Genericize dependency installation; add README (breaking)

cncsc · Nov 9, 2022 · 4994312 · 4994312
1 parent 760b640
commit 4994312
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 7 deletions.
diff --git a/.github/workflows/validation.yaml b/.github/workflows/validation.yaml
@@ -3,17 +3,20 @@ on:
   workflow_call:
     inputs:
       runPreCommit:
+        description: Whether or not to run pre-commit during validation.
         required: false
         type: boolean
         default: true
       runDefaultLinters:
+        description: Whether or not to run the lint script from the project's package.json file.
         required: false
         type: boolean
         default: true
-      validateTerraform:
+      additionalHomebrewPackages:
+        description: A space-delimited list of Homebrew packages to install.
         required: false
-        type: boolean
-        default: false
+        type: string
+        default: ''
 jobs:
 
   # -------------------------------------------------------------------------------------------------------------------
@@ -27,25 +30,33 @@ jobs:
       - uses: actions/checkout@v3
         with:
           submodules: recursive
+
       - uses: actions/setup-python@v4
         with:
           python-version: 3.x
+
       - uses: Homebrew/actions/setup-homebrew@master
-        if: inputs.validateTerraform == true
-      - name: Install Terraform dependencies
-        if: inputs.validateTerraform == true
-        run: brew install tflint tfsec
+        if: inputs.additionalHomebrewPackages != ''
+
+      - name: Install Homebrew packages
+        if: inputs.additionalHomebrewPackages != ''
+        run: brew install ${{ inputs.additionalHomebrewPackages }}
         shell: bash
+
       - name: Install pre-commit
+        # This remains a python/pip step to keep Homebrew install optional.
         run: python -m pip install pre-commit
         shell: bash
+
       - name: Freeze python dependencies
         run: python -m pip freeze --local
         shell: bash
+
       - uses: actions/cache@v3
         with:
           path: ~/.cache/pre-commit
           key: pre-commit|${{ hashFiles('.pre-commit-config.yaml') }}|${{ env.pythonLocation }}
+
       - name: Run pre-commit validation
         run: pre-commit run --show-diff-on-failure --color=always ${{ inputs.args }}
         shell: bash
@@ -61,12 +72,15 @@ jobs:
       - uses: actions/checkout@v3
         with:
           submodules: recursive
+
       - uses: actions/setup-node@v3
         with:
           node-version: 16.x
+
       - name: Install node dependencies
         run: npm ci
         shell: bash
+
       - name: Run lint script
         run: npm run lint
         shell: bash
diff --git a/README.md b/README.md
@@ -0,0 +1,36 @@
+# GitHub Actions Workflows
+
+Reusable GitHub Action workflows for CNCSC and member projects.
+
+Runs on `ubuntu` and `macos`.
+
+## Usage
+
+### Validation Workflow
+
+Runs `pre-commit` validation and executes the projects `lint` script from `package.json`.
+
+```yaml
+jobs:
+  ci:
+    name: Validation
+    uses: cncsc/actions/.github/workflows/validation.yaml@main
+    with:
+      runPreCommit: true # optional
+      runDefaultLinters: true # optional
+      additionalHomebrewPackages: tflint tfsec # optional
+```
+
+### Semantic Release Workflow
+
+```yaml
+jobs:
+  cd:
+    name: Release
+    uses: cncsc/actions/.github/workflows/semantic-release.yaml@main
+    secrets:
+      GIT_TOKEN_BASIC: ${{ secrets.GIT_TOKEN_BASIC }} # required
+      NPM_ACCESS_TOKEN: ${{ secrets.NPM_ACCESS_TOKEN }} # optional
+```
+
+Note that `NPM_ACCESS_TOKEN` is required when accessing private packages and/or publishing packages.