Move to the reusable GitHub Actions setup

cmmakerclub · Nov 6, 2021 · d52b2e1 · d52b2e1
1 parent aed5e7a
commit d52b2e1
Show file tree

Hide file tree

Showing 11 changed files with 59 additions and 238 deletions.
diff --git a/.github/workflows/node-persist-ignore.js → .github/node-persist-ignore.js b/.github/workflows/node-persist-ignore.js → .github/node-persist-ignore.js
diff --git a/.github/workflows/beta-release.yml b/.github/workflows/beta-release.yml
@@ -0,0 +1,31 @@
+name: Node-CI Beta
+
+on:
+  push:
+    branches: [beta-*.*.*, beta]
+  workflow_dispatch:
+
+jobs:
+  build_and_test:
+    uses: homebridge/.github/.github/workflows/nodejs-build-and-test.yml@main
+    with:
+      enable_coverage: true
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
+  lint:
+    needs: build_and_test
+    uses: homebridge/.github/.github/workflows/eslint.yml@main
+
+  publish:
+    needs: lint
+
+    if: ${{ secrests.npm_token != null }}
+
+    uses: homebridge/.github/.github/workflows/npm-publish.yml@main
+    with:
+      tag: 'beta'
+      dynamically_adjust_version: true
+      npm_version_command: 'pre'
+      pre_id: 'beta'
+    secrets:
+      npm_auth_token: ${{ secrets.npm_token }}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,18 @@
+name: Node Build
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  build_and_test:
+    uses: homebridge/.github/.github/workflows/nodejs-build-and-test.yml@main
+    with:
+      enable_coverage: true
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
+  lint:
+    needs: build_and_test
+    uses: homebridge/.github/.github/workflows/eslint.yml@main
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -2,55 +2,12 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ master, beta ]
+    branches: [ master, beta* ]
   pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ master, beta ]
+    branches: [ master, beta* ]
   schedule:
     - cron: '44 16 * * 5'
 
 jobs:
   analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
-        # Learn more:
-        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+    uses: homebridge/.github/.github/workflows/codeql-analysis.yml@main
diff --git a/.github/workflows/nodejs-beta.yml b/.github/workflows/nodejs-beta.yml
diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml
diff --git a/.github/workflows/prerelease.js b/.github/workflows/prerelease.js
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
@@ -7,23 +7,6 @@ on:
 
 jobs:
   stale:
-
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-      pull-requests: write
-
-    steps:
-      - uses: actions/stale@v3
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          stale-issue-label: 'stale'
-          exempt-issue-labels: pinned,security,long running,discussion,vision
-          stale-issue-message: 'This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.'
-          close-issue-message: 'This issue has been closed as no further activity has occurred.'
-          days-before-issue-stale: 30
-          days-before-issue-close: 5
-
-          # disabling stale bot for PRs
-          days-before-pr-close: -1
-          days-before-pr-stale: -1
+    uses: homebridge/.github/.github/workflows/stale.yml@main
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -10,7 +10,8 @@
 
 * **Node 10 LTS:** `HAP-NodeJS` has a minimum Node version requirement of 10.17.0.
     Pull requests MUST NOT require a Node version greater than that unless the feature is
-    enabled/backported via [TypeScript][link-typescript].
+    enabled/backported via [TypeScript][link-typescript]. If a higher version requirement may be justified
+  you SHALL include your reasoning in the pull request discussion.
 
 * **Add tests:** All pull requests SHOULD include unit tests to ensure the change works as
     expected and to prevent regressions.

diff --git a/SECURITY.md b/SECURITY.md
@@ -6,7 +6,7 @@ We want to ensure that `HAP-NodeJS` is secure for everyone. If you've discovered
 we appreciate your help in disclosing it to us in a [responsible manner][link-responsible-disclosure].
 
 Publicly disclosing a vulnerability can put the entire community at risk. If you've discovered a security concern,
-please email us at [mail@anderl-bauer.de](mailto:mail@anderl-bauer.de) with [SECURITY] in the subject line.
+please email us at [homebridge-security@andi-bauer.com](mailto:homebridge-security@andi-bauer.com) with [SECURITY] in the subject line.
 We'll work with you to make sure we understand the scope of the issue, and that we fully address your concern.
 We consider correspondence sent to this email address our highest priority,
 and work to address any issues that arise as quickly as possible.

diff --git a/package.json b/package.json
@@ -12,7 +12,7 @@
   "license": "Apache-2.0",
   "scripts": {
     "clean": "rimraf dist && rimraf coverage",
-    "build": "rimraf dist && tsc && node .github/workflows/node-persist-ignore.js",
+    "build": "rimraf dist && tsc && node .github/node-persist-ignore.js",
     "prepublishOnly": "npm run build",
     "postpublish": "npm run clean",
     "test": "jest",