From 429089a81032be8590acb8945ef30a7c98ff6407 Mon Sep 17 00:00:00 2001
From: Corey Osman <corey@nwops.io>
Date: Wed, 20 Apr 2022 13:35:19 -0700
Subject: [PATCH] Adds basic workflow for pdk based modules

---
 .github/workflows/pdk-basic.yml | 36 +++++++++++++++++++++++++++++++++
 README.md                       | 28 +++++++++++++++++++++++++
 2 files changed, 64 insertions(+)
 create mode 100644 .github/workflows/pdk-basic.yml

diff --git a/.github/workflows/pdk-basic.yml b/.github/workflows/pdk-basic.yml
new file mode 100644
index 0000000..6a8b66c
--- /dev/null
+++ b/.github/workflows/pdk-basic.yml
@@ -0,0 +1,36 @@
+name: PDK basic
+
+on:
+  workflow_call:
+    inputs:
+      container_image:
+        description: Image to use when running tests
+        default: 'puppet/puppet-dev-tools:2022-04-21-e44b72b'
+        required: false
+        type: string
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        puppet-version: [7]
+    container: ${{ inputs.container_image }}
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: action-pdk-validate-puppet-${{ matrix.puppet-version }}
+        run: pdk validate --puppet-version=${{ matrix.puppet-version }}
+
+  unit-puppet:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        puppet-version: [5, 6, 7]
+    container: ${{ inputs.container_image }}
+    needs: validate
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: action-pdk-test-unit-puppet-${{ matrix.puppet-version }}
+        run: pdk test unit --puppet-version=${{ matrix.puppet-version }}
diff --git a/README.md b/README.md
index 45cd798..070f39f 100644
--- a/README.md
+++ b/README.md
@@ -214,3 +214,31 @@ jobs:
     uses: voxpupuli/gha-puppet/.github/workflows/beaker.yml@v1
     working-directory: ./site/profiles
 ```
+
+## Cloning private repos
+If your CI pipline will clone private repos via the .fixtures.yml or Puppetfile
+you will need to supply a ssh private key for the runner to use during the job.
+
+That ssh private key can be a machine user's ssh key, or github deploy key.  As long 
+as the key has access to the repos it will need to clone.
+
+You will need to create a github secret for the private key named `PRIVATE_SSH_KEY`
+
+An example CI workflow is below for this kind of setup.
+
+For reference: https://stackoverflow.com/questions/57612428/cloning-private-github-repository-within-organisation-in-actions
+
+
+```yaml
+name: CI
+
+on: pull_request
+
+jobs:
+  puppet:
+    name: Setup deploy key
+    run: eval `ssh-agent -s` && ssh-add - <<< '${{ secrets.PRIVATE_SSH_KEY }}'
+    name: Puppet
+    uses: voxpupuli/gha-puppet/.github/workflows/pdk-basic.yml@master
+
+```