From 01dde69cb802471b3562bd6b3c9df795ee58203a Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 29 Apr 2025 11:23:25 -0700 Subject: [PATCH 1/8] feat(doctool): Add support for doctool taking screenshots. --- .github/workflows/generate-readme.yml | 38 +++++++++++- .github/workflows/starter.yml | 88 +++++++++++++++++++-------- 2 files changed, 97 insertions(+), 29 deletions(-) diff --git a/.github/workflows/generate-readme.yml b/.github/workflows/generate-readme.yml index 73c40a0..5a856d9 100644 --- a/.github/workflows/generate-readme.yml +++ b/.github/workflows/generate-readme.yml @@ -2,9 +2,34 @@ name: Generate README from templates and data files using doctool on: workflow_call: secrets: - token: + token: description: 'Secret token from caller workflow to approve readme' required: true + entra_username: + description: 'Entra username for authentication' + required: true + entra_password: + description: 'Entra password for authentication' + required: false + command_client_id: + description: 'Command client ID for API authentication' + required: false + command_client_secret: + description: 'Command client secret for API authentication' + required: false + inputs: + command_token_url: + type: string + description: 'URL for obtaining command tokens' + required: false + command_hostname: + type: string + description: 'Command hostname for API endpoints' + required: false + command_base_api_path: + type: string + description: 'Base API path for the Command API' + required: false permissions: contents: write @@ -20,8 +45,17 @@ jobs: path: doctool token: ${{ secrets.token }} - - name: Launch local doctool + - name: Launch local doctool uses: ./doctool id: launch-doctool with: token: ${{ secrets.token }} + entra_username: ${{ secrets.ENTRA_USERNAME }} + entra_password: ${{ secrets.ENTRA_PASSWORD }} + command_client_id: ${{ secrets.COMMAND_CLIENT_ID }} + command_client_secret: ${{ secrets.COMMAND_CLIENT_SECRET }} + command_token_url: ${{ inputs.command_token_url }} + command_hostname: ${{ inputs.command_hostname }} + command_base_api_path: ${{ inputs.command_base_api_path }} + + diff --git a/.github/workflows/starter.yml b/.github/workflows/starter.yml index d73a836..b54e415 100644 --- a/.github/workflows/starter.yml +++ b/.github/workflows/starter.yml @@ -5,11 +5,11 @@ on: token: description: 'GitHub token' required: true -## This secret 'APPROVE_README_PUSH' is not used. -## Remove when the v3 bootstrap has been updated + ## This secret 'APPROVE_README_PUSH' is not used. + ## Remove when the v3 bootstrap has been updated APPROVE_README_PUSH: description: 'Token to add-and-commit generated readme' - required: true + required: true gpg_key: description: 'GPG Private Key' required: true @@ -25,6 +25,32 @@ on: scan_token: description: 'Polaris token' required: false + entra_username: + description: 'Entra username for authentication' + required: true + entra_password: + description: 'Entra password for authentication' + required: false + command_client_id: + description: 'Command client ID for API authentication' + required: false + command_client_secret: + description: 'Command client secret for API authentication' + required: false + inputs: + command_token_url: + type: string + description: 'URL for obtaining command tokens' + required: false + command_hostname: + type: string + description: 'Command hostname for API endpoints' + required: false + command_base_api_path: + type: string + description: 'Base API path for the Command API' + required: false + jobs: @@ -78,74 +104,82 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Create an array from platform_list input # id: vars - run: + run: echo "platform_matrix=`cat integration-manifest.json | jq '.platform_matrix'`" | tee -a $GITHUB_OUTPUT | tee -a $GITHUB_STEP_SUMMARY call-create-github-release-workflow: uses: Keyfactor/actions/.github/workflows/github-release.yml@v3 call-dotnet-build-and-release-workflow: - needs: [call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow] + needs: [ call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow ] if: needs.call-get-primary-language.outputs.primary_language == 'C#' uses: keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@v3 with: release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }} release_dir: ${{ needs.call-assign-from-json-workflow.outputs.release_dir }} - integration_type: ${{ needs.call-assign-from-json-workflow.outputs.integration_type }} - secrets: + integration_type: ${{ needs.call-assign-from-json-workflow.outputs.integration_type }} + secrets: token: ${{ secrets.token }} call-go-build-and-release-workflow: - needs: [call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow,call-goreleaser-exists] - if: needs.call-get-primary-language.outputs.primary_language == 'Go' && needs.call-goreleaser-exists.outputs.goreleaser-exists == 'true' + needs: [ call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow,call-goreleaser-exists ] + if: needs.call-get-primary-language.outputs.primary_language == 'Go' && needs.call-goreleaser-exists.outputs.goreleaser-exists == 'true' uses: keyfactor/actions/.github/workflows/go-build-and-release.yml@v3 - with: + with: release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} - secrets: + secrets: token: ${{ secrets.GITHUB_TOKEN }} gpg_key: ${{ secrets.gpg_key }} gpg_pass: ${{ secrets.gpg_pass }} call-container-build-and-release-workflow: - needs: [call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow,call-goreleaser-exists,setup_platforms] + needs: [ call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow,call-goreleaser-exists,setup_platforms ] if: needs.call-get-primary-language.outputs.primary_language == 'Go' && needs.call-goreleaser-exists.outputs.goreleaser-exists == 'false' uses: keyfactor/actions/.github/workflows/container-build-and-release.yml@v3 - with: + with: release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} platform_list: ${{ fromJson(needs.setup_platforms.outputs.platform_matrix) }} - secrets: + secrets: docker-user: ${{ secrets.docker-user }} docker-token: ${{ secrets.docker-token }} call-maven-build-and-release-workflow: - needs: [call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow] + needs: [ call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow ] if: needs.call-get-primary-language.outputs.primary_language == 'Java' uses: keyfactor/actions/.github/workflows/maven-build-and-release.yml@v3 with: release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }} release_dir: ${{ needs.call-assign-from-json-workflow.outputs.release_dir }} - secrets: + secrets: token: ${{ secrets.token }} call-generate-readme-workflow: if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' - uses: Keyfactor/actions/.github/workflows/generate-readme.yml@v3 + uses: Keyfactor/actions/.github/workflows/generate-readme.yml@screenshots + with: + command_token_url: ${{ vars.COMMAND_TOKEN_URL }} + command_hostname: ${{ vars.COMMAND_HOSTNAME }} + command_base_api_path: ${{ vars.COMMAND_API_PATH }} secrets: token: ${{ secrets.token }} + entra_username: ${{ secrets.ENTRA_USERNAME }} + entra_password: ${{ secrets.ENTRA_PASSWORD }} + command_client_id: ${{ secrets.COMMAND_CLIENT_ID }} + command_client_secret: ${{ secrets.COMMAND_CLIENT_SECRET }} call-update-catalog-workflow: needs: call-assign-from-json-workflow if: needs.call-assign-from-json-workflow.outputs.update_catalog == 'true' && github.ref_name == 'main' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') uses: Keyfactor/actions/.github/workflows/update-catalog.yml@v3 - secrets: + secrets: token: ${{ secrets.token }} call-repository-configuration-workflow: if: github.event_name == 'create' && startsWith(github.ref, 'refs/heads/release-') uses: Keyfactor/actions/.github/workflows/kf-configure-repo.yml@v3 - secrets: + secrets: token: ${{ secrets.token }} call-polaris-scan-workflow: @@ -157,11 +191,11 @@ jobs: token: ${{ secrets.scan_token }} call-post-release-workflow: - needs: [call-assign-from-json-workflow, call-create-github-release-workflow] - if: needs.call-create-github-release-workflow.outputs.IS_FULL_RELEASE == 'True' - uses: Keyfactor/actions/.github/workflows/kf-post-release.yml@v3 - secrets: - token: ${{ secrets.token }} - with: - branchname: ${{ github.event.pull_request.base.ref }} - release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} + needs: [ call-assign-from-json-workflow, call-create-github-release-workflow ] + if: needs.call-create-github-release-workflow.outputs.IS_FULL_RELEASE == 'True' + uses: Keyfactor/actions/.github/workflows/kf-post-release.yml@v3 + secrets: + token: ${{ secrets.token }} + with: + branchname: ${{ github.event.pull_request.base.ref }} + release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} \ No newline at end of file From bc54ecf939ddbdd0ae6e16021689fed27d5d6d18 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Mon, 7 Jul 2025 10:17:09 -0700 Subject: [PATCH 2/8] fix(workflow): `generate-readme` to launch doctool w/ var and secret refs rather than inputs. --- .github/workflows/generate-readme.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/generate-readme.yml b/.github/workflows/generate-readme.yml index 5a856d9..b3095f7 100644 --- a/.github/workflows/generate-readme.yml +++ b/.github/workflows/generate-readme.yml @@ -50,12 +50,12 @@ jobs: id: launch-doctool with: token: ${{ secrets.token }} - entra_username: ${{ secrets.ENTRA_USERNAME }} - entra_password: ${{ secrets.ENTRA_PASSWORD }} - command_client_id: ${{ secrets.COMMAND_CLIENT_ID }} - command_client_secret: ${{ secrets.COMMAND_CLIENT_SECRET }} - command_token_url: ${{ inputs.command_token_url }} - command_hostname: ${{ inputs.command_hostname }} - command_base_api_path: ${{ inputs.command_base_api_path }} + entra_username: ${{ secrets.DOCTOOL_ENTRA_USERNAME }} + entra_password: ${{ secrets.DOCTOOL_ENTRA_PASSWD }} + command_client_id: ${{ secrets.DOCTOOL_COMMAND_CLIENT_ID }} + command_client_secret: ${{ secrets.DOCTOOL_COMMAND_CLIENT_SECRET }} + command_token_url: ${{ vars.DOCTOOL_COMMAND_TOKEN_URL }} + command_hostname: ${{ vars.DOCTOOL_COMMAND_HOSTNAME }} + command_base_api_path: ${{ vars.DOCTOOL_COMMAND_BASE_API_PATH }} From 409d382740ab9d27283f0154fbeecded2e1d8f2d Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Mon, 7 Jul 2025 10:22:07 -0700 Subject: [PATCH 3/8] fix(workflow): `generate-readme` to launch doctool w/ var and secret refs rather than inputs. --- .github/workflows/generate-readme.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/generate-readme.yml b/.github/workflows/generate-readme.yml index b3095f7..76d0a12 100644 --- a/.github/workflows/generate-readme.yml +++ b/.github/workflows/generate-readme.yml @@ -50,10 +50,10 @@ jobs: id: launch-doctool with: token: ${{ secrets.token }} - entra_username: ${{ secrets.DOCTOOL_ENTRA_USERNAME }} - entra_password: ${{ secrets.DOCTOOL_ENTRA_PASSWD }} - command_client_id: ${{ secrets.DOCTOOL_COMMAND_CLIENT_ID }} - command_client_secret: ${{ secrets.DOCTOOL_COMMAND_CLIENT_SECRET }} + entra_username: ${{ secrets.entra_username }} + entra_password: ${{ secrets.entra_password }} + command_client_id: ${{ secrets.command_client_id }} + command_client_secret: ${{ secrets.command_client_secret }} command_token_url: ${{ vars.DOCTOOL_COMMAND_TOKEN_URL }} command_hostname: ${{ vars.DOCTOOL_COMMAND_HOSTNAME }} command_base_api_path: ${{ vars.DOCTOOL_COMMAND_BASE_API_PATH }} From 4a061e5a5e6da9a3d0ec8ba9d89db5713d9d3ca9 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Mon, 7 Jul 2025 10:24:21 -0700 Subject: [PATCH 4/8] fix(workflow): `generate-readme` to launch doctool w/ var and secret refs rather than inputs. --- .github/workflows/generate-readme.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/generate-readme.yml b/.github/workflows/generate-readme.yml index 76d0a12..78aed04 100644 --- a/.github/workflows/generate-readme.yml +++ b/.github/workflows/generate-readme.yml @@ -50,10 +50,10 @@ jobs: id: launch-doctool with: token: ${{ secrets.token }} - entra_username: ${{ secrets.entra_username }} - entra_password: ${{ secrets.entra_password }} - command_client_id: ${{ secrets.command_client_id }} - command_client_secret: ${{ secrets.command_client_secret }} + entra_username: ${{ secrets.ENTRA_USERNAME }} + entra_password: ${{ secrets.ENTRA_PASSWORD }} + command_client_id: ${{ secrets.COMMAND_CLIENT_ID }} + command_client_secret: ${{ secrets.COMMAND_CLIENT_SECRET }} command_token_url: ${{ vars.DOCTOOL_COMMAND_TOKEN_URL }} command_hostname: ${{ vars.DOCTOOL_COMMAND_HOSTNAME }} command_base_api_path: ${{ vars.DOCTOOL_COMMAND_BASE_API_PATH }} From a5cef100cc97026f8663a84266db709eb941c2e7 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Mon, 7 Jul 2025 10:32:43 -0700 Subject: [PATCH 5/8] fix(workflow): `generate-readme` to launch doctool w/ var and secret refs rather than inputs. --- .github/workflows/generate-readme.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/.github/workflows/generate-readme.yml b/.github/workflows/generate-readme.yml index 78aed04..39a8f76 100644 --- a/.github/workflows/generate-readme.yml +++ b/.github/workflows/generate-readme.yml @@ -45,6 +45,23 @@ jobs: path: doctool token: ${{ secrets.token }} + - name: Show Inputs + run: | + echo "Command Token URL: ${{ inputs.command_token_url }}" + echo "Command Hostname: ${{ inputs.command_hostname }}" + echo "Command Base API Path: ${{ inputs.command_base_api_path }}" + echo "Entra Username: ${{ secrets.entra_username }}" + echo "Entra Password: ${{ secrets.entra_password }}" + echo "Command Client ID: ${{ secrets.command_client_id }}" + echo "Command Client Secret: ${{ secrets.command_client_secret }}" + + - name: Set environment variables + run: | + echo "DOCTOOL_COMMAND_TOKEN_URL=${{ inputs.command_token_url }}" >> $GITHUB_ENV + echo "DOCTOOL_COMMAND_HOSTNAME=${{ inputs.command_hostname }}" >> $GITHUB_ENV + echo "DOCTOOL_COMMAND_BASE_API_PATH=${{ inputs.command_base_api_path }}" >> $GITHUB_ENV + + - name: Launch local doctool uses: ./doctool id: launch-doctool From f730fdb85490114c8a254f33f7ad5f377c2ff8bf Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Mon, 7 Jul 2025 10:37:08 -0700 Subject: [PATCH 6/8] fix(workflow): `generate-readme` to launch doctool w/ var and secret refs rather than inputs. --- .github/workflows/generate-readme.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/generate-readme.yml b/.github/workflows/generate-readme.yml index 39a8f76..32a79c2 100644 --- a/.github/workflows/generate-readme.yml +++ b/.github/workflows/generate-readme.yml @@ -67,10 +67,10 @@ jobs: id: launch-doctool with: token: ${{ secrets.token }} - entra_username: ${{ secrets.ENTRA_USERNAME }} - entra_password: ${{ secrets.ENTRA_PASSWORD }} - command_client_id: ${{ secrets.COMMAND_CLIENT_ID }} - command_client_secret: ${{ secrets.COMMAND_CLIENT_SECRET }} + entra_username: ${{ secrets.entra_username }} + entra_password: ${{ secrets.entra_password }} + command_client_id: ${{ secrets.command_client_id }} + command_client_secret: ${{ secrets.command_client_secret }} command_token_url: ${{ vars.DOCTOOL_COMMAND_TOKEN_URL }} command_hostname: ${{ vars.DOCTOOL_COMMAND_HOSTNAME }} command_base_api_path: ${{ vars.DOCTOOL_COMMAND_BASE_API_PATH }} From 6c5828078541994a1a91ae96347342a43abb274c Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Mon, 7 Jul 2025 11:03:57 -0700 Subject: [PATCH 7/8] fix(workflow): Remove input outputs --- .github/workflows/generate-readme.yml | 25 ++++--------------------- 1 file changed, 4 insertions(+), 21 deletions(-) diff --git a/.github/workflows/generate-readme.yml b/.github/workflows/generate-readme.yml index 32a79c2..ce2774a 100644 --- a/.github/workflows/generate-readme.yml +++ b/.github/workflows/generate-readme.yml @@ -7,7 +7,7 @@ on: required: true entra_username: description: 'Entra username for authentication' - required: true + required: false entra_password: description: 'Entra password for authentication' required: false @@ -45,23 +45,6 @@ jobs: path: doctool token: ${{ secrets.token }} - - name: Show Inputs - run: | - echo "Command Token URL: ${{ inputs.command_token_url }}" - echo "Command Hostname: ${{ inputs.command_hostname }}" - echo "Command Base API Path: ${{ inputs.command_base_api_path }}" - echo "Entra Username: ${{ secrets.entra_username }}" - echo "Entra Password: ${{ secrets.entra_password }}" - echo "Command Client ID: ${{ secrets.command_client_id }}" - echo "Command Client Secret: ${{ secrets.command_client_secret }}" - - - name: Set environment variables - run: | - echo "DOCTOOL_COMMAND_TOKEN_URL=${{ inputs.command_token_url }}" >> $GITHUB_ENV - echo "DOCTOOL_COMMAND_HOSTNAME=${{ inputs.command_hostname }}" >> $GITHUB_ENV - echo "DOCTOOL_COMMAND_BASE_API_PATH=${{ inputs.command_base_api_path }}" >> $GITHUB_ENV - - - name: Launch local doctool uses: ./doctool id: launch-doctool @@ -71,8 +54,8 @@ jobs: entra_password: ${{ secrets.entra_password }} command_client_id: ${{ secrets.command_client_id }} command_client_secret: ${{ secrets.command_client_secret }} - command_token_url: ${{ vars.DOCTOOL_COMMAND_TOKEN_URL }} - command_hostname: ${{ vars.DOCTOOL_COMMAND_HOSTNAME }} - command_base_api_path: ${{ vars.DOCTOOL_COMMAND_BASE_API_PATH }} + command_token_url: ${{ inputs.command_token_url }} + command_hostname: ${{ inputs.command_hostname }} + command_base_api_path: ${{ inputs.command_token_url }} From ac58e8bbcf735c56958b9a6ba0b06ad78540a8d7 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Mon, 7 Jul 2025 12:12:54 -0700 Subject: [PATCH 8/8] revert --- .github/workflows/generate-readme.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/generate-readme.yml b/.github/workflows/generate-readme.yml index ce2774a..f9d7374 100644 --- a/.github/workflows/generate-readme.yml +++ b/.github/workflows/generate-readme.yml @@ -54,8 +54,8 @@ jobs: entra_password: ${{ secrets.entra_password }} command_client_id: ${{ secrets.command_client_id }} command_client_secret: ${{ secrets.command_client_secret }} - command_token_url: ${{ inputs.command_token_url }} - command_hostname: ${{ inputs.command_hostname }} - command_base_api_path: ${{ inputs.command_token_url }} + command_token_url: ${{ vars.DOCTOOL_COMMAND_TOKEN_URL }} + command_hostname: ${{ vars.DOCTOOL_COMMAND_HOSTNAME }} + command_base_api_path: ${{ vars.DOCTOOL_COMMAND_BASE_API_PATH }}