saltstack-formulas · dafyddj · Jan 27, 2026
@@ -0,0 +1,22 @@
+# Changes here will be overwritten by Copier; NEVER EDIT MANUALLY
+_commit: v2.10.3
+_src_path: https://github.com/dafyddj/copier-ssf-ci
+failure_permitted_ignored: []
+failure_permitted_patterns: []
+formula_name: vault
+release_using_gha: false
+renovate_extend_presets:
+- github>saltstack-formulas/.github
+- github>saltstack-formulas/.github:copier
+renovate_ignore_presets: []
+supported_oses:
+- AlmaLinux OS
+- Amazon Linux
+- CentOS
+- Debian
+- Fedora Linux
+- openSUSE
+- Oracle Linux
+- Rocky Linux
+- Ubuntu
+test_using_gha: false
@@ -0,0 +1,11 @@
+{
+$schema: 'https://docs.renovatebot.com/renovate-schema.json',
+extends: [
+  "github>saltstack-formulas/.github",
+  "github>saltstack-formulas/.github:copier"
+],
+/**********************************************************
+ * This file is managed as part of a Copier template.     *
+ * Please make your own changes below this comment.       *
+ *********************************************************/
+}
@@ -0,0 +1,8 @@
+---
+# These settings are synced to GitHub by https://probot.github.io/apps/settings/
+
+repository:
+  # See https://docs.github.com/en/rest/reference/repos#update-a-repository
+  # for all available settings
+
+  allow_squash_merge: false
@@ -0,0 +1,84 @@
+---
+name: Test & release
+
+'on':
+  - pull_request
+  - push
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: ${{ github.ref != format('refs/heads/{0}',
+                          github.event.repository.default_branch) }}
+
+jobs:
+  should-run:
+    name: Prep / Should run
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    outputs:
+      should-run: ${{ steps.action.outputs.should-run }}
+    steps:
+      - id: action
+        # yamllint disable-line rule:line-length
+        uses: techneg-it/should-workflow-run@eff19348eb884f57e05bc6f05ae48ece3af14714 # v1.0.1
+  pre-commit:
+    name: Lint / `pre-commit`
+    needs: should-run
+    if: fromJSON(needs.should-run.outputs.should-run)
+    container: techneg/ci-pre-commit:v2.5.24@sha256:b206cbb9bf1506dec0e1b2a70c7e8d69850af75255a9d5d93d52dae54f636d3a
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - run: | # Needed because of bug #2031 in `actions/checkout`
+          git config --global --add safe.directory "$GITHUB_WORKSPACE"
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+          filter: tree:0
+      - name: Export `CI_CACHE_ID` from container
+        run: echo "CI_CACHE_ID=$(cat /.ci_cache_id)" >> $GITHUB_ENV
+      - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        with:
+          path: ~/.cache/pre-commit
+          key: "${{ env.CI_CACHE_ID }}|\
+                ${{ hashFiles('.pre-commit-config.yaml') }}"
+          restore-keys: |
+            ${{ env.CI_CACHE_ID }}|
+      - name: Build cache
+        run: |
+          pre-commit gc
+          echo "Installing hook environments..."
+          time -f "Hook installation took %E" pre-commit install-hooks
+      - name: Run `pre-commit`
+        run: |
+          pre-commit run --all-files --color always --verbose
+          pre-commit run --color always --hook-stage manual --verbose commitlint-ci
+  results:
+    name: Release / Collect results
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+      checks: read
+    container: techneg/ci-semantic-release:v1.2.22@sha256:091cbee13d24025ba940398995814c807d253933ce20a3b07563cc0d27bba147
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - run: |  # Needed due to bug actions/checkout#2031
+          git config --global --add safe.directory "$GITHUB_WORKSPACE"
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      # yamllint disable-line rule:line-length
+      - uses: poseidon/wait-for-status-checks@899c768d191b56eef585c18f8558da19e1f3e707 # v0.6.0
+        with:
+          ignore: >
+            Release / Collect results
+          ignore_pattern: ^GitLab CI
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Run `semantic-release`
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          MAINTAINER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          semantic-release --dry-run
+      - run: echo "::notice ::Workflow success!"