Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for indirect template + customizations #853

Open
wants to merge 140 commits into
base: main
Choose a base branch
from

Conversation

freddydk
Copy link
Contributor

@freddydk freddydk commented Dec 12, 2023

Changes included in this PR:

  • Support indirect template repository = Point to an existing AL-Go repository as a template, like:

image

In this case, org/myptetemplate is a standard AL-Go repository, which gets updated as any other AL-Go repository using Update AL-Go System Files. This is a way of standardizing your repository based on type specific AL-Go templates (which can be private or public).

Normally, Update AL-Go System Files follows this mechanism:

image

Workflows and scripts are read from the template repository and modified based on settings and saved to the repository.

Using an indirect template repository, the picture looks like this:

image

Workflows and scripts are read from the "real" template repository and modified based on settings. Customizations for workflows in the indirect template repository are applied.

New workflows and scripts from the indirect template repository are copied over and new settings (for repo and for project) are copied over (if they don't already exist in the corresponding settings file).

The final repository can also contain customizations to workflows and the winner here is the indirect template repository (if a custom job or custom step exists in both places).

This PR: freddydk/customized#17 - is an example of a repository with customizations of CI/CD and _BuildALGoProject, which runs Update AL-Go System Files and gets customizations from the indirect template repository (both settings, scripts and workflow customizations)

TODO:

  • End 2 End tests
  • Unit tests
  • Documentation

Documentation on customization capabilities is here: https://github.com/freddydk/AL-Go/blob/customize/Scenarios/CustomizingALGoForGitHub.md

@freddydk freddydk changed the title Add support for indirect template + customizations [DRAFT] Add support for indirect template + customizations Dec 12, 2023
@mortenseifert
Copy link

@freddydk, do you have an estimated time of completion for this PR? We've been testing it for a while and are considering deploying it live. However, we're a bit cautious about when the PR will be finalized and whether it will disrupt any modifications we've implemented.

Scenarios/CustomizingALGoForGitHub.md Show resolved Hide resolved
@@ -186,6 +186,19 @@ try {
}
$authContext = $null
$environmentName = ""
if ($cicdAuthContext) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this a new setting/secret? Do we have docs on this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the setting for allowing us to run tests in online sandboxes - and the setting Cosmo needs in order to run pipelines with their Alpaca containes.

Could be moved to a seperate PR - but is needed together with this for Cosmo.

Will add it to the docs.

Scenarios/Contribute.md Show resolved Hide resolved
Actions/CheckForUpdates/yamlclass.ps1 Show resolved Hide resolved
Actions/CheckForUpdates/yamlclass.ps1 Show resolved Hide resolved
}
# Merge permissions
Write-host "Merge permissions"
$srcPermissionsObj = $srcYaml.Get('permissions:/')
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I actually thought that the upper permissions setting was the permissions allowed for all jobs and no job could set additional permissions.
When I read the docs now - it looks like the upper permissions settings is indeed the permissions allowed for all jobs, but jobs can add additional permissions if they like (except for the reusable workflows).

Will check whether this changes anything,

Copy link
Collaborator

@mazhelez mazhelez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Posting an mid-way review as I got carried away. I'll circle back to this PR.


### New Settings

- `customALGoSystemFiles` is an array of JSON objects, which holds information about custom AL-Go System Files, which will be applied during Update AL-Go System Files. Every object can hold these 4 properties:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's time we stop adding everything in the AL-Go settings.
These settings are loaded and output in a lot of jobs unnecessarily.

"Update AL-Go" has two phases:

  1. Fetch changes from the template. (here customALGoSystemFiles is needed)
  2. Modify the YAML workflows based on the settings (here customALGoSystemFiles is not needed).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I kind of agree, but I also don't think we should have other settings files.
IMO we should make the same change to settings as I did to secrets a while back, where we specify which secrets we want to read when calling ReadSecrets.

So, the workflows should know (and specify) which settings to look for and the only settings returned would be the once specified. This way the settings carried around in outputs would be limited.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As a user I can say having more setting files would make it more complex. Most of the users I know prefer one big setting file where they have everything in one file.

Scenarios/CustomizingALGoForGitHub.md Outdated Show resolved Hide resolved
Scenarios/CustomizingALGoForGitHub.md Outdated Show resolved Hide resolved
Scenarios/CustomizingALGoForGitHub.md Outdated Show resolved Hide resolved
Scenarios/settings.md Outdated Show resolved Hide resolved
By adding a setting called [`customALGoSystemFiles`](https://aka.ms/algosettings#customalgosystemfiles) in your [repo settings](https://aka.ms/algosettings#settings), you can tell AL-Go for GitHub that these files should be included in the update. Example:

```
"customALGoSystemFiles": [
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is customALGoSystemFiles supposed to be defined on the indirect template or on the end repositories (the ones that consume the indirect template)?

If it's on the end repos, then it defeats part of the purpose of the indirect template. E.g. in the case of a new common script, the setting needs to be added manually on X repos.

If it's on the indirect template template, then shouldn't relative paths suffice? Does it need to be so complex?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure what you mean by relative paths?
The Source is an absolute URL to a file to download - rarely something in the same repo.

The setting can be on both.
If it is defined on the indirect template - it is handled when updating the indirect template.
If it is defined on the end repos - it is handled when updating the end repo (not everybody will have an indirect template)

Copy link
Collaborator

@aholstrup1 aholstrup1 Sep 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not require an indirect template if you want to sync custom scripts? Is there a requirement for two different mechanisms of syncing scripts?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Those are two different things.
An indirect template is something people create in their organization for types of repos.
custom files could be workflows or scripts created by other people (like the onprem publisher created by a partner)

},
{
"Destination": ".github/",
"Source": "https://github.com/freddydk/CustomALGoSystemFiles/archive/refs/heads/main.zip",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How do we authenticate to a source if it is in private repo? Is that supported?

Write-Host "Create Tag"

PostProcess:
needs: [ Initialization, Build2, Build1, Build, Deploy, Deliver, DeployALDoc, CustomJob-CreateBuildTag ]
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe I did something wrong but this didn't work for me. CustomJob-CreateBuildTag is not added in the "needs" block in my repository when I add it in my indirect template.

This is my indirect template:

PostProcess:
    needs: [ Initialization, Build, BuildPP, Deploy, Deliver, CustomJob-CreateBuildTag, DeployALDoc ]
    if: (!cancelled())
    runs-on: [ windows-latest ]
    steps:
      - name: Checkout
        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Finalize the workflow
        id: PostProcess
        uses: aholstrup1/AL-Go/Actions/WorkflowPostProcess@ab27cdbe117b8c1102c0be563f2e098be079ce37
        env:
          GITHUB_TOKEN: ${{ github.token }}
        with:
          shell: powershell
          telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }}
          currentJobContext: ${{ toJson(job) }}


  CustomJob-CreateBuildTag:
    name: Create Build Tag
    needs: [ Initialization, Build ]
    if: (!cancelled()) && (needs.Build.result == 'success')
    runs-on: [ ubuntu-latest ]
    steps:
      - name: Create Tag
        run: |
          Write-Host "Create Tag"

This is from my repository that uses the indirect template (after running Update AL-Go System Files)

  PostProcess:
    needs: [ Initialization, Build, Deploy, Deliver, DeployALDoc ]
    if: (!cancelled())
    runs-on: [ windows-latest ]
    steps:
      - name: Checkout
        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Finalize the workflow
        id: PostProcess
        uses: aholstrup1/AL-Go/Actions/WorkflowPostProcess@ab27cdbe117b8c1102c0be563f2e098be079ce37
        env:
          GITHUB_TOKEN: ${{ github.token }}
        with:
          shell: powershell
          telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }}
          currentJobContext: ${{ toJson(job) }}


  CustomJob-CreateBuildTag:
    name: Create Build Tag
    needs: [ Initialization, Build ]
    if: (!cancelled()) && (needs.Build.result == 'success')
    runs-on: [ ubuntu-latest ]
    steps:
      - name: Create Tag
        run: |
          Write-Host "Create Tag"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Strange - when you add that to the indirect template - it shouldn't do anything in the end repo.
Will have a look

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't it add CustomJob-CreateBuildTag to the needs block in PostProcess? 🤔 Maybe I misunderstood it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants