ci(actions): clean-up and update docs (#5)

moderneinc · Mar 3, 2022 · 4a8e96f · 4a8e96f
1 parent a602979
commit 4a8e96f
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 12 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -4,6 +4,6 @@ updates:
   - package-ecosystem: github-actions
     directory: /
     schedule:
-      interval: daily
+      interval: weekly
     commit-message:
       prefix: "chore(ci)"
diff --git a/.github/workflows/ci-gradle.yml b/.github/workflows/ci-gradle.yml
@@ -34,10 +34,12 @@ jobs:
         with:
           distribution: temurin
           java-version: 11
-      - uses: google-github-actions/setup-gcloud@v0.5.1
+      - uses: google-github-actions/auth@v0
         if: inputs.setup_google_cloud_auth
         with:
-          service_account_key: ${{ secrets.google_cloud_service_account_key }}
+          credentials_json: ${{ secrets.google_cloud_service_account_key }}
+      - uses: google-github-actions/[email protected]
+        if: inputs.setup_google_cloud_auth
       - name: build
         uses: gradle/gradle-build-action@v2
         with:

diff --git a/.github/workflows/dependency-check-gradle.yml b/.github/workflows/dependency-check-gradle.yml
@@ -19,6 +19,11 @@ on:
         type: boolean
         default: true
         required: false
+      slack_channel:
+        description: Slack channel to post notification in the event of failure.
+        type: string
+        default: vulnerability-alerts
+        required: false
     secrets:
       slack_bot_token:
         description: Access token for posting slack messages
@@ -55,12 +60,12 @@ jobs:
         with:
           name: dependency-check-report
           path: build/reports
-      - name: Post to vulnerability-alerts channel
+      - name: Send notification of failure to Slack
         if: failure() && inputs.notify_slack
         id: slack
         uses: slackapi/[email protected]
         with:
-          channel-id: 'vulnerability-alerts'
+          channel-id: ${{ inputs.slack_channel }}
           slack-message: "Dependency check vulnerability report for ${{ github.repository }}: ${{ job.status }}\n${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
         env:
           SLACK_BOT_TOKEN: ${{ secrets.slack_bot_token }}
diff --git a/.github/workflows/publish-containerized-gradle-app.yml b/.github/workflows/publish-containerized-gradle-app.yml
@@ -50,15 +50,17 @@ jobs:
         with:
           distribution: temurin
           java-version: 11
+          cache: "gradle"
       - name: configure-git-user
         run: |
           git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git config --local user.name "github-actions[bot]"
 
-      - uses: google-github-actions/setup-gcloud@v0.5.1
+      - uses: google-github-actions/auth@v0
         if: inputs.setup_google_cloud_auth
         with:
-          service_account_key: ${{ secrets.google_cloud_service_account_key }}
+          credentials_json: ${{ secrets.google_cloud_service_account_key }}
+      - uses: google-github-actions/[email protected]
 
       - name: setup-azure-container-registry
         if: inputs.setup_azure_container_registry

diff --git a/.github/workflows/repository-backup.yml b/.github/workflows/repository-backup.yml
@@ -9,6 +9,11 @@ on:
         type: string
         default: https://s3.us-west-2.amazonaws.com
         required: false
+      slack_channel:
+        description: Slack channel to post notification in the event of failure.
+        type: string
+        default: alerts
+        required: false
     secrets:
       bucket_access_key_id:
         description: Value of the object storage bucket backup access key ID (e.g., S3 has ACCESS_KEY_ID).
@@ -20,7 +25,7 @@ on:
         description: Name of the object storage bucket backup to use.
         required: true
       slack_notification_webhook:
-        description: Where to post notifications
+        description: (DEPRECATED) Where to post notifications
         required: false
       slack_bot_token:
         description: Access token for posting slack messages
@@ -45,8 +50,8 @@ jobs:
         if: ${{ failure() }}
         uses: slackapi/[email protected]
         with:
-          channel-id: 'alerts'
-          slack-message: ":boom: Unable to backup ${{ github.repository }} to S3"
+          channel-id: ${{ inputs.slack_channel }}
+          slack-message: ":boom: Unable to backup ${{ github.repository }} to S3"w
         env:
           SLACK_BOT_TOKEN: ${{ secrets.slack_bot_token }}
 
diff --git a/README.md b/README.md
@@ -1,3 +1,10 @@
-# gh-automation
+# Moderne Inc. GitHub Automation
 
-Reusable GitHub Actions workflows.
+Public reusable GitHub Actions workflows.
+
+| Action | Purpose | 
+|----|----|
+| Repository Backup | Back-up repository to AWS S3 bucket | 
+| Dependency Check | Analyze Gradle dependencies against CVE database | 
+| Publish Containerized Gradle App | Consistent way to build and publish Docker images of Gradle applications to either GCR or ACR | 
+| CI Gradle | Standardized way to checkout and build / test a Gradle application |