automation improvement - workflow templates and github action definitions

[baywet]

During today's TDC call #4220 @handrews brought up the fact that we might have misalignment and duplication of workflows and scripts across repositories.
It of course make sense to rationalize that to improve reliability and reduce maintenance costs.
I promised during the call I'd recap my suggestions on an issue, here are two ways we could rationalize that:

Duplicated scripts should really be GitHub actions

GitHub actions can be defined to wrap up scripts and their runtime environment. Not only that enables easy reusability across multiple repos, it also makes consuming workflows simpler since they don't need to setup the runtime for the script (node, powershell, python, etc...)

Here is an example of a custom action that comments on pull requests based on an input file it parses. Note that it contains multiple things:

• a dockerfile to setup what it needs.
• an action.yaml that gives metadata about the action itself, inputs, outputs
• the PowerShell script in this case (could really be anything)
• (not present) a readme to document how to consume the action itself.

This action can now be consumed like any other in a workflow example

You can have multiple action definitions or a single one per repo, it's really up to you. And you can rely on workflows to test your action logic, making it more reliable.
Additionally, actions are versioned using git tags, and upgrades can be automated via dependabot.
Another benefit of this approach is to be able to run the script locally by just running the image, no additional requirements beyond docker.
 
One downside of using dockerfile is that now the container needs to be built for every execution of the consuming workflow. This is easily fixed by adding another workflow where the action definition builds the image and publishes it to GitHub artifacts, and updating the "image" field in the actions.yaml.

more information

Reusable workflows

I think this documentation page is great as an introduction.
The goal would be to have a central repo for all the reusable workflows, and refer to them in target repositories.

Additional solutions

• composite actions in case we often repeat the same X steps across workflows.
• workflow templates in case we want to enable quick setup of new repositories.

I hope this provides good context for discussions.
Let me know if you have any additional comments or questions.

[ralfhandl]

Looking at the three incarnations of the respec workflow in the Arazzo-, OpenAPI-, and Overlay-Specification repos, the common structure is

1. Check out current branch
2. Check out deployment target branch into subfolder
3. Run HTML build script to modify subfolder
4. Create pull request for deployment target branch from modified subfolder

Would we start with an action for step 3 to get rid of the three slightly different copies of the HTML build scripts?

Or would we want to have a (composite?) action that performs all four steps so that the three reduced workflows would only differ in the value of a "spec" action parameter?

The same could be used for the schema-publish workflow in the OpenAPI- and Overlay-Specification repos.

The schema-tests and validate-markdown workflows are trivial and I don't see the need for an action there.

[baywet]

I'd start with making 3 an action, it's going to be atomic and easier to test. You can always make a composite one after you've done so.