Merge pull request #53659 from github/repo-sync #38

Workflow file for this run

.github/workflows/moda-ci.yaml at a9008c8

	name: docs-internal Moda CI

	# More info on CI actions setup can be found here:
	# https://github.com/github/ops/blob/master/docs/playbooks/build-systems/moving-moda-apps-from-bp-to-actions.md

	on:
	workflow_dispatch:
	push:
	branches-ignore:
	- 'gh-readonly-queue/**'
	merge_group:
	types: [checks_requested]

	jobs:
	##########################
	# Generate Vault keys
	##########################
	set-vault-keys:
	runs-on: ubuntu-latest
	outputs:
	modified_vault_keys: ${{ steps.modify_vault_keys.outputs.modified }}
	steps:
	- name: Set vault-keys output
	id: modify_vault_keys
	run: \|
	if [ -z "${{ vars.VAULT_KEYS }}" ]; then
	# We want to add the DOCS_BOT_PAT_READPUBLICKEY to the list of keys
	# so that builds fetch the secret from the docs-internal vault
	# where --environment is "ci"
	echo "modified=DOCS_BOT_PAT_READPUBLICKEY" >> $GITHUB_OUTPUT
	else
	echo "modified=${{ vars.VAULT_KEYS }},DOCS_BOT_PAT_READPUBLICKEY" >> $GITHUB_OUTPUT
	fi

	#############
	# Moda jobs
	#############
	moda-config-bundle:
	if: ${{ github.repository == 'github/docs-internal' }}
	name: ${{ matrix.ci_job.job }}
	needs: set-vault-keys
	strategy:
	fail-fast: false
	matrix:
	ci_job: [{ 'job': 'docs-internal-moda-config-bundle' }]
	uses: github/internal-actions/.github/workflows/moda.yml@main
	with:
	ci-formatted-job-name: ${{ matrix.ci_job.job }}
	vault-keys: ${{ needs.set-vault-keys.outputs.modified_vault_keys }}
	secrets:
	dx-bot-token: ${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }}
	datadog-api-key: ${{ secrets.DATADOG_API_KEY }}

	#############
	# Docker Image jobs
	#############
	docker-image:
	if: ${{ github.repository == 'github/docs-internal' }}
	name: ${{ matrix.ci_job.job }}
	needs: set-vault-keys
	strategy:
	fail-fast: false
	matrix:
	ci_job: [{ 'job': 'docs-internal-docker-image' }]
	uses: github/internal-actions/.github/workflows/kube.yml@main
Check failure on line 65 in .github/workflows/moda-ci.yaml View workflow run for this annotation GitHub Actions / .github/workflows/moda-ci.yaml Invalid workflow file `error parsing called workflow ".github/workflows/moda-ci.yaml" -> "github/internal-actions/.github/workflows/kube.yml@main" : workflow was not found. See https://docs.github.com/actions/learn-github-actions/reusing-workflows#access-to-reusable-workflows for more information.`
	with:
	ci-formatted-job-name: ${{ matrix.ci_job.job }}
	vault-keys: ${{ needs.set-vault-keys.outputs.modified_vault_keys }}
	# Passes 'DOCS_BOT_PAT_READPUBLICKEY' secret from Vault to docker as --secret id=DOCS_BOT_PAT_READPUBLICKEY,src=<PAT value>
	docker-build-env-secrets: 'DOCS_BOT_PAT_READPUBLICKEY'
	secrets:
	dx-bot-token: ${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }}
	datadog-api-key: ${{ secrets.DATADOG_API_KEY }}

	#############
	# Docker Security jobs
	#############
	docker-security:
	if: ${{ github.repository == 'github/docs-internal' }}
	name: ${{ matrix.ci_job.job }}
	needs: set-vault-keys
	strategy:
	fail-fast: false
	matrix:
	ci_job: [{ 'job': 'docs-internal-docker-security' }]
	uses: github/internal-actions/.github/workflows/docker_security.yml@main
	with:
	ci-formatted-job-name: ${{ matrix.ci_job.job }}
	vault-keys: ${{ needs.set-vault-keys.outputs.modified_vault_keys }}
	# Passes 'DOCS_BOT_PAT_READPUBLICKEY' secret from Vault to docker as --secret id=DOCS_BOT_PAT_READPUBLICKEY,src=<PAT value>
	docker-build-env-secrets: 'DOCS_BOT_PAT_READPUBLICKEY'
	secrets:
	dx-bot-token: ${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }}
	datadog-api-key: ${{ secrets.DATADOG_API_KEY }}

	permissions:
	actions: read
	checks: read
	contents: read
	statuses: read
	id-token: write

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #53659 from github/repo-sync #38

Workflow file

Merge pull request #53659 from github/repo-sync #38

Jobs

Run details

Workflow file for this run

GitHub Actions / .github/workflows/moda-ci.yaml