GHA: Configure workflows for reuse

It's possible to reuse a GHA workflow from another repo with minimal YAML. However there are certain requirements, like spelling out all the required secret values. Also any mention of `ACTIONS_STEP_DEBUG` will cause failures and must be removed. As usual, there's no convenient way to test these changes without pushing to a `main` branch somewhere that also has all the proper secrets configured. However, I did pattern these changes off of a working setup in buildah: fd2d05c0a7/.github/workflows/check_cirrus_cron.yml Signed-off-by: Chris Evich <cevich@redhat.com>
2025-05-17 23:26:08 +08:00 · 2022-11-14 13:34:43 -05:00
parent 43cef625b5
commit 021a23b349
2 changed files with 31 additions and 7 deletions
--- a/.github/workflows/check_cirrus_cron.yml
+++ b/.github/workflows/check_cirrus_cron.yml
@ -14,11 +14,22 @@ on:
        - cron:  '59 23 * * 1-5'
    # Debug: Allow triggering job manually in github-actions WebUI
    workflow_dispatch: {}
+    # Allow re-use of this workflow by other repositories
+    # Ref: https://docs.github.com/en/actions/using-workflows/reusing-workflows
+    workflow_call:
+      secrets:
+        SECRET_CIRRUS_API_KEY:
+          required : true
+        ACTION_MAIL_SERVER:
+          required: true
+        ACTION_MAIL_USERNAME:
+          required: true
+        ACTION_MAIL_PASSWORD:
+          required: true
+        ACTION_MAIL_SENDER:
+          required: true

 env:
-    # Debug-mode can reveal secrets, only enable by a secret value.
-    # Ref: https://help.github.com/en/actions/configuring-and-managing-workflows/managing-a-workflow-run#enabling-step-debug-logging
-    ACTIONS_STEP_DEBUG: '${{ secrets.ACTIONS_STEP_DEBUG }}'
    # CSV listing of e-mail addresses for delivery failure or error notices
    RCPTCSV: rh.container.bot@gmail.com,podman-monitor@lists.podman.io
    # Filename for table of cron-name to build-id data
@ -32,8 +43,11 @@ jobs:
    cron_failures:
        runs-on: ubuntu-latest
        steps:
+            # This is where the scripts live
            - uses: actions/checkout@v3
              with:
+                  repository: containers/podman
+                  ref: 'main'
                  persist-credentials: false

            - name: Get failed cron names and Build IDs
--- a/.github/workflows/rerun_cirrus_cron.yml
+++ b/.github/workflows/rerun_cirrus_cron.yml
@ -13,12 +13,22 @@ on:
        - cron:  '05 22 * * 1-5'
    # Debug: Allow triggering job manually in github-actions WebUI
    workflow_dispatch: {}
-
+    # Allow re-use of this workflow by other repositories
+    # Ref: https://docs.github.com/en/actions/using-workflows/reusing-workflows
+    workflow_call:
+      secrets:
+        SECRET_CIRRUS_API_KEY:
+          required : true
+        ACTION_MAIL_SERVER:
+          required: true
+        ACTION_MAIL_USERNAME:
+          required: true
+        ACTION_MAIL_PASSWORD:
+          required: true
+        ACTION_MAIL_SENDER:
+          required: true

 env:
-    # Debug-mode can reveal secrets, only enable by a secret value.
-    # Ref: https://help.github.com/en/actions/configuring-and-managing-workflows/managing-a-workflow-run#enabling-step-debug-logging
-    ACTIONS_STEP_DEBUG: '${{ secrets.ACTIONS_STEP_DEBUG }}'
    # CSV listing of e-mail addresses for delivery failure or error notices
    RCPTCSV: rh.container.bot@gmail.com,podman-monitor@lists.podman.io
    # Filename for table of cron-name to build-id data