Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: standardize github action types #85

Merged
merged 1 commit into from
Jun 7, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 20 additions & 20 deletions .github/workflows/auto-labeler.yml
Original file line number Diff line number Diff line change
@@ -1,24 +1,24 @@
---
name: Auto Labeler
name: Auto Labeler

on:
# pull_request_target event is required for autolabeler to support all PRs including forks
pull_request_target:
types: [opened, reopened, synchronize]
on:
# pull_request_target event is required for autolabeler to support all PRs including forks
pull_request_target:
types: [ opened, reopened, edited, synchronize ]
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

meat of change, adding edited here


permissions:
contents: read
permissions:
contents: read

jobs:
main:
permissions:
contents: write
pull-requests: write
name: Auto label pull requests
runs-on: ubuntu-latest
steps:
- uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
config-name: release-drafter.yml
jobs:
main:
permissions:
contents: write
pull-requests: write
name: Auto label pull requests
runs-on: ubuntu-latest
steps:
- uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
config-name: release-drafter.yml
4 changes: 2 additions & 2 deletions .github/workflows/docker-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ name: Docker Image CI

on:
push:
branches: main
branches: [ main ]
pull_request:
branches: main
branches: [ main ]

permissions:
contents: read
Expand Down
5 changes: 1 addition & 4 deletions .github/workflows/pr-title.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,7 @@ name: "Lint PR Title"

on:
pull_request_target:
types:
- opened
- edited
- synchronize
types: [ opened, edited, edited, synchronize ]

permissions:
contents: read
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/python-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ name: Python package

on:
push:
branches: main
branches: [ main ]
pull_request:
branches: main
branches: [ main ]

permissions:
contents: read
Expand Down
178 changes: 88 additions & 90 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -1,94 +1,92 @@
---
name: Release
name: Release

on:
workflow_dispatch:
pull_request_target:
types:
- closed
branches:
- main
on:
workflow_dispatch:
pull_request_target:
types: [ closed ]
branches: [ main ]

permissions:
contents: read
permissions:
contents: read

jobs:
create_release:
# release if
# manual deployment OR
# merged to main and labelled with release labels
if: |
(github.event_name == 'workflow_dispatch') ||
(github.event.pull_request.merged == true &&
(contains(github.event.pull_request.labels.*.name, 'breaking') ||
contains(github.event.pull_request.labels.*.name, 'release') ||
contains(github.event.pull_request.labels.*.name, 'vuln') ||
contains(github.event.pull_request.labels.*.name, 'release')))
outputs:
full-tag: ${{ steps.release-drafter.outputs.tag_name }}
short-tag: ${{ steps.get_tag_name.outputs.SHORT_TAG }}
body: ${{ steps.release-drafter.outputs.body }}
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: read
steps:
- uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348
id: release-drafter
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
config-name: release-drafter.yml
publish: true
- name: Get the short tag
id: get_tag_name
run: |
short_tag=$(echo ${{ steps.release-drafter.outputs.tag_name }} | cut -d. -f1)
echo "SHORT_TAG=$short_tag" >> $GITHUB_OUTPUT
create_action_images:
needs: create_release
runs-on: ubuntu-latest
permissions:
packages: write
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb
- name: Log in to the Container registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Push Docker Image
if: ${{ success() }}
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0
with:
context: .
file: ./Dockerfile
push: true
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create_release.outputs.full-tag }}
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create_release.outputs.short-tag }}
platforms: linux/amd64
provenance: false
sbom: false
create_discussion:
needs: create_release
runs-on: ubuntu-latest
permissions:
discussions: write
steps:
- name: Create an announcement discussion for release
uses: abirismyname/create-discussion@6e6ef67e5eeb042343ef8b3d8d0f5d545cbdf024
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
title: ${{ needs.create_release.outputs.full-tag }}
body: ${{ needs.create_release.outputs.body }}
repository-id: ${{ secrets.RELEASE_DISCUSSION_REPOSITORY_ID }}
category-id: ${{ secrets.RELEASE_DISCUSSION_CATEGORY_ID }}
jobs:
create_release:
# release if
# manual deployment OR
# merged to main and labelled with release labels
if: |
(github.event_name == 'workflow_dispatch') ||
(github.event.pull_request.merged == true &&
(contains(github.event.pull_request.labels.*.name, 'breaking') ||
contains(github.event.pull_request.labels.*.name, 'release') ||
contains(github.event.pull_request.labels.*.name, 'vuln') ||
contains(github.event.pull_request.labels.*.name, 'release')))
outputs:
full-tag: ${{ steps.release-drafter.outputs.tag_name }}
short-tag: ${{ steps.get_tag_name.outputs.SHORT_TAG }}
body: ${{ steps.release-drafter.outputs.body }}
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: read
steps:
- uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348
id: release-drafter
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
config-name: release-drafter.yml
publish: true
- name: Get the short tag
id: get_tag_name
run: |
short_tag=$(echo ${{ steps.release-drafter.outputs.tag_name }} | cut -d. -f1)
echo "SHORT_TAG=$short_tag" >> $GITHUB_OUTPUT
create_action_images:
needs: create_release
runs-on: ubuntu-latest
permissions:
packages: write
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb
- name: Log in to the Container registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Push Docker Image
if: ${{ success() }}
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0
with:
context: .
file: ./Dockerfile
push: true
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create_release.outputs.full-tag }}
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create_release.outputs.short-tag }}
platforms: linux/amd64
provenance: false
sbom: false
create_discussion:
needs: create_release
runs-on: ubuntu-latest
permissions:
discussions: write
steps:
- name: Create an announcement discussion for release
uses: abirismyname/create-discussion@6e6ef67e5eeb042343ef8b3d8d0f5d545cbdf024
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
title: ${{ needs.create_release.outputs.full-tag }}
body: ${{ needs.create_release.outputs.body }}
repository-id: ${{ secrets.RELEASE_DISCUSSION_REPOSITORY_ID }}
category-id: ${{ secrets.RELEASE_DISCUSSION_CATEGORY_ID }}
2 changes: 1 addition & 1 deletion .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ on:
schedule:
- cron: '29 11 * * 6'
push:
branches: ["main"]
branches: [ main ]

permissions: read-all

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/super-linter.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: Lint Code Base

on:
pull_request:
branches: main
branches: [ main ]

permissions:
contents: read
Expand Down