Skip to content

Latest commit

 

History

History
455 lines (362 loc) · 32.5 KB

README.md

File metadata and controls

455 lines (362 loc) · 32.5 KB

Repository Template

GitHub top language pre-commit Conventional Commits semantic-release

GitHub GitHub tag (latest SemVer) GitHub issues GitHub last commit pipeline status Latest Release

Highly automated, up-to-date, and well-documented repository template.

Checks for common problems, Markdown, YAML, Bash, formats, lints, and tests before committing or pushing so you don't have any surprises at CI or when releasing your code to GitLab and GitHub!

The project is under active development.

The Purpose

The purpose is to have a template repository and to have it well-manageable and well-maintainable by both human beings and automation tools.

The rationale behind this is that taking care of tens or hundreds of repositories while keeping them working, tidy, consistent, and up-to-date, might be a daunting task.

The way how to achieve the desired state of manageability and maintainability is to unify and automate workflow to allow frequent small changes for multiple projects at scale.

Objectives:

  • Simple and easy environment check and setup
  • Fast and unified code change contribution
  • Automated and reliable code change propagation (build, testing, integration, publication or deployment, and release)

Strategies and tactics to achieve objectives:

  1. Automate
  2. Automate
  3. Automate

Table of Contents

Features

Optimized for GitHub flow, easily adjustable to GitLab flow or any other workflow.

Example of the full workflow

  • Automated workflow using git hooks, and GitLab CI
  • Git commit scans committed codebase change, git push scans pushed codebase change, and GitLab CI scans the whole codebase, and the hooks are applied
  • Git commit (both regular and merge) is normalized, checked, and tested:
  • Git push is checked, and tested:
  • GitLab CI run is checked, and tested:
    • Lints the latest commit message (except release commits)
    • Runs hooks
    • Runs full test set on non-scheduled pipeline runs
    • Runs nightly test set on scheduled pipeline runs
    • Skip GitLab CI run if commit message contains [ci skip] or [skip ci], using any capitalization, or pass git push option ci.skip (git push -o ci.skip git >= 2.17, git push --push-option=ci.skip git >= 2.10)
  • Hooks could be skipped by setting SKIP variable to a comma-separated list of skipped hooks, for example, SKIP=forbid-new-submodules,gitlab-ci-linter git commit
  • Hooks could be run manually pre-commit run -a --hook-stage manual
  • When feat or fix commit is present, GitLab CI job release publishes release using semantic-release/semantic-release
    • When merged to the maintenance release branch (N.N.x or N.x.x or N.x with N being a number), publish maintenance release
    • When merged to next, next-major, beta, or alpha branch, publish pre-release release
    • When merged to the main branch publish release
  • Included scripts for your convenience in a fashion of The GitHub Blog: Scripts to Rule Them All
    • scripts/setup setups commit-msg, pre-commit, pre-merge-commit, and pre-push hooks
    • scripts/bootstrap installs dependencies
    • scripts/test runs tests, as arguments accepts test files or test sets (see *.bats or *.set files at the tests directory)
    • scripts/update updates used dependencies
  • EditorConfig

Releases

Example of a release workflow

Release branches must match regex ^(((0|[1-9]\d*)\.)(((0|[1-9]\d*|x)\.)?x)|main|next(-major)?|beta|alpha)$, see https://regex101.com/r/gH9dCG/2/.

When feat or fix commit is present in the merge (to be more precise since the last release tag) to main, next, next-major, beta, alpha, major.x, or major.minor.x branch, the publish release:

Hooks

Pre-commit is by default configured to run these hooks:

Tests

Tests are written using BATS - GitHub - bats-core/bats-core: Bash Automated Testing System, GitHub - bats-core/bats-support: Supporting library for Bats test helpers, GitHub - bats-core/bats-assert: Common assertions for Bats, and GitHub - bats-core/bats-file: Common filesystem assertions for Bats and organized in test sets.

Test Set

Test set is a simple text file format. Each line must begin or end without leading or trailing whitespace. Each line should contain included test sets (*.set), test files to be run (*.bats), comments starting with # as the first character on the line, or empty lines. File paths are relative to the test set file.

Example:

# Commented and empty lines are ignored

another.set

script1.bats
script2.bats
script3.bats

Templates

Images

Installation and Configuration

Local Environment

Clone the project with --recursive option, run scripts/bootstrap as root to install dependencies, scripts/setup for a complete setup, and adjust to Your needs. Make sure GL_TOKEN: GitLab Personal Access Token with scope api is present, otherwise gitlab-ci-linter is skipped. To load secrets you can use shell extension like direnv, encryption like SOPS, or secrets manager HashiCorp Vault, please make sure you won't commit your secrets.

Example:

git clone --recursive [email protected]:xebis/repository-template.git
cd repository-template
sudo scripts/bootstrap
scripts/setup

Run scripts/update from time to time to update repository dependencies.

GitLab Project

GitLab - GitHub Synchronization

To create working GitLab to GitHub repository synchronization:

  • Prepare GitHub token, let's call it GitLab GitHub Sync, with scopes:
    • repo (and repo:status, repo_deployment, public_repo, repo:invite, security_events)
    • workflow
    • write:packages (and read:packages)
    • delete:packages
  • Have or create a GitHub repository
  • Set up GitLab GitHub synchronization: Settings
    • Repository
      • Mirroring repositories, Expand
        • Add new mirror:
          • Git repository URL: https://[email protected]/org/repo.git, please replace user, org, and repo
          • Mirror direction: Push
          • Password: GitLab GitHub Sync token
          • Keep divergent refs: On or Off
          • Mirror only protected branches: On (in that case all release, maintenance, and pre-release branches should be set as protected, otherwise GitHub release would fail on non-existent branch) or Off

GitLab CI Settings

Set up release and GitLab CI Linter tokens as the GitLab group or the GitLab project variable:

  • GL_TOKEN: GitLab Personal Access Token with scopes api and write_repository.

    • If the variable is protected, GitLab CI job lint is skipped on non-protected branches.
  • GH_TOKEN: GitHub Personal Access Token with at least scopes repo for a private repository or public_repo for a public repository.

    • If the variable is protected, then releasing to GitHub works only from protected branches.
  • Settings

    • CI/CD
      • Variables, Expand
        • Add Variable:
          • Key: GL_TOKEN or GH_TOKEN
          • Value: token
          • Flags:
            • Protect variable: On (GitLab & GitHub Releases and GitLab CI Linter will work only on protected branches) or Off (insecure - accessible to anybody, who can create a commit in GitLab)

GitLab CI Nightly Pipeline

Set up the GitLab scheduled pipeline:

  • CI/CD
    • Schedules
      • New schedule
        • Fill and Save pipeline schedule

Usage

Simply fork the repository at GitLab or GitHub, delete all git tags, and tag the last commit to the desired starting version, e.g. v0.0.0. Clone the repository with --recursive option, run sudo scripts/bootstrap, scripts/setup, scripts/update, at .pre-commit-config.yaml replace gitlab-ci-linter project with your project, and enjoy!

  • git commit, or git merge runs checks on changed files and runs fast test set
  • git push runs checks on all files and runs reduced test set
  • GitLab push, merge request runs checks on all files and runs full test set
  • GitLab merge to main runs checks on all files, runs full test set, and publishes a new version release
  • GitLab schedule runs checks on all files, runs nightly test set
  • Run scripts/update manually from time to time to update repository dependencies

Usage Examples

For usage examples, you might take a look at:

Contributing

Please read CONTRIBUTING for details on our code of conduct, and the process for submitting merge requests to us.

Testing

  • Git hooks check a lot of things for you, including running automated tests scripts/test full

  • Make sure all scripts/*, git hooks, and GitLab pipelines work as expected, testing checklist:

  • scripts/* scripts - covered by unit tests tests/*

  • Local working directory

    • git commit runs pre-commit hook-type commit-msg and scripts/pre-commit
    • git merge
      • Fast-forward shouldn't run any hooks or scripts
      • Automatically resolved merge commit runs pre-commit hook-type commit-msg and scripts/pre-commit
      • Manually resolved merge commit runs pre-commit hook-type commit-msg and scripts/pre-commit
    • git push runs scripts/pre-push
    • pre-commit run -a --hook-stage manual runs all hooks and check-hooks-apply hook fails on check-symlinks and forbid-binary
  • GitLab CI

Test at Docker Container

To test your changes in a different environment, you might try to run a Docker container and test it from there.

Run a disposal Docker container:

  • sudo docker run -it --rm -v "$(pwd)":/repository-template alpine:latest
  • sudo docker run -it --rm -v "$(pwd)":/repository-template --entrypoint bash node:latest

In the container:

cd repository-template
# Set variables GL_TOKEN and GH_TOKEN when needed
# Put here commands from .gitlab-ci.yml job:before_script and job:script
# For example job test-full:
apk -U upgrade
apk add bats
bats tests
# Result is similar to:
# 1..1
# ok 1 dummy test

To-Do list

  • Fix workaround for pre-commit local hook shellcheck - shellcheck has duplicated parameters from .shellcheckrc, because these are not taken into account

Roadmap

  • Find a satisfactory way how to manage (list, install, update) dependencies across various distributions and package managers
  • Add jumanjihouse/pre-commit-hooks hook protect-first-parent
  • Speed up CI/CD by preparing a set of Docker images with pre-installed dependencies for each CI/CD stage, or by cache for apk, pip, and npm

Credits and Acknowledgments

Copyright and Licensing

Changelog and News

Notes and References

Dependencies

Recommendations

Suggestions

Further Reading