml

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,90 @@
1+
name: ci
2+
3+
on:
4+
# Rulesets for main branch
5+
# - Require status checks to pass -> Require branches to be up to date before merging
6+
pull_request:
7+
# Note: 'labeled'/'unlabeled' triggers create parallel workflow runs when multiple labels change.
8+
# Ensure CI pipeline is idempotent and supports parallel execution or uses concurrency controls
9+
# in GitHub Actions to prevent conflicts from simultaneous multi-label trigger events.
10+
types: [labeled, unlabeled, opened, synchronize, reopened]
11+
12+
permissions:
13+
contents: write
14+
15+
jobs:
16+
# ====================================================
17+
# Versioning and Release
18+
# ====================================================
19+
check-pre-release:
20+
name: check-pre-release
21+
uses: wislertt/zerv/.github/workflows/shared-check-pr-label-and-branch.yml@v0
22+
with:
23+
target_label: "pre-release"
24+
branch_prefix: "release/"
25+
26+
zerv-versioning:
27+
name: zerv-versioning
28+
needs: check-pre-release
29+
uses: wislertt/zerv/.github/workflows/shared-zerv-versioning.yml@v0
30+
with:
31+
schema: ${{ (needs.check-pre-release.outputs.is_valid == 'true' && 'standard-base-prerelease-post') || '' }}
32+
33+
# Note: Consider softprops/action-gh-release as a step if you want both tag and release in one job
34+
tag-pre-release:
35+
name: tag-pre-release
36+
needs: [zerv-versioning, check-pre-release]
37+
if: needs.check-pre-release.outputs.is_valid == 'true'
38+
uses: wislertt/zerv/.github/workflows/shared-create-tags.yml@v0
39+
with:
40+
tags: '["${{ fromJson(needs.zerv-versioning.outputs.versions).v_semver }}"]'
41+
42+
# ====================================================
43+
# Test and Lint
44+
# ====================================================
45+
test:
46+
uses: ./.github/workflows/test.yml
47+
secrets:
48+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
49+
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
50+
51+
pre-commit:
52+
uses: ./.github/workflows/pre-commit.yml
53+
54+
# ====================================================
55+
# Deployment with environment
56+
# ====================================================
57+
check-deploy-env-labels:
58+
name: check-deploy-env-labels
59+
uses: wislertt/zerv/.github/workflows/shared-check-pr-labels-with-prefix.yml@v0
60+
with:
61+
prefix: "deploy-"
62+
63+
deploy-all-env:
64+
needs: [zerv-versioning, check-deploy-env-labels]
65+
uses: ./.github/workflows/deploy-all-env.yml
66+
with:
67+
semver: ${{ fromJson(needs.zerv-versioning.outputs.versions).semver }}
68+
pep440: ${{ fromJson(needs.zerv-versioning.outputs.versions).pep440 }}
69+
docker_tag: ${{ fromJson(needs.zerv-versioning.outputs.versions).docker_tag }}
70+
deploy_labels: ${{ needs.check-deploy-env-labels.outputs.labels }}
71+
lock_key_owner: ${{ github.ref }}
72+
unlock_after_deploy: false
73+
74+
# ====================================================
75+
# Deployment without environment
76+
# ====================================================
77+
check-deploy-no-env-label:
78+
name: check-deploy-no-env-label
79+
uses: wislertt/zerv/.github/workflows/shared-check-pr-label-and-branch.yml@v0
80+
with:
81+
target_label: "deploy"
82+
83+
deploy-no-env:
84+
needs: [zerv-versioning, check-deploy-no-env-label]
85+
if: needs.check-deploy-no-env-label.outputs.has_label == 'true'
86+
uses: ./.github/workflows/deploy-no-env.yml
87+
with:
88+
semver: ${{ fromJson(needs.zerv-versioning.outputs.versions).semver }}
89+
pep440: ${{ fromJson(needs.zerv-versioning.outputs.versions).pep440 }}
90+
docker_tag: ${{ fromJson(needs.zerv-versioning.outputs.versions).docker_tag }}

.github/workflows/deploy-all-env.yml

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,46 @@
1+
name: deploy-all-env
2+
3+
on:
4+
workflow_call:
5+
inputs:
6+
semver:
7+
required: true
8+
type: string
9+
pep440:
10+
required: true
11+
type: string
12+
docker_tag:
13+
required: true
14+
type: string
15+
deploy_labels:
16+
required: false
17+
type: string
18+
description: "JSON object with deploy labels from check-pr-labels-with-prefix"
19+
default: "{}"
20+
lock_key_owner:
21+
description: "Key owner for environment lock"
22+
required: true
23+
type: string
24+
unlock_after_deploy:
25+
required: true
26+
type: boolean
27+
28+
permissions:
29+
contents: write
30+
31+
jobs:
32+
deploy:
33+
strategy:
34+
fail-fast: false
35+
matrix:
36+
env: [d, n, p]
37+
uses: ./.github/workflows/deploy-env.yml
38+
with:
39+
env: ${{ matrix.env }}
40+
semver: ${{ inputs.semver }}
41+
pep440: ${{ inputs.pep440 }}
42+
docker_tag: ${{ inputs.docker_tag }}
43+
deploy_labels: ${{ inputs.deploy_labels }}
44+
lock_key: ${{ matrix.env }}
45+
lock_key_owner: ${{ inputs.lock_key_owner }}
46+
unlock_after_deploy: ${{ inputs.unlock_after_deploy }}

.github/workflows/deploy-env.yml

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
name: deploy-env
2+
3+
on:
4+
workflow_call:
5+
inputs:
6+
env:
7+
required: true
8+
type: string
9+
semver:
10+
required: true
11+
type: string
12+
pep440:
13+
required: true
14+
type: string
15+
docker_tag:
16+
required: true
17+
type: string
18+
deploy_labels:
19+
required: false
20+
type: string
21+
description: "JSON object with deploy labels from check-pr-labels-with-prefix"
22+
default: "{}"
23+
lock_key:
24+
description: "Key for environment lock"
25+
required: true
26+
type: string
27+
lock_key_owner:
28+
description: "Key owner for environment lock"
29+
required: true
30+
type: string
31+
unlock_after_deploy:
32+
required: true
33+
type: boolean
34+
35+
jobs:
36+
lock:
37+
name: lock-${{ inputs.lock_key }}
38+
if: fromJson(inputs.deploy_labels)[format('deploy-{0}', inputs.env)]
39+
uses: wislertt/zerv/.github/workflows/shared-lock.yml@v0
40+
with:
41+
key: ${{ inputs.lock_key }}
42+
key_owner: ${{ inputs.lock_key_owner }}
43+
job_name: lock-${{ inputs.lock_key }}
44+
45+
deploy:
46+
name: deploy-${{ inputs.env }}
47+
needs: lock
48+
runs-on: ubuntu-latest
49+
steps:
50+
- name: Dummy deploy with environment
51+
run: |
52+
echo "Deploying to environment: ${{ inputs.env }}"
53+
echo "Semver: ${{ inputs.semver }}"
54+
echo "PEP440: ${{ inputs.pep440 }}"
55+
echo "Docker Tag: ${{ inputs.docker_tag }}"
56+
57+
unlock:
58+
name: unlock-${{ inputs.lock_key }}
59+
uses: wislertt/zerv/.github/workflows/shared-unlock.yml@v0
60+
needs: [lock, deploy]
61+
if: always() && inputs.unlock_after_deploy == true && needs.lock.result != 'skipped'
62+
with:
63+
key: ${{ inputs.lock_key }}
64+
key_owner: ${{ inputs.lock_key_owner }}
65+
job_name: unlock-${{ inputs.lock_key }}

.github/workflows/deploy-no-env.yml

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
name: deploy-no-env
2+
3+
on:
4+
workflow_call:
5+
inputs:
6+
semver:
7+
required: true
8+
type: string
9+
pep440:
10+
required: true
11+
type: string
12+
docker_tag:
13+
required: true
14+
type: string
15+
16+
jobs:
17+
deploy:
18+
runs-on: ubuntu-latest
19+
steps:
20+
- name: Dummy deploy without environment
21+
run: |
22+
echo "Deploying without specific environment"
23+
echo "Semver: ${{ inputs.semver }}"
24+
echo "PEP440: ${{ inputs.pep440 }}"
25+
echo "Docker Tag: ${{ inputs.docker_tag }}"

.github/workflows/pr-unlock.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
name: pr-unlock
2+
3+
on:
4+
pull_request:
5+
types: [closed, unlabeled]
6+
7+
permissions:
8+
contents: write
9+
10+
jobs:
11+
shared-pr-unlock:
12+
uses: wislertt/zerv/.github/workflows/shared-pr-unlock.yml@v0
13+
with:
14+
environments: '["d", "n", "p"]'
15+
deploy_label_prefix: "deploy-"

.github/workflows/pre-commit.yml

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
name: pre-commit
2+
3+
on:
4+
workflow_call:
5+
6+
jobs:
7+
pre-commit:
8+
runs-on: ubuntu-latest
9+
steps:
10+
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
11+
12+
- uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
13+
with:
14+
python-version: "3.x"
15+
16+
- name: Setup Node.js
17+
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
18+
with:
19+
node-version: "latest"
20+
21+
- name: Install Prettier
22+
run: npm install -g prettier
23+
24+
- uses: dtolnay/rust-toolchain@0b1efabc08b657293548b77fb76cc02d26091c7e # stable
25+
with:
26+
toolchain: nightly
27+
components: rustfmt, clippy
28+
29+
- uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd #v3.0.1
30+
with:
31+
extra_args: --all-files

0 commit comments

Comments
 (0)