diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index e958688e..8e68ea79 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,5 +1,5 @@ --- -name: Test +name: Linting on: pull_request: push: @@ -8,17 +8,9 @@ on: paths-ignore: - '**/README.md' jobs: - molecule: - name: Molecule + pre-commit-ci: + name: Pre-Commit runs-on: self-hosted - - strategy: - matrix: - scenario: - - default - - ipv6 - - single_node - fail-fast: false env: PYTHON_VERSION: "3.10" @@ -28,35 +20,29 @@ jobs: with: ref: ${{ github.event.pull_request.head.sha }} - - name: Configure VirtualBox - run: |- - sudo mkdir -p /etc/vbox - cat < /dev/null - * 192.168.30.0/24 - * fdad:bad:ba55::/64 - EOF - - - name: Cache Vagrant boxes - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # 3.0.8 - with: - path: | - ~/.vagrant.d/boxes - key: vagrant-boxes-${{ hashFiles('**/molecule.yml') }} - restore-keys: | - vagrant-boxes - - - name: Download Vagrant boxes for all scenarios - # To save some cache space, all scenarios share the same cache key. - # On the other hand, this means that the cache contents should be - # the same across all scenarios. This step ensures that. - run: ./.github/download-boxes.sh - - name: Set up Python ${{ env.PYTHON_VERSION }} uses: actions/setup-python@13ae5bb136fac2878aff31522b9efb785519f984 # 4.3.0 with: python-version: ${{ env.PYTHON_VERSION }} cache: 'pip' # caching pip dependencies + - name: Cache pip + uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # 3.0.11 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('./requirements.txt') }} + restore-keys: | + ${{ runner.os }}-pip- + + - name: Cache Ansible + uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # 3.0.11 + with: + path: ~/.ansible/collections + key: ${{ runner.os }}-ansible-${{ hashFiles('collections/requirements.txt') }} + restore-keys: | + ${{ runner.os }}-ansible- + + - name: Install dependencies run: | echo "::group::Upgrade pip" python3 -m pip install --upgrade pip @@ -66,23 +52,22 @@ jobs: python3 -m pip install -r requirements.txt echo "::endgroup::" - - name: Test with molecule - run: molecule test --scenario-name ${{ matrix.scenario }} - env: - ANSIBLE_K3S_LOG_DIR: ${{ runner.temp }}/logs/k3s-ansible/${{ matrix.scenario }} - ANSIBLE_SSH_RETRIES: 4 - ANSIBLE_TIMEOUT: 60 - PY_COLORS: 1 - ANSIBLE_FORCE_COLOR: 1 + echo "::group::Install Ansible role requirements from collections/requirements.yml" + ansible-galaxy install -r collections/requirements.yml + echo "::endgroup::" - - name: Upload log files - if: always() # do this even if a step before has failed - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # 3.1.0 + - name: Run pre-commit + uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # 3.0.0 + + ensure-pinned-actions: + name: Ensure SHA Pinned Actions + runs-on: self-hosted + steps: + - name: Checkout code + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # 3.0.2 + - name: Ensure SHA pinned actions + uses: zgosalvez/github-actions-ensure-sha-pinned-actions@6ca5574367befbc9efdb2fa25978084159c5902d # 1.3.0 with: - name: logs - path: | - ${{ runner.temp }}/logs - - - name: Delete old box versions - if: always() # do this even if a step before has failed - run: vagrant box prune --force + allowlist: | + aws-actions/ + docker/login-action