CI: Modify GHA workflow to use composed verify

This uses a single workflow composed of all actions that need to be
run to verify changes to the ci-management repo.

Issue: RELENG-4799
Change-Id: Ibe2ef9732c7d0a9e13e30fec2cb8c3b64bad1768
Signed-off-by: Eric Ball <eball@linuxfoundation.org>

diff --git a/.github/workflows/gerrit-verify.yaml b/.github/workflows/gerrit-verify.yaml
index ea754d8..cd06381 100644 (file)
--- a/.github/workflows/gerrit-verify.yaml
+++ b/.github/workflows/gerrit-verify.yaml
@@ -1,5 +1,5 @@
 ---
-name: Gerrit Verify
+name: Call Composed ci-management Verify
 
 # yamllint disable-line rule:truthy
 on:
@@ -41,102 +41,30 @@ on:
         description: "Gerrit refspec of change"
         required: true
         type: string
-
-concurrency:
-  group: ${{ github.event.inputs.GERRIT_CHANGE_ID || github.run_id }}
-  cancel-in-progress: true
+      ENV_VARS:
+        # yamllint disable-line rule:line-length
+        description: "Pass GitHub variables to be exported as environment variables via `toJSON(vars)` or specific variables encoded in JSON format"
+        required: false
+        default: "{}"
+        type: string
 
 jobs:
-  prepare:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Clear votes
-        uses: lfit/gerrit-review-action@v0.3
-        with:
-          host: ${{ vars.GERRIT_SERVER }}
-          username: ${{ vars.GERRIT_SSH_USER }}
-          key: ${{ secrets.GERRIT_SSH_PRIVKEY }}
-          known_hosts: ${{ vars.GERRIT_KNOWN_HOSTS }}
-          gerrit-change-number: ${{ inputs.GERRIT_CHANGE_NUMBER }}
-          gerrit-patchset-number: ${{ inputs.GERRIT_PATCHSET_NUMBER }}
-          vote-type: clear
-      - name: Allow replication
-        run: sleep 10s
-
-  actionlint:
-    needs: prepare
-    runs-on: ubuntu-latest
-    steps:
-      - uses: lfit/checkout-gerrit-change-action@v0.3
-        with:
-          gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }}
-          delay: "0s"
-      - name: Download actionlint
-        id: get_actionlint
-        run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
-        shell: bash
-      - name: Check workflow files
-        run: ${{ steps.get_actionlint.outputs.executable }} -color
-        shell: bash
-
-  # run pre-commit tox env separately to get use of more parallel processing
-  pre-commit:
-    needs: prepare
-    runs-on: ubuntu-latest
-    steps:
-      - uses: lfit/checkout-gerrit-change-action@v0.3
-        with:
-          gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }}
-          delay: "0s"
-      - uses: actions/setup-python@v4
-        with:
-          python-version: "3.11"
-      - name: Run static analysis and format checkers
-        run: pipx run pre-commit run --all-files --show-diff-on-failure
-
-  jjb-validation:
-    needs: prepare
-    runs-on: ubuntu-latest
-    steps:
-      - uses: lfit/checkout-gerrit-change-action@v0.3
-        with:
-          gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }}
-          delay: "0s"
-      - uses: actions/setup-python@v4
-        id: setup-python
-        with:
-          python-version: "3.11"
-      - name: Clone git submodules
-        run: git submodule update --init
-      - name: Run JJB Verify
-        run: |
-          python -m pip install --upgrade pip
-          pip install jenkins-job-builder
-          mkdir -p "${HOME}/.config/jenkins_jobs"
-          cat << EOF > "${HOME}/.config/jenkins_jobs/jenkins_jobs.ini"
-          [job_builder]
-          ignore_cache=True
-          keep_descriptions=False
-          include_path=.
-          recursive=True
-          query_plugins_info=False
-          config-xml=True
-          EOF
-          jenkins-jobs test -o archives/job-configs jjb/
-
-  vote:
-    if: ${{ always() }}
-    needs: [prepare, actionlint, pre-commit, jjb-validation]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: technote-space/workflow-conclusion-action@v3
-      - name: Set vote
-        uses: lfit/gerrit-review-action@v0.3
-        with:
-          host: ${{ vars.GERRIT_SERVER }}
-          username: ${{ vars.GERRIT_SSH_USER }}
-          key: ${{ secrets.GERRIT_SSH_PRIVKEY }}
-          known_hosts: ${{ vars.GERRIT_KNOWN_HOSTS }}
-          gerrit-change-number: ${{ inputs.GERRIT_CHANGE_NUMBER }}
-          gerrit-patchset-number: ${{ inputs.GERRIT_PATCHSET_NUMBER }}
-          vote-type: ${{ env.WORKFLOW_CONCLUSION }}
+  call-composed-ci-man-verify:
+    # yamllint disable-line rule:line-length
+    uses: lfit/releng-reusable-workflows/.github/workflows/composed-ci-management-verify.yaml@25511233afffc28b7dcb71c89ccc1b66acba2449 # v0.2.0
+    with:
+      GERRIT_BRANCH: ${{ inputs.GERRIT_BRANCH }}
+      GERRIT_CHANGE_ID: ${{ inputs.GERRIT_CHANGE_ID }}
+      GERRIT_CHANGE_NUMBER: ${{ inputs.GERRIT_CHANGE_NUMBER }}
+      GERRIT_CHANGE_URL: ${{ inputs.GERRIT_CHANGE_URL }}
+      GERRIT_EVENT_TYPE: ${{ inputs.GERRIT_EVENT_TYPE }}
+      GERRIT_PATCHSET_NUMBER: ${{ inputs.GERRIT_PATCHSET_NUMBER }}
+      GERRIT_PATCHSET_REVISION: ${{ inputs.GERRIT_PATCHSET_REVISION }}
+      GERRIT_PROJECT: ${{ inputs.GERRIT_PROJECT }}
+      GERRIT_REFSPEC: ${{ inputs.GERRIT_REFSPEC }}
+      ENV_VARS: ${{ toJSON(vars) }}
+    secrets:
+      GERRIT_SSH_PRIVKEY: ${{ secrets.GERRIT_SSH_PRIVKEY }}
+      ENV_SECRETS: ${{ toJSON(secrets) }}
+      CLOUDS_ENV_B64: ${{ secrets.CLOUDS_ENV_B64 }}
+      CLOUDS_YAML_B64: ${{ secrets.CLOUDS_ENV_B64 }}