Skip to content

Commit fd54983

Browse files
MrSteve81MrSteve81
committed
Add Badge Updater For Private
Signed-off-by: Stephen Williams <stephenw@mindpointgroup.com>
1 parent ff350fc commit fd54983

3 files changed

Lines changed: 128 additions & 131 deletions

File tree

.github/workflows/export-badges-private.yml

Lines changed: 128 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,128 @@
1+
---
2+
3+
name: export-badges-private
4+
5+
on:
6+
workflow_call:
7+
inputs:
8+
repo_name:
9+
required: true
10+
type: string
11+
secrets:
12+
BADGE_PUSH_TOKEN:
13+
required: true
14+
15+
jobs:
16+
export:
17+
if: github.event_name == 'workflow_dispatch' || github.ref_name == 'latest'
18+
runs-on: ubuntu-latest
19+
20+
steps:
21+
- name: Create output directory
22+
run: mkdir -p output/badges/${{ inputs.repo_name }}
23+
24+
- name: Generate badge JSON files
25+
env:
26+
GH_TOKEN: ${{ secrets.BADGE_PUSH_TOKEN }}
27+
run: |
28+
OUT_DIR=output/badges/${{ inputs.repo_name }}
29+
30+
# Release branch badge
31+
default_branch=$(gh repo view ansible-lockdown/${{ inputs.repo_name }} --json defaultBranchRef --jq '.defaultBranchRef.name')
32+
echo '{ "schemaVersion": 1, "label": "Release Branch", "message": "'"$default_branch"'", "color": "brightgreen" }' > $OUT_DIR/release-branch.json
33+
34+
# Remediate pipeline badge
35+
status=$(gh run list -R ansible-lockdown/${{ inputs.repo_name }} --workflow="main_pipeline_validation.yml" --json status,conclusion --jq '.[0] | .status + ":" + .conclusion' || echo "unknown:unknown")
36+
if [[ "$status" == "completed:success" ]]; then
37+
color=green; msg=Passing
38+
elif [[ "$status" == "completed:failure" ]]; then
39+
color=red; msg=Failing
40+
else
41+
color=lightgrey; msg=Unknown
42+
fi
43+
echo '{ "schemaVersion": 1, "label": "Remediate Pipeline", "message": "'"$msg"'", "color": "brightgreen" }' > $OUT_DIR/remediate.json
44+
45+
# GPO pipeline badge
46+
status=$(gh run list -R ansible-lockdown/${{ inputs.repo_name }} --workflow="main_pipeline_validation_gpo.yml" --json status,conclusion --jq '.[0] | .status + ":" + .conclusion' || echo "unknown:unknown")
47+
if [[ "$status" == "completed:success" ]]; then
48+
color=green; msg=Passing
49+
elif [[ "$status" == "completed:failure" ]]; then
50+
color=red; msg=Failing
51+
else
52+
color=lightgrey; msg=Unknown
53+
fi
54+
echo '{ "schemaVersion": 1, "label": "GPO Pipeline", "message": "'"$msg"'", "color": "brightgreen" }' > $OUT_DIR/gpo.json
55+
56+
# Pull requests
57+
prs=$(gh pr list -R ansible-lockdown/${{ inputs.repo_name }} --json number --jq 'length')
58+
echo '{ "schemaVersion": 1, "label": "Pull Requests", "message": "'"$prs"'", "color": "blue" }' > $OUT_DIR/prs.json
59+
60+
# Closed issues
61+
closed=$(gh issue list -R ansible-lockdown/${{ inputs.repo_name }} --state closed --json number --jq 'length')
62+
echo '{ "schemaVersion": 1, "label": "Closed Issues", "message": "'"$closed"'", "color": "success" }' > $OUT_DIR/issues-closed.json
63+
64+
# Benchmark version badge
65+
echo "Cloning latest branch of ${{ inputs.repo_name }} to extract version..."
66+
git clone --depth 1 --branch latest https://x-access-token:${{ secrets.BADGE_PUSH_TOKEN }}@github.com/ansible-lockdown/${{ inputs.repo_name }}.git tmp_repo
67+
cd tmp_repo
68+
69+
version=$(grep -Eo 'v[0-9]+\.[0-9]+\.[0-9]+' README.md | head -n1)
70+
if [ -z "$version" ]; then
71+
version=$(grep -Eo 'Version [0-9]+, Rel [0-9]+' README.md | head -n1)
72+
fi
73+
cd ..
74+
75+
if [ -z "$version" ]; then
76+
version="Unknown"
77+
fi
78+
79+
echo "Extracted Benchmark Version: $version"
80+
echo '{ "schemaVersion": 1, "label": "Benchmark Version", "message": "'"$version"'", "color": "orange" }' > $OUT_DIR/benchmark-version.json
81+
82+
- name: Add .nojekyll to prevent GitHub Pages filtering
83+
run: touch output/.nojekyll
84+
85+
- name: Clone and prepare badge folder
86+
run: |
87+
git config --global user.email "actions@github.com"
88+
git config --global user.name "GitHub Actions"
89+
90+
echo "Cloning self_hosted branch of github_windows_IaC..."
91+
git clone --branch self_hosted https://x-access-token:${{ secrets.BADGE_PUSH_TOKEN }}@github.com/ansible-lockdown/github_windows_IaC.git target
92+
93+
echo "Preparing badge directory: badges/${{ inputs.repo_name }}"
94+
mkdir -p target/badges/${{ inputs.repo_name }}
95+
96+
echo "Syncing badge files with rsync (only updated ones will be copied)..."
97+
if [ -d "output/badges/${{ inputs.repo_name }}" ]; then
98+
rsync -a --delete --checksum --itemize-changes output/badges/${{ inputs.repo_name }}/ target/badges/${{ inputs.repo_name }}/ | tee sync_log.txt
99+
else
100+
echo "Warning: No badge output found in output/badges/${{ inputs.repo_name }}"
101+
fi
102+
103+
echo "Files that were updated/copied/removed:"
104+
cat sync_log.txt || echo "No rsync output available"
105+
106+
echo "Final contents of target/badges/${{ inputs.repo_name }}:"
107+
ls -al target/badges/${{ inputs.repo_name }} || echo "Folder does not exist or is empty"
108+
109+
- name: Commit and push to self_hosted branch
110+
run: |
111+
cd target
112+
113+
echo "Running git status before commit:"
114+
git status
115+
116+
echo "Adding changes to staging:"
117+
git add badges/${{ inputs.repo_name }}
118+
119+
echo "Showing staged changes (git diff --cached):"
120+
git diff --cached || echo "No staged changes diff"
121+
122+
if git diff --cached --quiet; then
123+
echo "No changes detected – skipping commit."
124+
else
125+
echo "Changes detected – committing and pushing..."
126+
git commit -m "Update PRIVATE badges for ${{ inputs.repo_name }}"
127+
git push origin self_hosted
128+
fi

.github/workflows/export-badges-public.yml

Whitespace-only changes.

.github/workflows/export-badges.yml

Lines changed: 0 additions & 131 deletions
This file was deleted.

0 commit comments

Comments
 (0)