search

eclipse-tractusx / sig-infra

Apache License 2.0
2 stars 2 forks source link

readme

SIG infra

This is the home of Eclipse Tractus-X Special Interest Group (SIG) infra.

Workflows

This repository contains reusable workflows for the eclipse-tractusx GitHub organization. Their intent is to make the adoption of Eclipse Tractus-X processes and guidelines easier.

See the official documentation on reusable workflows and specifically the part about calling reusable workflows for further information. The following sections describe the reusable workflows provided in this repository and also show examples on how to use them.

Quality checks

Description: This workflow runs automated checks, that test for compliance with our Release Guidelines

Workflow file: .github/workflows/quality-checks.yaml

Usage:

# Example .github/workflows/quality-checks.yaml in your repo
name: "Quality Checks (Release Guidelines)"

on:
  workflow_dispatch:
  pull_request:
    branches:
      - main

jobs:
  check-quality:
    name: Run quality checks
    runs-on: ubuntu-latest
    steps:
      # Reference the reusable workflow by <org>/<repo>/<path-to-reusable-workflow>@revision
      # We recooment to use the @main branch, since we regularly maintain the quality checks (adding new, enhancing existing) 
      - uses: eclipse-tractusx/sig-infra/.github/workflows/reusable-quality-checks.yaml@main

Generate static PlantUML files

Description: This workflow generates static .svg files from your repository .puml-files and upload this as job artifact

Workflow file: .github/workflows/reusable-generate-puml-svg.yaml

Usage:

# Example .github/workflows/add-static-puml-files.yaml in your repo
name: "Render static puml files"
# Trigger as you want here in example each time a PlantUML file was updated on main branch
on:
  push:
    branches:
      - 'main'
    paths:
      - '**/*.puml'
jobs:
  render-images:
    uses: eclipse-tractusx/sig-infra/.github/workflows/reusable-generate-puml-svg.yml@main

  store-images:
    runs-on: ubuntu-latest
    # 2nd job needs to wait for first job to finish 
    needs: render-images
    steps:
      - name: checkout source repo
        uses: actions/checkout@v4
      - name: download generated svg file from job before
        uses: actions/download-artifact@v4
        id: download
        with:
          name: artifacts
          path: ${{ github.workspace }}
      # now you can handle the files in your desired way

Generate static Mermaid files

Description: This workflow generates static .svg files from your repository .mmd/.mermaid-files and upload this as job artifact

Workflow file: .github/workflows/reusable-generate-mermaid-svg.yaml

Usage:

# Example .github/workflows/add-static-mermaid-files.yml in your repo
name: "Render static mermaid files"
# Trigger as you want here in example each time a mermaid file was updated on main branch
on:
  push:
    branches:
      - 'main'
    paths:
      - '**/*.mermaid'
      - '**/*.mmd'
jobs:
  render-images:
    # Uses our workflow with specified mermaid-cli and node version
    uses: eclipse-tractusx/sig-infra/.github/workflows/reusable-generate-mermaid-svg.yml@main
    with:
      node_version: 16
      mmdc_version: 10.2.4

  store-images:
    runs-on: ubuntu-latest
    needs: render-images
    steps:
      - name: checkout source repo
        uses: actions/checkout@v4

      - name: download generated svg file from job before
        # here you downlowd the generated files from previous job
        uses: actions/download-artifact@v4
        id: download
        with:
          name: artifacts
          # choose where to store this file
          path: ${{ github.workspace }}
      # now you can handle the files in your desired way

Actions

This repo also provides some custom GitHub actions in .github/actions.

Check dependencies with dash-licenses

Description: This action is setting up dash-licenses and running it to analyze the project dependencies. It will check, if the current DEPENDENCIES file in the repository is up-to-date and if it contains restricted or even rejected libs.

Example Usage: You can use the action like in the following example. For a complete list of inputs and outputs, refer to the action docs 

# ...
name: "3rd Party dependency check (Eclipse Dash)"

on:
  workflow_dispatch:
  pull_request:
    branches:
      - main

permissions:
  contents: write

jobs:
  check-dependencies:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Run dash
        id: run-dash
        uses: eclipse-tractusx/sig-infra/.github/actions/run-dash@main
        with:
          dash_version: "1.0.2" # default = 'LATEST'
          dash_input: "package-lock.json" # If your build tool does not have a file, that dash can interpret as-is, add a step to generate it first and reference it here
          dependencies_file: "DEPENDENCIES_FRONTEND"
          fail_on_out_of_date: true # default
          fail_on_rejected: true # default
          fail_on_restricted: false # default