Modifying workflows to use reusable ones, for prototyping workflows f…

…or multple types of deploments.
codementality · Dec 17, 2024 · 7be30fa · 7be30fa
1 parent a3bd168
commit 7be30fa
Show file tree

Hide file tree

Showing 12 changed files with 377 additions and 42 deletions.
diff --git a/.github/workflows/application-tests.yml b/.github/workflows/application-tests.yml
diff --git a/.github/workflows/coding-standards-checks.yml b/.github/workflows/coding-standards-checks.yml
@@ -0,0 +1,27 @@
+name: _Drupal Coding Standards Checks (sh)
+on:
+  workflow_call:
+jobs:
+  coding_standards_checks:
+    name:  Drupal Coding Standards
+    runs-on: ubuntu-latest
+    env:
+      COMPOSER_MEMORY_LIMIT: -1
+    steps:
+      - uses: actions/checkout@v4
+      - name: Shut down Ubuntu MySQL
+        run: sudo service mysql stop #shutdown default mysql, sudo is necessary
+#      - name: Setup DDEV for site install testing
+#        uses: ddev/github-action-setup-ddev@v1
+#      - name: Validate composer.
+#        shell: bash
+#        run: ddev composer validate
+#      - name: Run composer install
+#        shell: bash
+#        run: ddev composer install -o
+      - name: Check for compliance with Drupal Coding Standards
+#        run: |
+#          ddev check:coding:standards
+        run: |
+          echo Success
+          exit 0
diff --git a/.github/workflows/deploy-code-stage.yml b/.github/workflows/deploy-code-stage.yml
@@ -0,0 +1,62 @@
+name: _Deploy Code (Staging) (sh)
+on:
+  workflow_call:
+    secrets:
+      ACQUIA_API_KEY:
+        required: true
+      ACQUIA_API_SECRET:
+        required: true
+      PRIVATE_SSH_KEY:
+        required: true
+jobs:
+  deploy_code:
+    name: Deploy Code
+    runs-on:  ubuntu-latest
+    env:
+      COMPOSER_MEMORY_LIMIT: -1
+      DRUPAL_ROOT: ./docroot
+      ACQUIA_API_KEY: ${{ secrets.ACQUIA_API_KEY }}
+      ACQUIA_API_SECRET: ${{ secrets.ACQUIA_API_SECRET }}
+      PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Shut down Ubuntu MySQL
+        run: sudo service mysql stop
+      - name: Get branch name (merge)
+        shell: bash
+        run: echo "BRANCH_NAME=$(echo ${GITHUB_BASE_REF})" >> $GITHUB_ENV
+      - name: Show branch name being used for this workflow.
+        run: echo ${{ env.BRANCH_NAME }}
+#      - name: Set up private SSH key for pushing builds to Acquia
+#        shell: bash
+#        run: |
+#          mkdir -p .ddev/homeadditions/.ssh
+#          echo "${{ secrets.PRIVATE_SSH_KEY }}" > .ddev/homeadditions/.ssh/id_rsa
+#          chmod 700 .ddev/homeadditions/.ssh
+#          chmod 600 .ddev/homeadditions/.ssh/*
+#        env:
+#          PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
+#      - name: Setup DDEV for site install testing
+#        uses: ddev/github-action-setup-ddev@v1
+#      - name: Validate composer.
+#        shell: bash
+#        run: ddev composer validate
+#      - name: Run composer install
+#        shell: bash
+#        run: ddev composer install -o
+      - name: Execute a deployment
+#        env:
+#          ACQUIA_API_KEY: ${{ env.ACQUIA_API_KEY }}
+#          ACQUIA_API_SECRET: ${{ env.ACQUIA_API_SECRET }}
+#          BRANCH_NAME: ${{ env.BRANCH_NAME }}
+        run: |
+          echo ${{ env.BRANCH_NAME }}
+          printenv
+          echo "----------------------------------------------"
+          echo Success
+          exit 0
+#        run: |
+#          echo ${{ env.BRANCH_NAME }}
+#          printenv
+#          echo "----------------------------------------------"
+#          ddev acquia:deploy
diff --git a/.github/workflows/deploy-code.yml b/.github/workflows/deploy-code.yml
@@ -0,0 +1,59 @@
+name: _Deploy Code (sh)
+on:
+  workflow_call:
+#    secrets:
+#      ACQUIA_API_KEY:
+#        required: true
+#      ACQUIA_API_SECRET:
+#        required: true
+#      PRIVATE_SSH_KEY:
+#        required: true
+jobs:
+  deploy_code:
+    name: Deploy Code
+    runs-on:  ubuntu-latest
+    env:
+      COMPOSER_MEMORY_LIMIT: -1
+      DRUPAL_ROOT: ./docroot
+#      ACQUIA_API_KEY: ${{ secrets.ACQUIA_API_KEY }}
+#      ACQUIA_API_SECRET: ${{ secrets.ACQUIA_API_SECRET }}
+#      PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Shut down Ubuntu MySQL
+        run: sudo service mysql stop
+      - name: Get branch name (merge)
+        shell: bash
+        run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
+      - name: Show branch name being used for this workflow.
+        run: echo ${{ env.BRANCH_NAME }}
+#      - name: Set up private SSH key for pushing builds to Acquia
+#        shell: bash
+#        run: |
+#          mkdir -p .ddev/homeadditions/.ssh
+#          echo "${{ secrets.PRIVATE_SSH_KEY }}" > .ddev/homeadditions/.ssh/id_rsa
+#          chmod 700 .ddev/homeadditions/.ssh
+#          chmod 600 .ddev/homeadditions/.ssh/*
+#        env:
+#          PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
+#      - name: Setup DDEV for site install testing
+#        uses: ddev/github-action-setup-ddev@v1
+#      - name: Validate composer.
+#        shell: bash
+#        run: ddev composer validate
+#      - name: Run composer install
+#        shell: bash
+#        run: ddev composer install -o
+#      - name: Execute a deployment
+#        env:
+#          ACQUIA_API_KEY: ${{ env.ACQUIA_API_KEY }}
+#          ACQUIA_API_SECRET: ${{ env.ACQUIA_API_SECRET }}
+#          BRANCH_NAME: ${{ env.BRANCH_NAME }}
+#        run: |
+#          echo ${{ env.BRANCH_NAME }}
+#          echo "----------------------------------------------"
+#          ddev acquia:deploy
+      - name: Execute a deployment
+        run: |
+          echo Success
+          exit 0
diff --git a/.github/workflows/deploy-to-develop.yml b/.github/workflows/deploy-to-develop.yml
@@ -1,19 +1,42 @@
 name:  Deploy to Develop
 on:
+  workflow_dispatch:
   push:
     branches:
-      # Will need to changes branches accordingly. Testing.
       - 'develop'
-      - 'main'
 jobs:
-  application_tests:
-    uses: ./.github/workflows/application-tests.yml
+  coding_standards_checks:
+    uses: ./.github/workflows/coding-standards-checks.yml
+  phpstan_static_analysis:
+    uses: ./.github/workflows/phpstan-static-analysis.yml
+  yaml_lint:
+    uses: ./.github/workflows/yaml-lint.yml
+  test_site_install:
+    uses: ./.github/workflows/test-site-installation.yml
+  dry_run_deployment:
+    uses: ./.github/workflows/dry-run-deployment.yml
+#    secrets:
+#      ACQUIA_API_KEY: ${{ secrets.ACQUIA_API_KEY }}
+#      ACQUIA_API_SECRET: ${{ secrets.ACQUIA_API_SECRET }}
+#      PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
   deploy:
-    runs-on: ubuntu-latest
-    needs: [application_tests]
-    if: always() && contains(needs.*.result, 'success')
-    steps:
-      - run: echo "Step 1"
-        shell: bash
-      - run: echo "Step 2"
-        shell: bash
+    needs: [coding_standards_checks, phpstan_static_analysis, yaml_lint, test_site_install, dry_run_deployment]
+    uses: ./.github/workflows/deploy-code.yml
+#    secrets:
+#      ACQUIA_API_KEY: ${{ secrets.ACQUIA_API_KEY }}
+#      ACQUIA_API_SECRET: ${{ secrets.ACQUIA_API_SECRET }}
+#      PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
+
+# Alternate job example using check for prior workflow results.
+#jobs:
+#  application_tests:
+#    uses: ./.github/workflows/application-tests.yml
+#  deploy:
+#    runs-on: ubuntu-latest
+#    needs: [application_tests]
+#    if: always() && contains(needs.*.result, 'success')
+#    steps:
+#      - run: echo "Step 1"
+#        shell: bash
+#      - run: echo "Step 2"
+#        shell: bash
diff --git a/.github/workflows/deploy-to-stage.yml b/.github/workflows/deploy-to-stage.yml
@@ -1,21 +1,34 @@
 name:  Deploy to Stage
 on:
-  push:
+  workflow_dispatch:
+  pull_request:
+    types:
+      - synchronize
+      - closed
     branches:
-      # Will need to changes branches accordingly. Testing.
       - 'master'
-      - 'main'
 jobs:
-  security_tests:
+  security_checks:
     uses: ./.github/workflows/security-checks.yml
-  application_tests:
-    uses: ./.github/workflows/application-tests.yml
+  coding_standards_checks:
+    uses: ./.github/workflows/coding-standards-checks.yml
+  phpstan_static_analysis:
+    uses: ./.github/workflows/phpstan-static-analysis.yml
+  yaml_lint:
+    uses: ./.github/workflows/yaml-lint.yml
+  test_site_install:
+    uses: ./.github/workflows/test-site-installation.yml
+  dry_run_deployment:
+    uses: ./.github/workflows/dry-run-deployment.yml
+#    secrets:
+#      ACQUIA_API_KEY: ${{ secrets.ACQUIA_API_KEY }}
+#      ACQUIA_API_SECRET: ${{ secrets.ACQUIA_API_SECRET }}
+#      PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
   deploy:
-    runs-on: ubuntu-latest
-    needs: [application_tests, security_tests]
-    if: always() && !contains(needs.*.result, 'failure')
-    steps:
-      - run: echo "Step 1"
-        shell: bash
-      - run: echo "Step 2"
-        shell: bash
+    needs: [security_checks, coding_standards_checks, phpstan_static_analysis, yaml_lint, test_site_install, dry_run_deployment]
+    if: github.event.pull_request.merged == true
+    uses: ./.github/workflows/deploy-code-stage.yml
+#    secrets:
+#      ACQUIA_API_KEY: ${{ secrets.ACQUIA_API_KEY }}
+#      ACQUIA_API_SECRET: ${{ secrets.ACQUIA_API_SECRET }}
+#      PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
diff --git a/.github/workflows/dry-run-deployment.yml b/.github/workflows/dry-run-deployment.yml
@@ -0,0 +1,51 @@
+name: _Dry Run Deployment (sh)
+on:
+  workflow_call:
+#    secrets:
+#      ACQUIA_API_KEY:
+#        required: true
+#      ACQUIA_API_SECRET:
+#        required: true
+#      PRIVATE_SSH_KEY:
+#        required: true
+jobs:
+  dry_run_deployment:
+    name: Execute Dry Run Deployment
+    runs-on:  ubuntu-latest
+    env:
+      COMPOSER_MEMORY_LIMIT: -1
+      DRUPAL_ROOT: ./docroot
+#      ACQUIA_API_KEY: ${{ secrets.ACQUIA_API_KEY }}
+#      ACQUIA_API_SECRET: ${{ secrets.ACQUIA_API_SECRET }}
+#      PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Shut down Ubuntu MySQL
+        run: sudo service mysql stop
+      - name: Get branch name (merge)
+        shell: bash
+        run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
+      - name: Show branch name being used for this workflow.
+        run: echo ${{ env.BRANCH_NAME }}
+#      - name: Set up private SSH key for pushing builds to Acquia
+#        shell: bash
+#        run: |
+#          mkdir -p .ddev/homeadditions/.ssh
+#          echo $PRIVATE_SSH_KEY
+#          echo "${{ secrets.PRIVATE_SSH_KEY }}" > .ddev/homeadditions/.ssh/id_rsa
+#          chmod 700 .ddev/homeadditions/.ssh
+#          chmod 600 .ddev/homeadditions/.ssh/*
+#        env: 
+#          PRIVATE_SSH_KEY: ${{ secrets.PRIVATE_SSH_KEY }}
+#      - name: Setup DDEV for site install testing
+#        uses: ddev/github-action-setup-ddev@v1
+      - name: Execute a dry-run deployment
+#        env:
+#          ACQUIA_API_KEY: ${{ env.ACQUIA_API_KEY }}
+#          ACQUIA_API_SECRET: ${{ env.ACQUIA_API_SECRET }}
+#          BRANCH_NAME: ${{ env.BRANCH_NAME }}
+#        run: |
+#          ddev dry:run:deploy
+        run: |
+          echo Success
+          exit 0
diff --git a/.github/workflows/phpstan-static-analysis.yml b/.github/workflows/phpstan-static-analysis.yml
@@ -0,0 +1,27 @@
+name: _Static Analysis with PHPStan (sh)
+on:
+  workflow_call:
+jobs:
+  static_analysis_checks:
+    name:  PHPStan Static Analysis
+    runs-on: ubuntu-latest
+    env:
+      COMPOSER_MEMORY_LIMIT: -1
+    steps:
+      - uses: actions/checkout@v4
+      - name: Shut down Ubuntu MySQL
+        run: sudo service mysql stop
+#      - name: Setup DDEV for site install testing
+#        uses: ddev/github-action-setup-ddev@v1
+#      - name: Validate composer.
+#        shell: bash
+#        run: ddev composer validate
+#      - name: Run composer install
+#        shell: bash
+#        run: ddev composer install -o
+      - name: Run Static Analysis
+#        run: |
+#          ddev phpstan:static:analysis
+        run: |
+          echo Success
+          exit 0
diff --git a/.github/workflows/security-checks.yml b/.github/workflows/security-checks.yml
@@ -2,10 +2,25 @@ name: _Security Checks (sh)
 on:
   workflow_call:
 jobs:
-  build:
+  run_security_checks:
+    name: Composer Security Checks
     runs-on: ubuntu-latest
+    env:
+      COMPOSER_MEMORY_LIMIT: -1
     steps:
       - uses: actions/checkout@v4
+      - name: Shut down Ubuntu MySQL
+        run: sudo service mysql stop
+#      - name: Setup DDEV for site install testing
+#        uses: ddev/github-action-setup-ddev@v1
+#      - name: Validate composer.
+#        shell: bash
+#        run: ddev composer validate
+#      - name: Run composer install
+#        shell: bash
+#        run: ddev composer install -o
+#      - name:  Audit Composer for security issues
+#        run: ddev composer audit
       - name: Run Security Checks
         run: |
           echo Fail