{"id":20110673,"url":"https://github.com/dell/common-github-actions","last_synced_at":"2025-05-06T10:32:06.980Z","repository":{"id":40777062,"uuid":"306171642","full_name":"dell/common-github-actions","owner":"dell","description":"Repository to hold GitHub Actions for Dell repos","archived":false,"fork":false,"pushed_at":"2024-11-12T15:57:10.000Z","size":195,"stargazers_count":15,"open_issues_count":1,"forks_count":5,"subscribers_count":19,"default_branch":"main","last_synced_at":"2024-11-12T16:40:58.571Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dell.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"docs/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"docs/SECURITY.md","support":"docs/SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-10-21T23:29:22.000Z","updated_at":"2024-11-08T16:28:02.000Z","dependencies_parsed_at":"2024-02-21T13:41:11.015Z","dependency_job_id":"dc358609-cbb1-4b07-8bb8-2802143521cc","html_url":"https://github.com/dell/common-github-actions","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dell%2Fcommon-github-actions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dell%2Fcommon-github-actions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dell%2Fcommon-github-actions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dell%2Fcommon-github-actions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dell","download_url":"https://codeload.github.com/dell/common-github-actions/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224499885,"owners_count":17321605,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-13T18:13:14.017Z","updated_at":"2025-05-06T10:32:06.957Z","avatar_url":"https://github.com/dell.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!--\nCopyright (c) 2020 Dell Inc., or its subsidiaries. All Rights Reserved.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n--\u003e\n\n# Dell GitHub Actions\n\n[![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg)](./docs/CODE_OF_CONDUCT.md)\n[![License](https://img.shields.io/github/license/dell/common-github-actions)](LICENSE)\n[![Latest Release](https://img.shields.io/github/v/release/dell/common-github-actions?label=latest\u0026style=flat-square)](https://github.com/dell/common-github-actions/releases)\n\nThis repository contains a set of reusable actions and workflows, designed to be run with GitHub Actions.\n\n## Table of Contents\n\n- [Code of Conduct](./docs/CODE_OF_CONDUCT.md)\n- Guides\n  - [Committer Guide](./docs/COMMITTER_GUIDE.md)\n  - [Contributing Guide](./docs/CONTRIBUTING.md)\n  - [Maintainer Guide](./docs/MAINTAINER_GUIDE.md)\n- [Maintainers](./docs/MAINTAINERS.md)\n- [Support](#support)\n- [Security](./docs/SECURITY.md)\n- [About](#about)\n- [GitHub Actions](#implemented-actions)\n  - [Code Santizer](#code-sanitizer)\n  - [Go Formatter and Vetter](#go-code-formatter-vetter)\n  - [Go Unit Tests](#go-code-tester)\n  - [Malware Scanner](#malware-scanner)\n- [GitHub Workflows](#implemented-workflows)\n  - [Go Static Analysis](#go-static-analysis)\n  - [Update Go Version](#go-version-workflow)\n  - [Go Common](#go-common)\n  - [Release CSM Driver and Modules](#csm-release-driver-module)\n  - [Update Dell Libraries to Latest Commits](#update-libraries-to-commits)\n  - [Update Dell Libraries](#update-libraries)\n  - [Dockerfile Modifications](#image-version-workflow)\n  - [UBI Image Update](#ubi-image-update)\n  - [Dell Libraries Specific Workflows](#dell-libraries-specific-workflows)\n    - [Release Dell Libraries](#csm-release-libs)\n  - [CSM Operator Specific Workflows](#csm-operator-specific-workflows)\n    - [Update Operator Version](#operator-version-update)\n    - [Update Sidecar Versions](#sidecar-version-update)\n    - [Module version update](#operator-module-version-update)\n    - [Driver version update](#operator-driver-version-update)\n\n## Implemented Actions\n\n### code-sanitizer\n\n[GitHub Action to scan the source for non-inclusive words and language.](https://github.com/dell/common-github-actions/blob/main/code-sanitizer/README.md)\n\n### go-code-formatter-vetter\n\n[GitHub Action to run go formatter, linter, and vetter scans against the GO source files](https://github.com/dell/common-github-actions/blob/main/go-code-formatter-vetter/README.md)\n\n### go-code-tester\n\n[GitHub Action to run code coverage against GO source](https://github.com/dell/common-github-actions/blob/main/go-code-tester/README.md)\n\n### malware-scanner\n\n[GitHub Action to run ClamScan AntiVirus Scan against source](https://github.com/dell/common-github-actions/blob/main/malware-scanner/README.md)\n\n## Implemented Workflows\n\nIn addition to the actions mentioned above, the repository contains workflows that are used by various projects.\n\n### go-static-analysis\n\nThis workflow runs static analysis checks against repositories that utilize Golang as the primary development language. The jobs that are run include:\n\n- golanci-lint with gofumpt (stricter version of gofmt), gosec, govet, and revive (replacement for golint). The configuration file for this job can be found at [.github/configs/golangci-lint/golangci.yaml](.github/configs/golangci-lint/golangci.yaml)\n- yaml_lint_scan which validates yaml files. The yamllint config file for this job is at [.github/configs/yamllint/yamllint.yaml](.github/configs/yamllint/yamllint.yaml)\n\nThe workflow does not accept any parameters and can be used from any repo by creating a workflow that resembles the following\n\n```yaml\nname: Workflow\non:\n  push:\n    branches: [main]\n  pull_request:\n    branches: [\"**\"]\n\njobs:\n\n  # golang static analysis checks\n  go-static-analysis:\n    uses: dell/common-github-actions/.github/workflows/go-static-analysis.yaml@main\n    name: Golang Validation\n```\n\n### go-version-workflow\n\nThis workflow updates to the latest go version in repositories that utilize Golang as the primary development language. The workflow is triggered by \u003chttps://github.com/dell/common-github-actions/actions/workflows/trigger-go-workflow.yaml\u003e or can be triggered manually.\n\nThe workflow does not accept any parameters and can be used from any repository by creating a workflow that resembles the following\nNote: Workflows that call reusable workflows in the same organization or enterprise can use the inherit keyword to implicitly pass the secrets. See: \u003chttps://docs.github.com/en/actions/sharing-automations/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow\u003e.\n\n```yaml\nname: Go Version Update\n\non:\n  workflow_dispatch:\n  repository_dispatch:\n    types: [go-update-workflow]\n\njobs:\n  go-version-update:\n    uses: dell/common-github-actions/.github/workflows/go-version-workflow.yaml@main\n    name: Go Version Update\n    secrets: inherit\n```\n\n### go-common\n\nThis workflow runs multiple checks against repositories that utilize Golang as the primary development language. Currently, this workflow will run unit tests, check package coverage, gosec, go formatter and vetter, malware scan, and auto-merge Dependabot PRs only.\n\n```yaml\nname: Common Workflows\non:  # yamllint disable-line rule:truthy\n  push:\n    branches: [main]\n  pull_request:\n    branches: [\"**\"]\n\njobs:\n  go-static-analysis:\n    name: Golang Validation\n    uses: dell/common-github-actions/.github/workflows/go-static-analysis.yaml@main\n\n  common:\n    name: Quality Checks\n    uses: dell/common-github-actions/.github/workflows/go-common.yml@main\n  check-license-header:\n    name: Check License Header\n    uses: dell/common-github-actions/.github/workflows/check-license-header.yaml@main\n```\n\n### csm-release-driver-module\n\nThis workflow automates the release of CSM drivers and modules repositories. The workflow accepts two parameters as version and image, and can be used from any repo by creating a workflow that resembles the following.\nThe manual workflow is recommended to be used for out of band releases such as patch releases or when the increment is a major version change.\n\nFor manual trigger from driver and module repositories, here is the example for the csi-powerscale repo:\n\n```yaml\nname: Release CSI-Powerscale\n# Invocable as a reusable workflow\n# Can be manually triggered\non:  # yamllint disable-line rule:truthy\n  workflow_call:\n  workflow_dispatch:\n    inputs:\n      option:\n        description: 'Select version to release'\n        required: true\n        type: choice\n        default: 'minor'\n        options:\n          - major\n          - minor\n          - patch\n          - n-1/n-2 patch (Provide input in the below box)\n      version:\n        description: \"Patch version to release. example: 2.1.x (Use this only if n-1/n-2 patch is selected)\"\n        required: false\n        type: string\njobs:\n  csm-release:\n    uses: dell/common-github-actions/.github/workflows/csm-release-driver-module.yaml@main\n    name: Release CSM Drivers and Modules\n    with:\n      version: ${{ github.event.inputs.option }}\n      images: csi-powerscale\n    secrets: inherit\n\n```\n\nFor Auto release of the driver and module repositories, here is the example for the csi-powerscale repo:\n\n```yaml\nname: Auto Release CSIPowerScale\non:\n  workflow_dispatch:\n  repository_dispatch:\n    types: [auto-release-workflow]\n\njobs:\n  calculate-version:\n    runs-on: ubuntu-latest\n    outputs:\n      new-version: ${{ steps.set-version.outputs.version }}\n    steps:\n      - name: Check out repository\n        uses: actions/checkout@v3\n        with:\n          fetch-depth: 0 # Fetch the full history including tags\n\n      - name: Get latest release version\n        id: get-latest-version\n        run: |\n          latest_version=$(git describe --tags $(git rev-list --tags --max-count=1))\n          echo \"latest_version=${latest_version}\" \u003e\u003e $GITHUB_ENV\n\n      - name: Increment minor version and remove 'v' prefix\n        id: set-version\n        run: |\n          version=${{ env.latest_version }}\n          clean_version=${version#v}\n\n          # Parse version parts\n          major=$(echo $clean_version | cut -d'.' -f1)\n          minor=$(echo $clean_version | cut -d'.' -f2)\n          patch=$(echo $clean_version | cut -d'.' -f3)\n          new_minor=$((minor + 1))\n          new_version=\"${major}.${new_minor}.0\"\n\n          echo \"New version: $new_version\"\n          echo \"::set-output name=version::$new_version\"\n\n  csm-release:\n    needs: calculate-version\n    uses: dell/common-github-actions/.github/workflows/csm-release-driver-module.yaml@main\n    with:\n      version: ${{ inputs.version || needs.calculate-version.outputs.new-version }}\n      image: \"csi-isilon\"  # Please provide the appropriate image name\n    secrets: inherit\n```\n\n### update-libraries-to-commits\n\nThis workflow updates Dell libraries to their **latest commits** in repositories that utilize Golang as the primary development language. The workflow is triggered automatically, but can be triggered manually as well.\nThe workflow does not accept any parameters and can be used from any repository by creating a workflow that resembles the following:\n\n```yaml\nname: Dell Libraries Commit Update\non:  # yamllint disable-line rule:truthy\n  workflow_dispatch:\n  repository_dispatch:\n    types: [latest-commits-libraries]\n\njobs:\n  library-update:\n    uses: dell/common-github-actions/.github/workflows/update-libraries-to-commits.yml@main\n    name: Dell Libraries Update\n    secrets: inherit\n```\n\n### update-libraries\n\nThis workflow updates Dell libraries to the **latest released** version in repositories that utilize Golang as the primary development language. The workflow can be manually triggered only.\nThe workflow does not accept any parameters and can be used from any repository by creating a workflow that resembles the following:\n\n```yaml\nname: Dell Libraries Latest Update\non:  # yamllint disable-line rule:truthy\n  workflow_dispatch:\n  repository_dispatch:\n    types: [latest-released-libraries]\n\njobs:\n  library-update:\n    uses: dell/common-github-actions/.github/workflows/update-libraries.yml@main\n    name: Dell Libraries Update\n    secrets: inherit\n```\n\n### image-version-workflow\n\nThis workflow automates the image and release version update in Dockerfiles. The workflow accepts one parameter - Version to release (major, minor, patch).\nThe manual workflow is recommended to be used for out of band releases such as patch releases or when the increment is a major version change.\n\nFor manual trigger from driver and module repositories, here is the example for the csi-powerscale repo:\n\n```yaml\nname: Image Version Update\n\non:  # yamllint disable-line rule:truthy\n  workflow_dispatch:\n    inputs:\n      version:\n        description: \"Version to release (major, minor, patch) Ex: minor\"\n        required: true\n  repository_dispatch:\n    types: [image-update-workflow]\n\njobs:\n  # image version update\n  image-version-update:\n    uses: dell/common-github-actions/.github/workflows/image-version-workflow.yaml@main\n    with:\n      version: \"${{ github.event.inputs.version || 'minor' }}\"\n    secrets: inherit\n\n```\n\n### ubi-image-update\n\nThis workflow updates UBI9 micro image SHAID to the latest. The workflow is triggered by a cron job that runs on every Monday at mid-day. It also can be triggered manually from \u003chttps://github.com/dell/csm/actions/workflows/ubi-image-update.yaml\u003e.\n\nThe workflow does not accept any parameters and can be used from any repository by creating a workflow that resembles the following\n\n```yaml\nname: UBI Image Update\n\non:\n  workflow_dispatch:\n  \njobs:\n  ubi-version-update:\n    uses: dell/common-github-actions/.github/workflows/ubi-version-update.yaml@main\n    name: UBI Version Update\n    secrets: inherit\n```\n\n## Dell Libraries Specific Workflows\n\n### csm-release-libs\n\nThis workflow automates the release process for all the Go Client Libraries:\n\nThe workflow accepts version as an input and releases that particular version. Below is the example usage in gobrick repository. If no version is specified then it will automatically bump up the major version.\n\n```yaml\nname: Release Gobrick\n# Invocable as a reusable workflow\n# Can be manually triggered\non:\n  workflow_call:\n  workflow_dispatch:\n    inputs:\n      version:\n        description: 'Version to release (major, minor, patch) Ex: 1.0.0'\n        required: true\n    repository_dispatch:\n      types: [release-go-libs]\n\n  csm-release:\n    uses: dell/common-github-actions/.github/workflows/csm-release-libs.yaml@main\n    name: Release Go Client Libraries\n    with:\n      version: ${{ github.event.inputs.option }}\n    secrets: inherit\n```\n\n## CSM Operator Specific Workflows\n\n### operator-version-update\n\nThis workflow updates csm-operator repository with latest version of the operator for the given release.\nIt also updates the CSM program version wherever it is used in csm-operator repository.\n\nThis workflow accepts total three parameters as input to the workflow (csm version, latest operator version, existing operator version).\n\nIt expects a script to be present in the csm-operator repository \".github/scripts/operator-version-update.sh\".\n\nWorkflow needs to be triggered manually from csm-operator repository. Below is the example usage in csm-operator repository.\n\n```yaml\nname: Update CSM Operator version\n# reusable workflow\non:  # yamllint disable-line rule:truthy\n  workflow_call:\n  workflow_dispatch:\n    inputs:\n      csm-version:\n        description: 'CSM program version, ex: v1.12.0, v1.13.0, ...'\n        required: true\n      latest-version:\n        description: 'Latest operator version, ex: v1.7.0, v1.8.0, ...'\n        required: true\n      existing-version:\n        description: 'Existing operator version, ex: v1.6.0, 1.7.0, ...'\n        required: true\njobs:\n  version-update:\n    uses: dell/common-github-actions/.github/workflows/operator-version-update.yaml@main\n    name: Operator version update\n    with:\n      latest-version: ${{ inputs.latest-version }}\n      existing-version: ${{ inputs.existing-version }}\n      csm-version: ${{ inputs.csm-version }}\n    secrets: inherit\n```\n\n## sidecar-version-update\n\nThis workflow updates csm-operator repository with latest versions of the sidecars.\n\nThis workflow accepts total eight parameters as input to the workflow -\n(attacher,provisioner,snapshotter,resizer,registrar,external_heath_monitor,metadata_retriever,sdcmonitor).\nBelow is the example usage in csm-operator repository.\n\nIt expects a script to be present in the csm-operator repository \".github/scripts/sidecar-version-update.sh\".\n\nWorkflow needs to be triggered manually from csm-operator repository. Below is the example usage in csm-operator repository.\n\n```yaml\nname: Update sidecar version\n# reusable workflow\non:  # yamllint disable-line rule:truthy\n  workflow_call:\n  workflow_dispatch:\n    inputs:\n      attacher:\n        description: 'csi-attacher version, ex: v4.8.0'\n        required: true\n      provisioner:\n        description: 'csi-provisioner version, ex: v5.1.0'\n        required: true\n      snapshotter:\n        description: 'csi-snapshotter version, ex: v8.2.0'\n        required: true\n      resizer:\n        description: 'csi-resizer version, ex: v1.13.1'\n        required: true\n      registrar:\n        description: 'csi-node-driver-registrar version, ex: v2.13.0'\n        required: true\n      health-monitor:\n        description: 'csi-external-health-monitor-controller version, ex: v0.14.0'\n        required: true\n      metadata-retriever:\n        description: 'csi-metadata-retriever version, ex: v1.8.0'\n        required: true\n      sdcmonitor:\n        description: 'sdc version, ex: 4.5.1'\n        required: true\njobs:\n  version-update:\n    uses: dell/common-github-actions/.github/workflows/sidecar-version-update.yaml@main\n    name: Sidecar version update\n    with:\n      attacher: ${{ inputs.attacher }}\n      snapshotter: ${{ inputs.snapshotter }}\n      provisioner: ${{ inputs.provisioner }}\n      registrar: ${{ inputs.registrar }}\n      health-monitor: ${{ inputs.health-monitor }}\n      metadata-retriever: ${{ inputs.metadata-retriever }}\n      resizer: ${{ inputs.resizer }}\n      sdcmonitor: ${{ inputs.sdcmonitor }}\n    secrets: inherit\n```\n\n## operator-module-version-update\n\nThis workflow updates csm-operator repository with latest versions of the modules.\n\nThe workflow accepts two parameters as input:\n(CSM program version and update flag).\n\n1. update flag = \"nightly\"\n   - This has to be triggered in the beginning of the release.\n   - This updates all modules configVersions and all the required version updates.\n   - Updates images to \"nightly\" for templates and detailed samples.\n\n2. update flag = \"tag\"\n   - This has to be triggered towards the content lock.\n   - This flag simply updates \"nightly\" updated images in step-1 to actual release tag version.\n\nBelow is the example usage in csm-operator repository.\n\nIt expects a script to be present in the csm-operator repository \".github/scripts/module-version-update.sh\".\n\nMake sure to update all the latest versions before you trigger this workflow  \u003chttps://github.com/dell/csm/blob/main/config/csm-versions.yaml\u003e  \nWorkflow needs to be triggered manually from csm-operator repository. Below is the example usage in csm-operator repository.\n\nExample:\n\n1. Beginning of the release\n   - CSM program version = v1.14.0\n   - update flag = \"nightly\"\n\n2. At the content lock\n   - CSM program version = v1.14.0\n   - update flag = \"tag\"\n\n```yaml\nname: Update module versions in CSM-Operator\n# reusable workflow\non:  # yamllint disable-line rule:truthy\n  workflow_call:\n  workflow_dispatch:\n    inputs:\n      csm-version:\n        description: 'CSM program version, ex: v1.12.0, v1.13.0, ...'\n        required: true\n      update-option:\n        description: 'Select the update flag, ex. \"nightly\" or \"tag\"'\n        required: true\n        type: choice\n        options:\n          - nightly\n          - tag\njobs:\n  version-update:\n    uses: dell/common-github-actions/.github/workflows/operator-module-version-update.yaml@main\n    name: Module version update\n    with:\n      csm-version: ${{ inputs.csm-version }}\n      update-option: ${{ inputs.update-option}}\n    secrets: inherit\n```\n\n## Operator Driver Version Update\n\nThis workflow updates csm-operator repository with latest versions of the drivers.\n\nThe workflow accepts two parameters as input:\n(CSM program version and update flag).\n\n1. update flag = \"nightly\"\n   - This has to be triggered in the beginning of the release.\n   - This updates all driver configVersions and all the required version updates.\n   - Updates images to \"nightly\" for templates and detailed samples.\n\n2. update flag = \"tag\"\n   - This has to be triggered towards the content lock.\n   - This flag simply updates \"nightly\" updated images in step-1 to actual release tag version.\n\nBelow is the example usage in csm-operator repository.\n\nIt expects a script to be present in the csm-operator repository \".github/scripts/driver-version-update.sh\".\n\nMake sure to update all the latest versions before you trigger this workflow \u003chttps://github.com/dell/csm/blob/main/config/csm-versions.yaml\u003e  \nWorkflow needs to be triggered manually from csm-operator repository. Below is the example usage in csm-operator repository.\n\nExample:\n\n1. Beginning of the release\n   - CSM program version = v1.14.0\n   - update flag = \"nightly\"\n\n2. At the content lock\n   - CSM program version = v1.14.0\n   - update flag = \"tag\"\n\n```yaml\nname: Update driver versions in CSM-Operator\n# reusable workflow\non:  # yamllint disable-line rule:truthy\n  workflow_call:\n  workflow_dispatch:\n    inputs:\n      csm-version:\n        description: 'CSM program version, ex: v1.12.0, v1.13.0, ...'\n        required: true\n      update-option:\n        description: 'Select the update flag, ex. \"nightly\" or \"tag\"'\n        required: true\n        type: choice\n        options:\n          - nightly\n          - tag\njobs:\n  version-update:\n    uses: dell/common-github-actions/.github/workflows/operator-driver-version-update.yaml@main\n    name: CSM Operator Driver Version Update\n    with:\n      csm-version: ${{ inputs.csm-version }}\n      update-option: ${{ inputs.update-option}}\n    secrets: inherit\n```\n\n## Support\n\nDon’t hesitate to ask! Contact the team and community on [our support](./docs/SUPPORT.md).\nOpen an issue if you found a bug on [Github Issues](https://github.com/dell/common-github-actions/issues).\n\n## Versioning\n\nThis project is adhering to [Semantic Versioning](https://semver.org/).\n\n## About\n\nThe GitHub Actions implemented in this repo are 100% open source and community-driven.\nAll components are available\nunder [Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0.html) on GitHub.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdell%2Fcommon-github-actions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdell%2Fcommon-github-actions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdell%2Fcommon-github-actions/lists"}