diff --git a/.github/workflows/environments-secrets.yml b/.github/workflows/environments-secrets.yml index 2b128265..64888146 100644 --- a/.github/workflows/environments-secrets.yml +++ b/.github/workflows/environments-secrets.yml @@ -1,11 +1,11 @@ name: 03-1. Environments and Secrets on: - # push: - # branches: [main] - # pull_request: - # branches: [main] - workflow_dispatch: + push: + branches: [main] + pull_request: + branches: [main] + workflow_dispatch: # Limit the permissions of the GITHUB_TOKEN permissions: @@ -19,6 +19,23 @@ env: DEV_URL: 'https://docs.github.com/en/developers' jobs: + use-secrets: + name: Use secrets + runs-on: ubuntu-latest + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} + steps: + - name: Hello world action with secrets + uses: actions/hello-world-javascript-action@main + with: # Set the secret as an input + who-to-greet: ${{ secrets.MY_REPO_SECRET }} + env: # Or as an environment variable + super_secret: ${{ secrets.MY_REPO_SECRET }} + - name: Echo secret is redacted in the logs + run: | + echo Env secret is ${{ secrets.MY_REPO_SECRET }} + echo Warning: GitHub automatically redacts secrets printed to the log, + echo but you should avoid printing secrets to the log intentionally. + echo ${{ secrets.MY_REPO_SECRET }} | sed 's/./& /g' use-environment-dev: name: Use DEV environment runs-on: ubuntu-latest @@ -71,13 +88,29 @@ jobs: echo Repo secret is ${{ secrets.MY_REPO_SECRET }} echo Org secret is ${{ secrets.MY_ORG_SECRET }} echo Env secret is not accessible ${{ secrets.MY_ENV_SECRET }} + + use-environment-uat: + name: Use UAT environment + runs-on: ubuntu-latest + if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} + needs: use-environment-test + + environment: + name: UAT + url: 'https://uat.github.com' + + steps: + - name: Step that uses the UAT environment + run: echo "Deployment to UAT..." + env: + env_secret: ${{ secrets.MY_ENV_SECRET }} use-environment-prod: name: Use PROD environment runs-on: ubuntu-latest #if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} - needs: use-environment-test + needs: use-environment-uat environment: name: PROD diff --git a/.github/workflows/github-actions-demo.yml b/.github/workflows/github-actions-demo.yml index e8540e80..1c63b17f 100644 --- a/.github/workflows/github-actions-demo.yml +++ b/.github/workflows/github-actions-demo.yml @@ -2,7 +2,11 @@ name: 01-1. GitHub Actions Demo on: workflow_dispatch: workflow_call: - +push: + branches: + - main + paths: + - 'labs/**' jobs: Explore-GitHub-Actions: runs-on: ubuntu-latest @@ -20,3 +24,21 @@ jobs: - run: echo "🍏 This job's status is ${{ job.status }}." - name: Adding markdown run: echo "### Hello world! :rocket:" >> "$GITHUB_STEP_SUMMARY" + # This step uses GitHub's hello-world-javascript-action: https://github.com/actions/hello-world-javascript-action + - name: Hello world + uses: actions/hello-world-javascript-action@main + with: + who-to-greet: "Mona the Octocat" + id: hello + # This step prints an output (time) from the previous step's action. + - name: Echo the greeting's time + run: echo 'The time was ${{ steps.hello.outputs.time }}.' + # This step uses GitHub's hello-world-javascript-action: https://github.com/actions/hello-world-javascript-action + - name: Hello world + uses: actions/hello-world-javascript-action@main + with: + who-to-greet: "Mona the Octocat" + id: hello + # This step prints an output (time) from the previous step's action. + - name: Echo the greeting's time + run: echo 'The time was ${{ steps.hello.outputs.time }}.' diff --git a/.github/workflows/job-dependencies.yml b/.github/workflows/job-dependencies.yml index e773fe04..a208a4c3 100644 --- a/.github/workflows/job-dependencies.yml +++ b/.github/workflows/job-dependencies.yml @@ -2,10 +2,11 @@ name: 02-2. Dependencies on: workflow_dispatch: - # push: - # branches: - # - main - + push: + branches: + - main + workflow_call: + jobs: initial: runs-on: ubuntu-latest @@ -31,3 +32,40 @@ jobs: needs: [fanout1, fanout2] steps: - run: echo "This job will run after fanout1 and fanout2 have finished." + build: + runs-on: ubuntu-latest + strategy: + matrix: + configuration: [debug, release] + steps: + - run: echo "This job builds the cofiguration ${{ matrix.configuration }}." + test: + runs-on: ubuntu-latest + needs: build + steps: + - run: echo "This job will be run after the build job." + ring01: + runs-on: ubuntu-latest + needs: test + steps: + - run: echo "This job will be run after the test job." + ring02: + runs-on: macos-latest + needs: test + steps: + - run: echo "This job will be run after the test job." + ring03: + runs-on: ubuntu-latest + needs: test + steps: + - run: echo "This job will be run after the test job." + ring04: + runs-on: ubuntu-latest + needs: [ring01,ring02,ring03] + steps: + - run: echo "This job will be run after the ring01,ring02,ring03 jobs." + prod: + runs-on: ubuntu-latest + needs: [ring04] + steps: + - run: echo "This job will be run after the ring04 job." diff --git a/.github/workflows/reusable-workflow-template.yml b/.github/workflows/reusable-workflow-template.yml index 33c7858e..f084adaa 100644 --- a/.github/workflows/reusable-workflow-template.yml +++ b/.github/workflows/reusable-workflow-template.yml @@ -1,7 +1,9 @@ name: 04-1. Call Reusable Workflow Templates on: - [workflow_dispatch] + push: + branches: [main] + workflow_dispatch: jobs: call_greet_everyone_workflow_job: @@ -15,3 +17,7 @@ jobs: call_demo_workflow_job: needs: call_greet_everyone_workflow_job uses: githubabcs/gh-abcs-actions/.github/workflows/github-actions-demo.yml@main + + call_dependencies_workflow_job: + needs: call_reusable_workflow_job + uses: /gh-abcs-actions/.github/workflows/job-dependencies.yml@main diff --git a/labs/setup.md b/labs/setup.md index 2cd443dc..cbd6cda4 100644 --- a/labs/setup.md +++ b/labs/setup.md @@ -29,4 +29,5 @@ References: - [ ] Module 6: Self-hosted runners - [ ] Module 7: CI/CD ``` -7. Fetch upstream to get the latest changes from the upstream repository \ No newline at end of file +7. Fetch upstream to get the latest changes from the upstream repository +8. the end