From 46832671a17ebed9388dbb6dce93c0e1d1bd5eb7 Mon Sep 17 00:00:00 2001 From: "antony.bailey@thepoliceoftheinter.net" Date: Tue, 26 Mar 2024 16:05:48 +0000 Subject: [PATCH] Some actions --- .github/labeler.yml | 21 ++++++++++++++++++++ .github/workflows/autoupdate.yml | 19 ++++++++++++++++++ .github/workflows/gitleaks.yml | 18 +++++++++++++++++ .github/workflows/labeler.yml | 12 ++++++++++++ .github/workflows/mind-your-language.yml | 25 ++++++++++++++++++++++++ .github/workflows/size-label.yml | 10 ++++++++++ .github/workflows/stale.yml | 14 +++++++++++++ .github/workflows/trunk-check.yml | 22 +++++++++++++++++++++ 8 files changed, 141 insertions(+) create mode 100644 .github/labeler.yml create mode 100644 .github/workflows/autoupdate.yml create mode 100644 .github/workflows/gitleaks.yml create mode 100644 .github/workflows/labeler.yml create mode 100644 .github/workflows/mind-your-language.yml create mode 100644 .github/workflows/size-label.yml create mode 100644 .github/workflows/stale.yml create mode 100644 .github/workflows/trunk-check.yml diff --git a/.github/labeler.yml b/.github/labeler.yml new file mode 100644 index 0000000..93fb4c1 --- /dev/null +++ b/.github/labeler.yml @@ -0,0 +1,21 @@ +github: +- changed-files: + - any-glob-to-any-file: .github/* +docker: +- changed-files: + - any-glob-to-any-file: Dockerfile +license: +- changed-files: + - any-glob-to-any-file: LICENSE +docs: +- changed-files: + - any-glob-to-any-file: ['docs/*', '**/*.md'] +python: +- changed-files: + - any-glob-to-any-file: ['requirements.txt', '**/*.md'] +deploy: +- changed-files: + - any-glob-to-any-file: ['deploy/*'] +terraform: +- changed-files: + - any-glob-to-any-file: ['deploy/terraform/*'] diff --git a/.github/workflows/autoupdate.yml b/.github/workflows/autoupdate.yml new file mode 100644 index 0000000..8f24be0 --- /dev/null +++ b/.github/workflows/autoupdate.yml @@ -0,0 +1,19 @@ +name: autoupdate +on: + push: {} +jobs: + autoupdate: + name: autoupdate + runs-on: ubuntu-latest + steps: + - uses: docker://chinthakagodawita/autoupdate-action:latest + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + DRY_RUN: "false" + PR_FILTER: "labelled" + PR_LABELS: "autoupdate" + EXCLUDED_LABELS: "wontfix" + MERGE_MSG: "Branch was auto-updated." + RETRY_COUNT: "5" + RETRY_SLEEP: "300" + MERGE_CONFLICT_ACTION: "fail" diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml new file mode 100644 index 0000000..5ef8c3b --- /dev/null +++ b/.github/workflows/gitleaks.yml @@ -0,0 +1,18 @@ +name: gitleaks +on: + pull_request: + push: + workflow_dispatch: + schedule: + - cron: "0 4 * * *" # run once a day at 4 AM +jobs: + scan: + name: gitleaks + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 # v4 + with: + fetch-depth: 0 + - uses: gitleaks/gitleaks-action@v2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml new file mode 100644 index 0000000..ff0fb5c --- /dev/null +++ b/.github/workflows/labeler.yml @@ -0,0 +1,12 @@ +name: "Pull Request Labeler" +on: +- pull_request_target + +jobs: + triage: + runs-on: ubuntu-latest + steps: + - uses: actions/labeler@v5 + with: + repo-token: "${{ secrets.GITHUB_TOKEN }}" + sync-labels: true diff --git a/.github/workflows/mind-your-language.yml b/.github/workflows/mind-your-language.yml new file mode 100644 index 0000000..cb58a49 --- /dev/null +++ b/.github/workflows/mind-your-language.yml @@ -0,0 +1,25 @@ +name: Mind your language +on: + issues: + types: + - opened + - edited + issue_comment: + types: + - created + - edited + pull_request_review_comment: + types: + - created + - edited +jobs: + echo_issue_comment: + runs-on: ubuntu-latest + name: profanity check + steps: + - name: Checkout + uses: actions/checkout@v4 # v4 + - name: Profanity check step + uses: tailaiw/mind-your-language-action@v1.0.3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/size-label.yml b/.github/workflows/size-label.yml new file mode 100644 index 0000000..98037c6 --- /dev/null +++ b/.github/workflows/size-label.yml @@ -0,0 +1,10 @@ +name: size-label +on: pull_request +jobs: + size-label: + runs-on: ubuntu-latest + steps: + - name: size-label + uses: "pascalgn/size-label-action@v0.5.0" + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml new file mode 100644 index 0000000..c6d6134 --- /dev/null +++ b/.github/workflows/stale.yml @@ -0,0 +1,14 @@ +name: 'Close stale issues and PRs' +on: + schedule: + - cron: '30 1 * * *' + +jobs: + stale: + runs-on: ubuntu-latest + steps: + - uses: actions/stale@v9 + with: + stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.' + days-before-stale: 30 + days-before-close: 5 diff --git a/.github/workflows/trunk-check.yml b/.github/workflows/trunk-check.yml new file mode 100644 index 0000000..45de49c --- /dev/null +++ b/.github/workflows/trunk-check.yml @@ -0,0 +1,22 @@ +name: Trunk Check +on: [pull_request] +concurrency: + group: ${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +permissions: read-all + +jobs: + trunk_check: + name: Trunk Check Runner + runs-on: ubuntu-latest + permissions: + checks: write # For trunk to post annotations + contents: read # For repo checkout + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Trunk Check + uses: trunk-io/trunk-action@v1