docs: add new page about our project board and small fixes

lentidas · lentidas · commit 5be6a1c87a68 · 2023-05-04T01:21:50.000+02:00
diff --git a/.github/workflows/pr-issues-project.yaml b/.github/workflows/pr-issues-project.yaml
@@ -1,9 +1,9 @@
 ---
-  # GitHub Actions workflow to automatically push PRs and issues to the DevOps Stack project board.
-  #
-  # IMPORTANT: This workflow is called by other workflows in our DevOps Stack repositories and it is centralized here in 
-  # order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking 
-  # changes when modifying this workflow.
+# GitHub Actions workflow to automatically push PRs and issues to the DevOps Stack project board.
+#
+# IMPORTANT: This workflow is called by other workflows in our DevOps Stack repositories and it is centralized here in 
+# order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking 
+# changes when modifying this workflow.
   
 name: "pr-issues-project"
 
diff --git a/docs/modules/ROOT/nav.adoc b/docs/modules/ROOT/nav.adoc
@@ -19,6 +19,7 @@
 ** xref:ROOT:contributing/module_creation_checklist.adoc[Module Creation Checklist]
 ** xref:ROOT:contributing/documentation.adoc[Documentation]
 ** xref:ROOT:contributing/release.adoc[Release]
+** xref:ROOT:contributing/project_board.adoc[Project Board]
 
 .*Cluster Modules*
 * xref:eks:ROOT:README.adoc[Amazon EKS]
diff --git a/docs/modules/ROOT/pages/contributing/general_guidelines.adoc b/docs/modules/ROOT/pages/contributing/general_guidelines.adoc
@@ -7,6 +7,8 @@ This document describes the general guidelines for contributing to the DevOps St
 
 The DevOps Stack is a collection of modules, each of them having its own release cycle, in order to ease the development and maintenance of each module.
 
+TIP: We have created a private GitHub project owned by the https://github.com/orgs/camptocamp/teams/is-devops-stack/[`@camptocamp/is-devops-stack` team] that is available https://github.com/orgs/camptocamp/projects/3/[here]. It is a useful way to follow the progress of the PRs and Issues of all the repositories. For more information on how it is implemented, check the xref:ROOT:contributing/project_board.adoc[Project Board] page.
+
 == Development Workflow
 
 When a new feature or fix is required, the typical workflow is the following:
diff --git a/docs/modules/ROOT/pages/contributing/module_creation_checklist.adoc b/docs/modules/ROOT/pages/contributing/module_creation_checklist.adoc
@@ -9,17 +9,27 @@ When first creating a module for the DevOps Stack, there are a few steps to foll
 +
 image::guides_tutorials/module_checklist/create_module_repository.png[Create Repository]
 
-2. On the settings of the repository, in the _General_ tab, on the _Pull Requests_ section, disable the _Allow squash commits_ option and enable the _Automatically delete head branches_ option.
+2. Go to the settings of the repository and to the _General_ tab:
 
-3. Then go to the _Collaborators and teams_ tab, add the `infrastructure-department` team as _Maintainers_ and the `is-devops-stack` team as _Administrators_.
+  a. On the _Features_ section, disable the _Wikis_, _Sponsorships_ and _Discussions_, then make sure the _Issues_ and _Projects_ are enabled.
+  
+  b. On the _Pull Requests_ section, disable the _Allow merge commits_ option and enable the _Automatically delete head branches_ option.
+
+3. Then go to the _Collaborators and teams_ tab, add the `infrastructure-department` team as _Maintainers_ and the https://github.com/orgs/camptocamp/teams/is-devops-stack/[`@camptocamp/is-devops-stack` team] team as _Administrators_.
 +
 image::guides_tutorials/module_checklist/change_collaborators.png[Change Collaborators]
 
 4. Next go to the _Branches_ tab, and create a new branch protection rule for the `main` branch, with the following settings.
 +
 image::guides_tutorials/module_checklist/branch_protection_rule.png[Branch Protection Rule]
 
-5. Afterwards, you need to add the Slack app to the repository in order to activate notifications on the https://camptocamp.slack.com/archives/C01DPEV82F6[#is-devops-stack] channel. To do so, go to the channel and do the following:
+5. Finally, still on the settings of the repository, under _Secrets and variables_, go to _Actions_ and add the secret `PROJECT_APP_PRIVATE_KEY`, which is needed to automatically add Issues and PRs to our project board. Check with the team where you can find this secret.
+
+6. Go the the _Projects_ tab of the repository and add the https://github.com/orgs/camptocamp/projects/3/[DevOps Stack project] (https://docs.github.com/en/issues/planning-and-tracking-with-projects/managing-your-project/adding-your-project-to-a-repository[documentation]).
+
+7. Request that an administrator of our GitHub organization adds the newly created repository to the app that automatically adds Issues and PRs to our project board (check the xref:ROOT:contributing/project_board.adoc[Project Board] page for more information).
+
+8. Afterwards, you need to add the Slack app to the repository in order to activate notifications on the https://camptocamp.slack.com/archives/C01DPEV82F6[#is-devops-stack] channel. To do so, go to the channel and do the following:
   
   a. Type `/github subscribe camptocamp/<MODULE_NAME>`.
 
@@ -39,6 +49,6 @@ image::guides_tutorials/module_checklist/slack_github_subscribe.png[Slack GitHub
 +
 image::guides_tutorials/module_checklist/slack_github_unsubscribe.png[Slack GitHub Unsubscribe]
 
-6. All that is left to do is adding the repository to our team reminder. For that, you can go to the https://github.com/orgs/camptocamp/teams/is-devops-stack/[`is-devops-stack` team], and add the repository to our scheduled reminder on Slack about pending Pull Requests.
+9. All that is left to do is adding the repository to our team reminder. For that, you can go to the https://github.com/orgs/camptocamp/teams/is-devops-stack/[`@camptocamp/is-devops-stack` team], and add the repository to our scheduled reminder on Slack about pending Pull Requests.
 +
 image::guides_tutorials/module_checklist/slack_reminder_team.png[Slack Reminder]
diff --git a/docs/modules/ROOT/pages/contributing/modules.adoc b/docs/modules/ROOT/pages/contributing/modules.adoc
@@ -40,7 +40,7 @@ Quick overview of each file/folder:
 
 . *`.github`* - Contains the GitHub Actions workflows that are used to lint the code, generate the documentation and release the module. *They are stored on the main repository and each module calls the same workflows.*
 . *`CHANGELOG.md`* - Contains the changelog of the module. It is automatically updated by the Release Please GitHub Action and *you do not need to create this file manually*.
-. *`CODEOWNERS`* - Contains the list of GitHub users that will be automatically assigned as reviewers for pull requests on the module. In our case it is the `@camptocamp/is-devops-stack` team.
+. *`CODEOWNERS`* - Contains the list of GitHub users that will be automatically assigned as reviewers for pull requests on the module. In our case it is the https://github.com/orgs/camptocamp/teams/is-devops-stack/[`@camptocamp/is-devops-stack` team].
 . *`docs`* - This is a folder that contains a precise substructure needed for the rendering of these documentation pages by Antora. The actual documentation is contained on the `README.adoc` files. You will find these and some other explanations about the docs on the {documentation-page} page.
 . *`LICENSE`* - The license of the module. In our case it is the Apache 2.0 license.
 . *`README.adoc`* - The documentation of the module. It is written in AsciiDoc and contains the example usage along with some explanations as well as the automatic documentation generated by Terraform Docs.
diff --git a/docs/modules/ROOT/pages/contributing/project_board.adoc b/docs/modules/ROOT/pages/contributing/project_board.adoc
@@ -0,0 +1,82 @@
+= GitHub Project Board
+
+// These URLs are used in the document as-is to generate new URLs, so they should not contain any trailing slash.
+:url-main-repo: https://github.com/camptocamp/devops-stack
+
+In order to ease up the burden of the project maintainers, we created an internal Project Board on GitHub. This board is used to track the progress of the PRs and issues. The board is available only to the https://github.com/orgs/camptocamp/teams/is-devops-stack/[`@camptocamp/is-devops-stack` team] and is available https://github.com/orgs/camptocamp/projects/3/[here]. All the repositories of the DevOps Stack are also connected to this project upon creation.
+
+The way this is accomplished is somewhat convoluted, hence the reason for this documentation page.
+
+== DevOps Stack Project
+
+The project itself has been manually created on the https://github.com/orgs/camptocamp/[`@camptocamp`] organization, using the GitHub web interface (https://docs.github.com/en/issues/planning-and-tracking-with-projects/creating-projects/creating-a-project[documentation]). *The project is private (https://docs.github.com/en/issues/planning-and-tracking-with-projects/managing-your-project/managing-visibility-of-your-projects[documentation]) and only accessible to the `@camptocamp/is-devops-stack` team* (https://docs.github.com/en/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects[documentation]).
+
+All the boards and tables have also been created manually. In the settings of the project, there are automation workflows (https://docs.github.com/en/issues/planning-and-tracking-with-projects/automating-your-project/using-the-built-in-automations[documentation]) that move the Issues and PRs around depending on their status (open, closed, merged, etc.).
+
+== Adding a PR/Issue to the Project
+
+Since there are some limits on how many repositories we can add to a project using the default workflows, we were forced to automate this process using a GitHub workflow, as suggested on the https://docs.github.com/en/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions#example-workflow-authenticating-with-a-github-app[official documentation].
+
+Although the official documentation explicitly calls the API with `gh` commands, we opted to use an official GitHub Action (https://github.com/actions/add-to-project)[`actions/add-to-project`] to accomplish this. Moreover, in order to allow the workflows to modify the project we needed to create a GitHub app that the sole purpose is providing the necessary permissions to the workflows.
+
+=== DevOps Stack Project App
+
+The app is called `DevOps Stack Project` and is available https://github.com/apps/devops-stack-project[here] (note that since the app is private you won't probably be able to see it unless you are an administrator of our organization).
+
+This app was created on our organization by an administrator and is configured with a limited scope of permissions: it can only access the projects of the organization where it is installed as well as the PRs and Issues of repositories on which it is installed (https://docs.github.com/en/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app[official documentation] on how to create a GitHub app).
+
+After the app creation, an administrator was needed to install it on the organization and all the repositories of the DevOps Stack. This was done by going to the app page and clicking on the `Install` button then configuring the proper settings after installation (all this is done on the organization settings, check the https://docs.github.com/en/apps/maintaining-github-apps/installing-github-apps#installing-your-private-github-app-on-your-repository[official documentation]). 
+
+IMPORTANT: The reason to not install the app on all the repositories by default was to further limit the scope of the app, although *this adds the burden of installing it on each repository manually every time a new repository of the DevOps Stack is created*.
+
+=== Centralized Workflow
+
+The workflow definition is available in the {url-main-repo}/blob/main/.github/workflows/modules-release-please.yaml[main repository].
+
+[source,yaml]
+----
+---
+# GitHub Actions workflow to automatically push PRs and issues to the DevOps Stack project board.
+#
+# IMPORTANT: This workflow is called by other workflows in our DevOps Stack repositories and it is centralized here in 
+# order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking 
+# changes when modifying this workflow.
+  
+name: "pr-issues-project"
+
+on:
+  workflow_call:
+    secrets:
+      PROJECT_APP_PRIVATE_KEY:
+        description: "GitHub App private key for the DevOps Stack Project app"
+        required: true
+
+  issues:
+    types: 
+    - opened
+    - reopened
+  
+  pull_request:
+    types:
+    - opened
+    - reopened
+
+jobs:
+  add-to-project:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Generate authentication token from GitHub App
+      id: generate_token
+      uses: tibdex/github-app-token@v1
+      with:
+        app_id: 322306
+        private_key: ${{ secrets.PROJECT_APP_PRIVATE_KEY }}
+
+    - name: Add PR or issue to DevOps Stack project board
+      uses: actions/add-to-project@v0.5.0
+      with:
+        project-url: https://github.com/orgs/camptocamp/projects/3/
+        github-token: ${{ steps.generate_token.outputs.token }}
+----
+
+NOTE: It is the step _Generate authentication token from GitHub App_ that uses the GitHub app created above in order to generate a token with the proper permissions that is then passed to the _Add PR or issue to DevOps Stack project board_ step.
diff --git a/docs/modules/ROOT/pages/contributing/release.adoc b/docs/modules/ROOT/pages/contributing/release.adoc
@@ -27,18 +27,19 @@ The workflow definition available in the {url-main-repo}/blob/main/.github/workf
 # order to be easily maintained across modules. Because of this, please make sure you're not introducing any breaking 
 # changes when modifying this workflow.
 
-name: "Release Modules"
+name: "modules-release-please"
 
 on:
   workflow_call:
 
 jobs:
   release-please:
-    runs-on: "ubuntu-latest"
+    runs-on: ubuntu-latest
     steps:
-    - uses: "google-github-actions/release-please-action@v3"
+    - uses: google-github-actions/release-please-action@v3
       with:
-        release-type: "simple"
+        release-type: simple
+        pull-request-title-pattern: "chore: release ${version}"
         bump-minor-pre-major: true
         extra-files: |
           variables.tf
@@ -59,7 +60,7 @@ The caller workflow on every module simply points to this workflow and is set to
 [source,yaml]
 ----
 ---
-name: "Release"
+name: "release-please"
 
 on:
   push:
@@ -68,7 +69,7 @@ on:
 
 jobs:
   release:
-    uses: camptocamp/devops-stack/.github/workflows/modules-release-please.yaml@master
+    uses: camptocamp/devops-stack/.github/workflows/modules-release-please.yaml@main
 ----
 
 NOTE: Our {url-template-repo}/blob/main/.github/workflows/release-please.yaml[module template] already contains this workflow definition, but with a caveat. To avoid creating releases on the template itself, it was deactivated and you need to re-activate it when creating a new module. The comments on the file are self-explanatory.
