{"id":19705171,"url":"https://github.com/linux-system-roles/.github","last_synced_at":"2025-04-29T15:30:28.429Z","repository":{"id":55616618,"uuid":"320092621","full_name":"linux-system-roles/.github","owner":"linux-system-roles","description":"Common github actions for the linux-system-roles organization","archived":false,"fork":false,"pushed_at":"2024-10-20T18:17:12.000Z","size":126,"stargazers_count":1,"open_issues_count":3,"forks_count":8,"subscribers_count":7,"default_branch":"main","last_synced_at":"2024-10-20T22:21:58.451Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/linux-system-roles.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-09T22:13:42.000Z","updated_at":"2024-10-16T12:00:41.000Z","dependencies_parsed_at":"2023-12-08T15:22:46.699Z","dependency_job_id":"4fd1245e-1d5d-437c-b4db-1a9ee9dca144","html_url":"https://github.com/linux-system-roles/.github","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/linux-system-roles%2F.github","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/linux-system-roles%2F.github/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/linux-system-roles%2F.github/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/linux-system-roles%2F.github/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/linux-system-roles","download_url":"https://codeload.github.com/linux-system-roles/.github/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224178032,"owners_count":17268785,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-11T21:26:41.073Z","updated_at":"2024-11-11T21:26:41.563Z","avatar_url":"https://github.com/linux-system-roles.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":".github - common file and configuration management for system roles\n===================================================================\n\nThe configuration source for linux-system-roles repositories.  This uses Ansible\nto manage configuration, github actions, and other common files used by\nrepositories in the linux-system-roles organization.  This allows org admins to\neasily rollout updates to all repos.\n\nFile structure\n--------------\n\nThe structure of the files/directories under `playbooks/files` and\n`playbooks/templates` should match exactly the name and location of the\nfiles/directories in the role repositories.  For example,\n`playbooks/templates/.ansible-lint` corresponds to the `.ansible-lint` file in\nthe root directory of the role repositories.\n`playbooks/.github/workflows/weekly_ci.yml` corresponds to the file\n`.github/workflows/weekly_ci.yml` in the role repositories.\n\nThe file `inventory.yml` is the list of all roles and contains the groups\n`active_roles` for all of the actively maintained and supported roles, and the\ngroup `python_roles` for the roles that provide Ansible python plugins such as\nmodules, filters, etc.\n\nThe file `inventory/group_vars/active_roles.yml` is used for settings common to\nall roles.\n\nThe file `inventory/group_vars/python_roles.yml` is used for settings common to\nall roles that have python modules, filters, and other Ansible plugin python\ncode.\n\nThe file `inventory/host_vars/$ROLENAME.yml` is used for settings that are\nspecific to that role.  Some examples:\n\n* The scheduled time for a github action\n* .ansible-lint or .yamllint.yml customizations\n\nAdd a new role\n--------------\n\n* Edit inventory.yml\n* Add the role in alphabetical order to the `all.hosts` section:\n\n```yaml\nall:\n  hosts:\n    ...\n    postgresql:\n      ansible_host: localhost\n    quite_a_good_new_role:\n      ansible_host: localhost\n    rhc:\n      ansible_host: localhost\n```\n\n* Add the role to the `active_roles.hosts` section:\n\n```yaml\n        postgresql:\n        quite_a_good_new_role:\n        rhc:\n```\n\n* If the role has python modules or filters or other plugins,\n  add to the `python_roles.hosts` section:\n\n```yaml\n        network:\n        quite_a_good_new_role:\n        selinux:\n```\n\n* Add the new file `inventory/host_vars/$ROLENAME.yml` - add any customizations\n  for the github actions weekly_ci, ansible_lint, etc.\n\nAdd a new config or github action file\n--------------------------------------\n\n* Add the file under `playbooks/files` or `playbooks/templates`\n\nAdd the file according to the location in the role repository under\n`playbooks/files` or `playbooks/templates`.  If the file is static, and needs no\nper-role configuration (such as a github action cron schedule), then add under\n`playbooks/files`.\n\nNOTE: github action files will almost always be templates, due to the checkout\naction being template-ized.\n\n* Add the file to the appropriate list in\n  `inventory/group_vars/active_roles.yml` or\n  `inventory/group_vars/python_roles.yml`\n\n`present_templates` are files that should be present in all roles that are\ngenerated by templates.\n`present_files` are files that should be present in all roles that are static.\n`absent_files` are files that should be removed from all roles.\n`present_python_templates` are files that should be present in roles that\nprovide Ansible python code that are generated by templates.\n`present_python_files` are files that should be present in roles that provide\nAnsible python code that are static.\n`absent_python_files` are files that should be removed from roles that provide\nAnsible python code.\n\nPreparing for using the automation\n----------------------------------\n\nThis uses the [gh](https://cli.github.com/) command line tool provided by the\n`gh` package on Fedora.\nTo configure Github tools to run the automation, complete the following steps:\n\n* Configure `gh` to authenticate to github using `~/.config/gh/hosts.yml`:\n\n    ```yaml\n    github.com:\n      user: my_user_name\n      oauth_token: my_oauth_token\n      git_protocol: ssh\n    ```\n\n    Or by running interactive `gh auth login`.\n\n* Configure credentials caching by running:\n\n    ```\n    $ git config --global credential.helper cache\n    ```\n\n    The next time GitHub asks you to log in, use your username and auth token.\n\nCreating PRs in every role with updated files\n---------------------------------------------\n\nThe playbook `playbooks/update_files.yml` will create PRs in all roles with the\nnew/updated/deleted files.\nIf you just want to see what the playbook will do without actually creating\nanything on github, add `-e lsr_dry_run=true` to the ansible-playbook command.\n\n### Parameters\n\n* `update_files_commit_file` - REQUIRED, no default - This is the path to the\n  file containing the git commit message to use for the commit, and will also be\n  used as the PR title and body.  Please use good practices for creating the\n  commit message as described in\n  [Contributing](https://linux-system-roles.github.io/contribute.html) under\n  \"Write a good commit message\".\n* `update_files_branch` - default \"update_role_files\" - this is the name of the\n  git branch that will be used for the PR.  You probably don't want to change\n  this unless you have some conflict.\n* `lsr_dry_run` - default `true` - use `false` to actually push and create PRs\n* `test_dir` - default none - if you specify this, the playbook will checkout\n  the role directories under this directory - by default, the playbook will\n  create and remove a tmpdir\n* `exclude_roles` - default none - you can specify a comma-delimited list of\n  roles to exclude from processing.  This is useful when you want to update\n  all roles *except* the given roles.\n* `include_roles` - default none - you can specify a comma-delimited list of\n  roles to include in processing, and all other roles will be excluded.  This\n  is useful when you want to update *only* the given roles, and exclude the\n  rest.  NOTE: `include_roles` currently only works with 1 role at a time.\n  You cannot currently specify a list of roles.\n\n### Run it\n\nRun it like this:\n\n```\nansible-playbook -vv -i inventory -e lsr_dry_run=false \\\n  -e update_files_branch=my_update_branch -e exclude_roles=nbde_client \\\n  -e test_dir=/var/tmp/lsr \\\n  -e update_files_commit_file=/path/to/git-commit-msg playbooks/update_files.yml\n```\n\n### How it works\n\n* A temp directory is created if `test_dir` is not specified\n* All of the roles are cloned into that directory, except for the roles\n  listed in `exclude_roles`\n* Figure out the name of the main branch\n* If the branch `update_files_branch` does not exist, it is\n  created from the main branch\n* If the branch `update_files_branch` already exists, it will\n  be rebased on top of the main branch\n* Add/update/remove the files to be managed in each role\n* If there are no updates to be done, just exit\n* Create a git commit using `update_files_commit_file` for the message\n* Push the commit to `update_files_branch` in `github.com/linux-system-roles/$ROLE`\n  If the branch already exists, it will be pushed with `git push -f`\n* Create the PR if it doesn't already exist\n* Wait for review feedback\n\nNOTE: This process may create multiple commits if you need to make edits to an\nexisting PR.  Use the `Squash commits and merge` functionality in the github PR\nto merge.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flinux-system-roles%2F.github","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flinux-system-roles%2F.github","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flinux-system-roles%2F.github/lists"}