Add configuration files for CI/CD and examples#1438
Add configuration files for CI/CD and examples#1438highgroundbkk wants to merge 13 commits intogithub:mainfrom
Conversation
Create deno.yml
Co-authored-by: highgroundbkk <245770312+highgroundbkk@users.noreply.github.com>
Add gh-runtime-cli extension example to gh-cli skill
highgroundbkk
had a problem deploying
to
production
GitHub Actions
Failure
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
main, but PRs should target staged.
The main branch is auto-published from staged and should not receive direct PRs.
Please close this PR and re-open it against the staged branch.
You can change the base branch using the Edit button at the top of this PR,
or run: gh pr edit 1438 --base staged
There was a problem hiding this comment.
Pull request overview
Adds several GitHub Actions workflow files intended for CI/CD examples/templates and updates the GH CLI skill documentation with an additional extension install example.
Changes:
- Added multiple GitHub Actions workflows (Webpack, Terraform, Labeler, Google GKE deploy, Deno, CodeQL).
- Updated the
gh-cliskill to include installation instructions for an additional GitHub CLI extension.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 13 comments.
Show a summary per file
| File | Description |
|---|---|
| skills/gh-cli/SKILL.md | Adds an example command to install a GitHub CLI extension. |
| .github/workflows/webpack.yml | Introduces a Node/Webpack workflow (currently malformed and not aligned with repo tooling). |
| .github/workflows/terraform.yml | Introduces a Terraform workflow (currently malformed and not applicable to repo contents). |
| .github/workflows/label.yml | Introduces a PR labeler workflow (currently malformed and missing required repo config). |
| .github/workflows/google.yml | Introduces a GKE deploy workflow (contains trigger/config issues and a broken kustomize install step). |
| .github/workflows/deno.yml | Introduces a Deno lint/test workflow (likely incompatible with this repo’s Node-based scripts). |
| .github/workflows/codeql.yml | Introduces a CodeQL workflow (currently malformed YAML). |
| - name: Terraform Apply | ||
| if: github.ref == 'refs/heads/"main"' && github.event_name == 'push' | ||
| run: terraform apply -auto-approve -input=false |
There was a problem hiding this comment.
The apply guard will never match because github.ref for main is refs/heads/main, but the condition checks refs/heads/"main" (extra quotes). Update the ref comparison (and consider using github.ref_name == 'main' for clarity).
| # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc. | ||
| - name: Terraform Init | ||
| run: terraform init | ||
|
|
||
| # Checks that all Terraform configuration files adhere to a canonical format | ||
| - name: Terraform Format | ||
| run: terraform fmt -check | ||
|
|
||
| # Generates an execution plan for Terraform | ||
| - name: Terraform Plan | ||
| run: terraform plan -input=false |
There was a problem hiding this comment.
This workflow runs terraform init/fmt/plan but the repository does not contain any .tf files, so the job will fail when it executes on main. If this is meant to be a reusable example, it should not be enabled in this repo’s CI (e.g. move it to documentation/examples or change on: to workflow_dispatch).
| # Set up kustomize | ||
| - name: 'Set up Kustomize' | ||
| run: |- | ||
| curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.4.3/kustomize_v5.4.3_linux_amd64.tar.gz |
There was a problem hiding this comment.
The Kustomize install step downloads a .tar.gz archive but saves it as kustomize and then marks it executable without extracting it. This will fail when ./kustomize is executed. Download the correct binary or extract the archive before chmod/using it.
| curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.4.3/kustomize_v5.4.3_linux_amd64.tar.gz | |
| curl -sfLo kustomize.tar.gz https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.4.3/kustomize_v5.4.3_linux_amd64.tar.gz | |
| tar -xzf kustomize.tar.gz |
| # To use this workflow, you will need to set up a .github/labeler.yml | ||
| # file with configuration. For more information, see: | ||
| # https://github.com/actions/labeler | ||
|
|
||
| name: Labeler | ||
| on: [pull_request_target] | ||
|
|
||
| jobs: | ||
| label: | ||
|
|
||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
|
|
||
| steps: | ||
| - uses: actions/labeler@v4 | ||
| with: | ||
| repo-token: "${{ secrets.GITHUB_TOKEN }}" |
There was a problem hiding this comment.
This workflow requires a .github/labeler.yml configuration file (as noted in the header comment), but the repository does not contain one. As a result, the action will fail when it runs. Either add the corresponding .github/labeler.yml config or remove/disable this workflow (e.g., make it workflow_dispatch) until it’s configured.
| - language: actions | ||
| build-mode: none | ||
| - language: javascript-typescript | ||
| build-mode: none |
There was a problem hiding this comment.
The matrix include list is mis-indented: the - language: entries need to be nested under include:. As written, this YAML is invalid and the workflow won’t load.
| - language: actions | |
| build-mode: none | |
| - language: javascript-typescript | |
| build-mode: none | |
| - language: actions | |
| build-mode: none | |
| - language: javascript-typescript | |
| build-mode: none |
| on: | ||
| push: | ||
| branches: | ||
| - '"main"' |
There was a problem hiding this comment.
The branch filter is set to "main" (including quotes), so this workflow will never trigger on pushes to main. Use main (or 'main') as the branch name.
| - '"main"' | |
| - 'main' |
| env: | ||
| PROJECT_ID: 'my-project' # TODO: update to your Google Cloud project ID | ||
| GAR_LOCATION: 'us-central1' # TODO: update to your region | ||
| GKE_CLUSTER: 'cluster-1' # TODO: update to your cluster name | ||
| GKE_ZONE: 'us-central1-c' # TODO: update to your cluster zone | ||
| DEPLOYMENT_NAME: 'gke-test' # TODO: update to your deployment name | ||
| REPOSITORY: 'samples' # TODO: update to your Artifact Registry docker repository name | ||
| IMAGE: 'static-site' | ||
| WORKLOAD_IDENTITY_PROVIDER: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' # TODO: update to your workload identity provider |
There was a problem hiding this comment.
This workflow is written as a template (multiple TODO placeholders and assumes GKE manifests/kubectl access). Since it is enabled on push to main, it will run in this repository and fail unless fully configured. If the intent is to provide an example, consider moving it out of .github/workflows/ or changing on: to workflow_dispatch so it doesn’t execute by default.
| - uses: actions/labeler@v4 | ||
| with: | ||
| repo-token: "${{ secrets.GITHUB_TOKEN }}" |
There was a problem hiding this comment.
steps: is defined, but the - uses: entry is not indented under it, making the workflow YAML invalid. Indent the step list item(s) under steps: so GitHub Actions can parse the workflow.
| - uses: actions/labeler@v4 | |
| with: | |
| repo-token: "${{ secrets.GITHUB_TOKEN }}" | |
| - uses: actions/labeler@v4 | |
| with: | |
| repo-token: "${{ secrets.GITHUB_TOKEN }}" |
| run: deno lint | ||
|
|
||
| - name: Run tests | ||
| run: deno test -A |
There was a problem hiding this comment.
This workflow runs deno lint from the repository root, but the repo contains Node.js scripts under eng/ that use Node globals like process (e.g. eng/update-readme.mjs), which deno lint will flag as undefined. If the intent is to lint a Deno project, scope the lint/test commands to a Deno-specific subdirectory (or add a deno.json with appropriate lint.files.include/exclude).
| run: deno lint | |
| - name: Run tests | |
| run: deno test -A | |
| run: deno lint --ignore=eng | |
| - name: Run tests | |
| run: deno test -A --ignore=eng |
| # Checkout the repository to the GitHub Actions runner | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
|
|
||
| # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token | ||
| - name: Setup Terraform | ||
| uses: hashicorp/setup-terraform@v1 | ||
| with: | ||
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | ||
|
|
||
| # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc. | ||
| - name: Terraform Init | ||
| run: terraform init | ||
|
|
||
| # Checks that all Terraform configuration files adhere to a canonical format | ||
| - name: Terraform Format | ||
| run: terraform fmt -check | ||
|
|
||
| # Generates an execution plan for Terraform | ||
| - name: Terraform Plan | ||
| run: terraform plan -input=false | ||
|
|
||
| # On push to "main", build or change infrastructure according to Terraform configuration files | ||
| # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks | ||
| - name: Terraform Apply | ||
| if: github.ref == 'refs/heads/"main"' && github.event_name == 'push' | ||
| run: terraform apply -auto-approve -input=false |
There was a problem hiding this comment.
steps: is present but the subsequent step entries are not indented under it, which makes this workflow YAML invalid. Indent the - name: entries under steps: so the file parses correctly.
| # Checkout the repository to the GitHub Actions runner | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v1 | |
| with: | |
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
| # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc. | |
| - name: Terraform Init | |
| run: terraform init | |
| # Checks that all Terraform configuration files adhere to a canonical format | |
| - name: Terraform Format | |
| run: terraform fmt -check | |
| # Generates an execution plan for Terraform | |
| - name: Terraform Plan | |
| run: terraform plan -input=false | |
| # On push to "main", build or change infrastructure according to Terraform configuration files | |
| # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks | |
| - name: Terraform Apply | |
| if: github.ref == 'refs/heads/"main"' && github.event_name == 'push' | |
| run: terraform apply -auto-approve -input=false | |
| # Checkout the repository to the GitHub Actions runner | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v1 | |
| with: | |
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
| # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc. | |
| - name: Terraform Init | |
| run: terraform init | |
| # Checks that all Terraform configuration files adhere to a canonical format | |
| - name: Terraform Format | |
| run: terraform fmt -check | |
| # Generates an execution plan for Terraform | |
| - name: Terraform Plan | |
| run: terraform plan -input=false | |
| # On push to "main", build or change infrastructure according to Terraform configuration files | |
| # Note: It is recommended to set up a required "strict" status check in your repository for "Terraform Cloud". See the documentation on "strict" required status checks for more information: https://help.github.com/en/github/administering-a-repository/types-of-required-status-checks | |
| - name: Terraform Apply | |
| if: github.ref == 'refs/heads/"main"' && github.event_name == 'push' | |
| run: terraform apply -auto-approve -input=false |
Pull Request Checklist
npm startand verified thatREADME.mdis up to date.stagedbranch for this pull request.Description
Type of Contribution
Additional Notes
By submitting this pull request, I confirm that my contribution abides by the Code of Conduct and will be licensed under the MIT License.