ci: add Ansible partner certification check [citest_skip]

[richm]

See https://github.com/ansible-collections/partner-certification-checker/blob/main/README.md

Signed-off-by: Rich Megginson rmeggins@redhat.com

Summary by Sourcery

CI:

• Introduce a certification check workflow that prepares the role as a collection with tox-lsr and invokes the shared Ansible partner certification reusable workflow, skipping when '[citest_skip]' is present in PR titles or commit messages.

[sourcery-ai]

Reviewer's Guide

Adds a new GitHub Actions workflow to run the Ansible partner certification checks against the collection converted from this role, with CI skip logic gated on a [citest_skip] marker in PR titles and commit messages.

Sequence diagram for CI skip logic and certification workflow invocation

sequenceDiagram
  actor Developer
  participant GitHub
  participant Workflow as Workflow_Run_collection_cert_checks
  participant Prep_job
  participant Call_job
  participant Reusable as Certification_reusable_workflow

  Developer->>GitHub: Push_commit_or_open_PR
  GitHub->>Workflow: Trigger_on_PR_push_or_dispatch

  Workflow->>Workflow: Evaluate_if_expression
  alt Title_or_commit_contains_citest_skip
    Workflow-->>Prep_job: Skip_job_prep
    Workflow-->>Call_job: Skip_job_call
  else No_citest_skip_marker
    Workflow->>Prep_job: Start_job_prep
    Prep_job->>Prep_job: Update_pip_and_git
    Prep_job->>Prep_job: Checkout_repository
    Prep_job->>Prep_job: Install_tox_lsr
    Prep_job->>Prep_job: Convert_role_to_collection
    Prep_job-->>Workflow: Job_prep_success

    Workflow->>Call_job: Start_job_call_needs_prep
    Call_job->>Reusable: Invoke_certification_reusable_workflow
    Reusable-->>Call_job: Run_partner_cert_checks
    Call_job-->>Workflow: Report_cert_results
  end

  Workflow-->>GitHub: Report_overall_CI_status

Loading

File-Level Changes

Change	Details	Files
Introduce GitHub Actions workflow to run Ansible partner certification checks on PRs, main branch pushes, and manual runs, including role-to-collection conversion and conditional execution.	Create a new workflow that triggers on pull requests, pushes to main, and workflow_dispatch with read-only contents permission and concurrency control per ref or run Set environment variables to define the target collection namespace and name for linux-system-roles Add a prep job that updates pip and git, checks out the repository, installs tox-lsr from a pinned git ref, and runs the collection conversion via TOXENV=collection lsr_ci_runtox Configure both prep and certification jobs to be skipped when the PR title or push commit message contains the [citest_skip] marker Add a call job that depends on prep and invokes the reusable Ansible partner certification checker workflow pinned to a specific commit, passing the converted collection root path as input	.github/workflows/ansible-cert-check.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• The if condition used to skip when [citest_skip] is present is duplicated across the prep and call jobs; consider extracting this into a reusable expression via a job-level output or using a single gate job to avoid having to maintain the same logic in multiple places.
• Installing git via sudo apt install -y git on ubuntu-latest is likely unnecessary because the runner already includes git; you can remove this step to simplify and slightly speed up the workflow.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The `if` condition used to skip when `[citest_skip]` is present is duplicated across the `prep` and `call` jobs; consider extracting this into a reusable expression via a job-level output or using a single gate job to avoid having to maintain the same logic in multiple places.
- Installing `git` via `sudo apt install -y git` on `ubuntu-latest` is likely unnecessary because the runner already includes git; you can remove this step to simplify and slightly speed up the workflow.

## Individual Comments

### Comment 1
<location path=".github/workflows/ansible-cert-check.yml" line_range="53-54" />
<code_context>
+          sudo apt update
+          sudo apt install -y git
+
+      - name: Checkout repo
+        uses: actions/checkout@v6
+
+      - name: Install tox, tox-lsr
</code_context>
<issue_to_address>
**issue (bug_risk):** The `actions/checkout@v6` reference may not exist yet and can break the workflow when it runs.

Unless you’ve confirmed that `actions/checkout@v6` actually exists in the GitHub Marketplace, please switch to the latest known stable major (e.g., `actions/checkout@v4`) or pin a specific SHA/tag. That will avoid workflow failures and keep this consistent with the pinning strategy used in the reusable workflow.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

issue (bug_risk): The actions/checkout@v6 reference may not exist yet and can break the workflow when it runs.

Unless you’ve confirmed that actions/checkout@v6 actually exists in the GitHub Marketplace, please switch to the latest known stable major (e.g., actions/checkout@v4) or pin a specific SHA/tag. That will avoid workflow failures and keep this consistent with the pinning strategy used in the reusable workflow.