Refactor workflows (#10)

* Refactor workflows * Fix CI issues * Use generic token where possible
insightsengineering · Nov 13, 2021 · dbb18d8 · dbb18d8
1 parent 2dfb908
commit dbb18d8
Show file tree

Hide file tree

Showing 19 changed files with 393 additions and 290 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @insightsengineering/nest-automation
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
@@ -0,0 +1,10 @@
+# Contributing
+
+Thank you for your interest in contributing to this repo!
+
+Here are a few things you can do that will increase the likelihood of your pull request being accepted:
+
+- Ensure that the pull request is associated with an existing Github issue. If not, create a new issue that is associated with this change.
+- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
+- Complete the checklist and description while creating the pull request.
+- Write good commit messages.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,56 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: 'bug'
+assignees: ''
+
+---
+<!--
+**Thank you for wanting to report a bug!**
+
+
+⚠
+Verify first that your issue is not already reported on
+../search?q=is%3Aissue&type=issues.
+
+Also test if the latest main branch are affected too.
+-->
+
+
+**Summary**
+<!--
+Please briefly describe your problem and, when relevant, the output you expect.
+Please also provide the output of `utils::sessionInfo()` or
+`devtools::session_info()` at the end of your post.
+
+If at all possible, please include a minimal, reproducible
+example https://stackoverflow.com/questions/5963269/how-to-make-a-great-r-reproducible-example.
+-->
+
+Your brief description of the problem
+
+```r
+
+# your reproducible example here
+
+```
+
+**R session info**
+<!--
+Paste verbatim output from `R -e "utils::sessionInfo()"` below.
+-->
+
+```sh
+
+# R -e "utils::sessionInfo()" output goes here
+
+```
+
+**OS / Environment**
+<!--
+Provide all relevant information below, e.g. target OS versions, docker image, etc.
+-->
+
+- OS: [e.g. Windows 10, Ubuntu 20.04, Centos 8]
+- Docker Image [e.g. rocker/verse:4.1.0]
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,39 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: 'enhancement'
+assignees: ''
+
+---
+
+**Summary**
+<!--
+Describe the new feature/improvement you would like briefly below.
+
+
+What's the problem this feature will solve?
+
+What are you trying to do, that you are unable to achieve
+with this package as it currently stands?
+
+
+* Provide examples of real-world use cases that this would enable
+and how it solves the problem you described.
+
+* How do you solve this now?
+
+* Have you tried to work around the problem using other tools?
+
+* Could there be a different approach to solving this issue?
+-->
+
+As a [persona], I [want to], [so that].
+
+
+**Additional Information**
+<!--
+Describe how the feature would be used, why it is needed and what it would solve.
+
+**HINT:** You can paste https://gist.github.com links for larger files.
+-->
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,5 @@
+# Pull Request
+
+<!--- Replace `#nnn` with your issue link for reference. -->
+
+Fixes #nnn
diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
@@ -0,0 +1,56 @@
+name: Audit Dependencies 🕵️‍♀️
+
+on:
+  push:
+    branches:
+      - main
+      - pre-release
+  pull_request:
+    branches:
+      - main
+      - pre-release
+
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/insightsengineering/rstudio_4.1.0_bioc_3.13:latest
+    name: oysteR scan 🦪
+
+    steps:
+      - name: Checkout repo 🛎
+        uses: actions/checkout@v2
+
+      - name: Run oysteR scan on dependencies 🔍
+        run: |
+          dependencies_scan = oysteR::audit_description(
+            dir = ".",
+            fields = c("Depends", "Imports", "Suggests"),
+            verbose = TRUE
+          )
+          print(as.data.frame(
+            dependencies_scan[c(
+              "package",
+              "version",
+              "vulnerabilities",
+              "no_of_vulnerabilities"
+            )]
+          ))
+        shell: Rscript {0}
+
+      - name: Run oysteR scan on renv.lock 🔒
+        run: |
+          if (file.exists("renv.lock")) {
+            renv_lock_scan = oysteR::audit_renv_lock(dir = ".", verbose = TRUE)
+            print(as.data.frame(
+              renv_lock_scan[c(
+                "package",
+                "version",
+                "vulnerabilities",
+                "no_of_vulnerabilities"
+              )]
+            ))
+          } else {
+            print("No renv.lock file, not scanning.")
+          }
+        shell: Rscript {0}