From e75d7cfae77d7f4e540468d6f89ae446268f397f Mon Sep 17 00:00:00 2001 From: ReenigneArcher <42013603+ReenigneArcher@users.noreply.github.com> Date: Mon, 9 Jun 2025 21:44:40 -0400 Subject: [PATCH] feat(workflows): use-workflow_call-events --- .flake8 | 1 + .github/label-actions.yml | 49 ------------- .github/semantic.yml | 1 + .github/workflows/README.md | 11 +++ .../{codeql.yml => __call-codeql.yml} | 20 ++---- ...common-lint.yml => __call-common-lint.yml} | 14 ++-- .../{ci-docker.yml => __call-docker.yml} | 33 +++++---- ...tifier.yml => __call-release-notifier.yml} | 20 +++--- .github/workflows/__call-update-changelog.yml | 25 +++++++ ...update-docs.yml => __call-update-docs.yml} | 34 ++++----- ...epo.yml => __call-update-flathub-repo.yml} | 29 +++----- ...se.yml => __call-update-homebrew-repo.yml} | 33 +++++---- ...repo.yml => __call-update-pacman-repo.yml} | 33 +++------ ...ease.yml => __call-update-winget-repo.yml} | 19 +++-- ...plicator.yml => __cla-gist-replicator.yml} | 0 ...replicator.yml => __global-replicator.yml} | 39 ++++++----- .../{issues-stale.yml => __issues-stale.yml} | 0 ...or.yml => __renovate-config-validator.yml} | 0 .../{social-post.yml => __social-post.yml} | 0 .github/workflows/_codeql.yml | 30 ++++++++ .github/workflows/_common-lint.yml | 27 +++++++ .github/workflows/_docker.yml | 38 ++++++++++ .github/workflows/_release-notifier.yml | 23 ++++++ ...te-changelog.yml => _update-changelog.yml} | 20 ++---- .github/workflows/_update-docs.yml | 34 +++++++++ .github/workflows/_update-flathub-repo.yml | 29 ++++++++ .github/workflows/_update-homebrew-repo.yml | 31 ++++++++ .github/workflows/_update-pacman-repo.yml | 29 ++++++++ .github/workflows/_update-winget-repo.yml | 29 ++++++++ .github/workflows/issues.yml | 30 -------- .github/workflows/patch_missing_releases.yml | 70 ------------------- 31 files changed, 430 insertions(+), 321 deletions(-) delete mode 100644 .github/label-actions.yml create mode 100644 .github/workflows/README.md rename .github/workflows/{codeql.yml => __call-codeql.yml} (94%) rename .github/workflows/{common-lint.yml => __call-common-lint.yml} (96%) rename .github/workflows/{ci-docker.yml => __call-docker.yml} (95%) rename .github/workflows/{release-notifier.yml => __call-release-notifier.yml} (89%) create mode 100644 .github/workflows/__call-update-changelog.yml rename .github/workflows/{update-docs.yml => __call-update-docs.yml} (78%) rename .github/workflows/{update-flathub-repo.yml => __call-update-flathub-repo.yml} (89%) rename .github/workflows/{update-homebrew-release.yml => __call-update-homebrew-repo.yml} (71%) rename .github/workflows/{update-pacman-repo.yml => __call-update-pacman-repo.yml} (80%) rename .github/workflows/{update-winget-release.yml => __call-update-winget-repo.yml} (87%) rename .github/workflows/{cla-gist-replicator.yml => __cla-gist-replicator.yml} (100%) rename .github/workflows/{global-replicator.yml => __global-replicator.yml} (92%) rename .github/workflows/{issues-stale.yml => __issues-stale.yml} (100%) rename .github/workflows/{renovate-config-validator.yml => __renovate-config-validator.yml} (100%) rename .github/workflows/{social-post.yml => __social-post.yml} (100%) create mode 100644 .github/workflows/_codeql.yml create mode 100644 .github/workflows/_common-lint.yml create mode 100644 .github/workflows/_docker.yml create mode 100644 .github/workflows/_release-notifier.yml rename .github/workflows/{update-changelog.yml => _update-changelog.yml} (52%) create mode 100644 .github/workflows/_update-docs.yml create mode 100644 .github/workflows/_update-flathub-repo.yml create mode 100644 .github/workflows/_update-homebrew-repo.yml create mode 100644 .github/workflows/_update-pacman-repo.yml create mode 100644 .github/workflows/_update-winget-repo.yml delete mode 100644 .github/workflows/issues.yml delete mode 100644 .github/workflows/patch_missing_releases.yml diff --git a/.flake8 b/.flake8 index 2ea73951..a8948ef1 100644 --- a/.flake8 +++ b/.flake8 @@ -3,4 +3,5 @@ filename = *.py max-line-length = 120 extend-exclude = + .venv/ venv/ diff --git a/.github/label-actions.yml b/.github/label-actions.yml deleted file mode 100644 index 653cf860..00000000 --- a/.github/label-actions.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -# This file is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# Configuration for Label Actions - https://github.com/dessant/label-actions - -added: - comment: > - This feature has been added and will be available in the next release. -fixed: - comment: > - This issue has been fixed and will be available in the next release. -invalid:duplicate: - comment: > - :wave: @{issue-author}, this appears to be a duplicate of a pre-existing issue. - close: true - lock: true - unlabel: 'status:awaiting-triage' - --invalid:duplicate: - reopen: true - unlock: true - -invalid:support: - comment: > - :wave: @{issue-author}, we use the issue tracker exclusively for bug reports. - However, this issue appears to be a support request. Please use our - [Support Center](https://app.lizardbyte.dev/support) for support issues. Thanks. - close: true - lock: true - lock-reason: 'off-topic' - unlabel: 'status:awaiting-triage' - --invalid:support: - reopen: true - unlock: true - -invalid:template-incomplete: - issues: - comment: > - :wave: @{issue-author}, please edit your issue to complete the template with - all the required info. Your issue will be automatically closed in 5 days if - the template is not completed. Thanks. - prs: - comment: > - :wave: @{issue-author}, please edit your PR to complete the template with - all the required info. Your PR will be automatically closed in 5 days if - the template is not completed. Thanks. diff --git a/.github/semantic.yml b/.github/semantic.yml index b5eb70d0..92d97a74 100644 --- a/.github/semantic.yml +++ b/.github/semantic.yml @@ -12,3 +12,4 @@ titleAndCommits: false anyCommit: false allowMergeCommits: false allowRevertCommits: false +targetUrl: https://docs.lizardbyte.dev/latest/developers/contributing.html#creating-a-pull-request diff --git a/.github/workflows/README.md b/.github/workflows/README.md new file mode 100644 index 00000000..d9b4eaa9 --- /dev/null +++ b/.github/workflows/README.md @@ -0,0 +1,11 @@ +# LizardByte org workflows + +Files prefixed with `__` are only used in the `.github` repository and not replicated to other repositories; +however some of they may be called from other workflows. + +Workflows that can be called from other repositories are prefixed with `__call-` and are not replicated +to other repositories. They also have an accompanying workflow named `_.yml` that is replicated to the +respective repositories. + +Workflows that prefixed with a single `_` are replicated to other repositories and this indicates +that the workflow should not be modified when inside the other repositories. diff --git a/.github/workflows/codeql.yml b/.github/workflows/__call-codeql.yml similarity index 94% rename from .github/workflows/codeql.yml rename to .github/workflows/__call-codeql.yml index 24a4945e..319432cb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/__call-codeql.yml @@ -1,27 +1,19 @@ --- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - # This workflow will analyze all supported languages in the repository using CodeQL Analysis. -name: "CodeQL" +name: CodeQL (called) permissions: contents: read on: - push: - branches: - - master pull_request: branches: - master - schedule: - - cron: '00 12 * * 0' # every Sunday at 12:00 UTC - -concurrency: - group: "${{ github.workflow }}-${{ github.ref }}" - cancel-in-progress: true + types: + - opened + - synchronize + - reopened + workflow_call: jobs: languages: diff --git a/.github/workflows/common-lint.yml b/.github/workflows/__call-common-lint.yml similarity index 96% rename from .github/workflows/common-lint.yml rename to .github/workflows/__call-common-lint.yml index 7d72a16f..32d53c56 100644 --- a/.github/workflows/common-lint.yml +++ b/.github/workflows/__call-common-lint.yml @@ -1,11 +1,8 @@ --- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. +# This workflow will lint the code in the repository using various tools. Most linting tools in LizardByte +# should be included in this workflow; however there are cases where that is not true, such as with eslint. -# Common linting. - -name: common lint +name: common lint (called) permissions: contents: read @@ -17,10 +14,7 @@ on: - opened - synchronize - reopened - -concurrency: - group: "${{ github.workflow }}-${{ github.ref }}" - cancel-in-progress: true + workflow_call: jobs: lint: diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/__call-docker.yml similarity index 95% rename from .github/workflows/ci-docker.yml rename to .github/workflows/__call-docker.yml index d307d369..031aacc9 100644 --- a/.github/workflows/ci-docker.yml +++ b/.github/workflows/__call-docker.yml @@ -1,8 +1,4 @@ --- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - # This workflow is intended to work with all our organization Docker projects. A readme named `DOCKER_README.md` # will be used to update the description on Docker hub. @@ -18,7 +14,7 @@ # `true` to build in two steps, stopping at `artifacts` build stage and extracting the image from there to the # GitHub runner. -name: CI Docker +name: Docker (called) permissions: contents: read @@ -30,14 +26,23 @@ on: - opened - synchronize - reopened - push: - branches: - - master - workflow_dispatch: - -concurrency: - group: "${{ github.workflow }}-${{ github.ref }}" - cancel-in-progress: true + workflow_call: + secrets: + DOCKER_HUB_USERNAME: + description: 'Docker Hub username to use for the workflow.' + required: false + DOCKER_HUB_ACCESS_TOKEN: + description: 'Docker Hub access token to use for the workflow.' + required: false + GH_BOT_NAME: + description: 'GitHub bot name to use for the workflow.' + required: false + GH_BOT_TOKEN: + description: 'GitHub bot token to use for the workflow.' + required: false + GH_TOKEN: + description: 'GitHub token to use for the workflow.' + required: false jobs: check_dockerfiles: @@ -126,7 +131,7 @@ jobs: uses: LizardByte/setup-release-action@v2025.426.225 with: dotnet: ${{ needs.check_dockerfiles.outputs.dotnet }} - github_token: ${{ secrets.GITHUB_TOKEN }} + github_token: ${{ secrets.GH_TOKEN }} docker: name: Docker${{ matrix.tag }} diff --git a/.github/workflows/release-notifier.yml b/.github/workflows/__call-release-notifier.yml similarity index 89% rename from .github/workflows/release-notifier.yml rename to .github/workflows/__call-release-notifier.yml index d724abf3..bfcf0568 100644 --- a/.github/workflows/release-notifier.yml +++ b/.github/workflows/__call-release-notifier.yml @@ -1,18 +1,14 @@ --- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# Create a blog post for a new release and open a PR to the blog repo - -name: Release Notifications +name: Release Notifications (called) permissions: contents: read on: - release: - types: - - released # this triggers when a release is published, but does not include pre-releases or drafts + workflow_call: + secrets: + GH_TOKEN: + description: 'GitHub token to use for the workflow.' + required: true jobs: update-blog: @@ -111,7 +107,7 @@ jobs: steps.check-release.outputs.isLatestRelease == 'true' uses: peter-evans/create-pull-request@v7 with: - token: ${{ secrets.GH_BOT_TOKEN }} + token: ${{ secrets.GH_TOKEN }} commit-message: | chore: Add blog post for ${{ github.event.repository.name }} release ${{ github.event.release.tag_name }} branch: bot/add-${{ github.event.repository.name }}-${{ github.event.release.tag_name }} @@ -124,7 +120,7 @@ jobs: - name: Automerge PR env: - GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} if: >- steps.check-label.outputs.hasTopic == 'true' && steps.check-release.outputs.isLatestRelease == 'true' diff --git a/.github/workflows/__call-update-changelog.yml b/.github/workflows/__call-update-changelog.yml new file mode 100644 index 00000000..9a429f8e --- /dev/null +++ b/.github/workflows/__call-update-changelog.yml @@ -0,0 +1,25 @@ +--- +# Update changelog on release events. + +name: Update changelog (called) +permissions: + contents: read + +on: + workflow_call: + secrets: + GH_TOKEN: + description: 'GitHub token to use for the workflow.' + required: true + +jobs: + update-changelog: + name: Update Changelog + runs-on: ubuntu-latest + steps: + - name: Update Changelog + uses: LizardByte/update-changelog-action@v2025.426.173858 + with: + changelogBranch: changelog + changelogFile: CHANGELOG.md + token: ${{ secrets.GH_TOKEN }} diff --git a/.github/workflows/update-docs.yml b/.github/workflows/__call-update-docs.yml similarity index 78% rename from .github/workflows/update-docs.yml rename to .github/workflows/__call-update-docs.yml index 04e1e903..a9211556 100644 --- a/.github/workflows/update-docs.yml +++ b/.github/workflows/__call-update-docs.yml @@ -1,32 +1,24 @@ --- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# To use, add the `rtd` repository label to identify repositories that should trigger this workflow. -# If the project slug is not the repository name, add a repository variable named `READTHEDOCS_SLUG` with the value of -# the ReadTheDocs project slug. - -# Update readthedocs on release events. - -name: Update docs +name: Update docs (called) permissions: {} on: - release: - types: - - created - - edited - - deleted - -concurrency: - group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" - cancel-in-progress: true + workflow_call: + inputs: + readthedocs_slug: + description: 'Read the Docs project slug (defaults to repository name in lowercase)' + required: false + type: string + default: '' + secrets: + READTHEDOCS_TOKEN: + description: 'Read the Docs API token with write access to the project' + required: true jobs: update-docs: env: - RTD_SLUG: ${{ vars.READTHEDOCS_SLUG }} + RTD_SLUG: ${{ inputs.READTHEDOCS_SLUG }} RTD_TOKEN: ${{ secrets.READTHEDOCS_TOKEN }} TAG: ${{ github.event.release.tag_name }} if: >- diff --git a/.github/workflows/update-flathub-repo.yml b/.github/workflows/__call-update-flathub-repo.yml similarity index 89% rename from .github/workflows/update-flathub-repo.yml rename to .github/workflows/__call-update-flathub-repo.yml index b1004cb1..0998f632 100644 --- a/.github/workflows/update-flathub-repo.yml +++ b/.github/workflows/__call-update-flathub-repo.yml @@ -1,33 +1,22 @@ --- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# To use, add the `flathub-pkg` repository label to identify repositories that should trigger this workflow. - -# Update Flathub on release events. - -name: Update flathub repo +name: Update Flathub repo (called) permissions: contents: read on: - release: - types: - - released - -concurrency: - group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" - cancel-in-progress: true + workflow_call: + secrets: + GH_TOKEN: + description: 'GitHub token to use for the workflow.' + required: true jobs: update-flathub-repo: env: FLATHUB_PKG: dev.lizardbyte.app.${{ github.event.repository.name }} - if: github.repository_owner == 'LizardByte' runs-on: ubuntu-latest steps: - - name: Check if flathub repo + - name: Check if Flathub repo id: check-label env: TOPIC: flathub-pkg @@ -164,7 +153,7 @@ jobs: uses: peter-evans/create-pull-request@v7 with: path: "flathub/${{ env.FLATHUB_PKG }}" - token: ${{ secrets.GH_BOT_TOKEN }} + token: ${{ secrets.GH_TOKEN }} commit-message: "chore: Update ${{ env.FLATHUB_PKG }} to ${{ github.event.release.tag_name }}" branch: bot/bump-${{ env.FLATHUB_PKG }}-${{ github.event.release.tag_name }} delete-branch: true @@ -173,7 +162,7 @@ jobs: - name: Automerge PR env: - GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} if: >- steps.check-label.outputs.hasTopic == 'true' && steps.check-release.outputs.isLatestRelease == 'true' && diff --git a/.github/workflows/update-homebrew-release.yml b/.github/workflows/__call-update-homebrew-repo.yml similarity index 71% rename from .github/workflows/update-homebrew-release.yml rename to .github/workflows/__call-update-homebrew-repo.yml index 10e03d59..c7d30096 100644 --- a/.github/workflows/update-homebrew-release.yml +++ b/.github/workflows/__call-update-homebrew-repo.yml @@ -1,28 +1,27 @@ --- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# To use, add the `homebrew-pkg` repository label to identify repositories that should trigger this workflow. - -# Update Homebrew on release events. - -name: Update Homebrew release +name: Update Homebrew repo (called) permissions: contents: read on: - release: - types: - - released + workflow_call: + secrets: + GH_EMAIL: + description: 'Email address for git commits' + required: true + GH_TOKEN: + description: 'GitHub token to use for the workflow.' + required: true + GH_USERNAME: + description: 'Username for git commits' + required: true concurrency: group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" cancel-in-progress: true jobs: - update-homebrew-release: - if: github.repository_owner == 'LizardByte' + update-homebrew-repo: runs-on: ubuntu-latest steps: - name: Check if Homebrew repo @@ -66,8 +65,8 @@ jobs: uses: LizardByte/homebrew-release-action@v2025.506.15440 with: formula_file: ${{ fromJson(steps.download.outputs.downloaded_files)[0] }} - git_email: ${{ secrets.GH_BOT_EMAIL }} - git_username: ${{ secrets.GH_BOT_NAME }} + git_email: ${{ secrets.GH_EMAIL }} + git_username: ${{ secrets.GH_USERNAME }} publish: true - token: ${{ secrets.GH_BOT_TOKEN }} + token: ${{ secrets.GH_TOKEN }} validate: false diff --git a/.github/workflows/update-pacman-repo.yml b/.github/workflows/__call-update-pacman-repo.yml similarity index 80% rename from .github/workflows/update-pacman-repo.yml rename to .github/workflows/__call-update-pacman-repo.yml index a0fd8183..b4ca61b0 100644 --- a/.github/workflows/update-pacman-repo.yml +++ b/.github/workflows/__call-update-pacman-repo.yml @@ -1,28 +1,17 @@ --- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# To use, add the `pacman-pkg` repository label to identify repositories that should trigger this workflow. - -# Update pacman repo on release events. - -name: Update pacman repo +name: Update pacman repo (called) permissions: contents: read on: - release: - types: - - released - -concurrency: - group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" - cancel-in-progress: true + workflow_call: + secrets: + GH_TOKEN: + description: 'GitHub token to use for the workflow.' + required: true jobs: update-homebrew-release: - if: github.repository_owner == 'LizardByte' runs-on: ubuntu-latest steps: - name: Check if pacman repo @@ -73,8 +62,7 @@ jobs: if: >- steps.check-label.outputs.hasTopic == 'true' && steps.check-release.outputs.isLatestRelease == 'true' - run: | - echo "pkg_name=$(echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT + run: echo "pkg_name=$(echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT - name: Download release asset id: download @@ -96,8 +84,7 @@ jobs: steps.check-label.outputs.hasTopic == 'true' && steps.check-release.outputs.isLatestRelease == 'true' && fromJson(steps.download.outputs.downloaded_files)[0] - run: | - rm -f "pkgbuilds/${{ steps.prep.outputs.pkg_name }}" + run: rm -f "pkgbuilds/${{ steps.prep.outputs.pkg_name }}" - name: Create/Update Pull Request id: create-pr @@ -109,7 +96,7 @@ jobs: with: add-paths: | pkgbuilds/* - token: ${{ secrets.GH_BOT_TOKEN }} + token: ${{ secrets.GH_TOKEN }} commit-message: "chore: Update ${{ github.repository }} to ${{ github.event.release.tag_name }}" branch: bot/bump-${{ github.repository }}-${{ github.event.release.tag_name }} delete-branch: true @@ -121,7 +108,7 @@ jobs: - name: Automerge PR env: - GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} if: >- steps.check-label.outputs.hasTopic == 'true' && steps.check-release.outputs.isLatestRelease == 'true' && diff --git a/.github/workflows/update-winget-release.yml b/.github/workflows/__call-update-winget-repo.yml similarity index 87% rename from .github/workflows/update-winget-release.yml rename to .github/workflows/__call-update-winget-repo.yml index 860f086f..f3623009 100644 --- a/.github/workflows/update-winget-release.yml +++ b/.github/workflows/__call-update-winget-repo.yml @@ -7,22 +7,19 @@ # Update Winget on release events. -name: Update Winget release +name: Update Winget repo (called) permissions: contents: read on: - release: - types: - - released - -concurrency: - group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" - cancel-in-progress: true + workflow_call: + secrets: + GH_TOKEN: + description: 'GitHub token to use for the workflow.' + required: true jobs: - update-winget-release: - if: github.repository_owner == 'LizardByte' + update-winget-repo: runs-on: ubuntu-latest steps: - name: Check if Winget repo @@ -68,4 +65,4 @@ jobs: identifier: "${{ github.repository_owner }}.${{ github.event.repository.name }}" release-tag: ${{ github.event.release.tag_name }} installers-regex: '\.exe$' - token: ${{ secrets.GH_BOT_TOKEN }} + token: ${{ secrets.GH_TOKEN }} diff --git a/.github/workflows/cla-gist-replicator.yml b/.github/workflows/__cla-gist-replicator.yml similarity index 100% rename from .github/workflows/cla-gist-replicator.yml rename to .github/workflows/__cla-gist-replicator.yml diff --git a/.github/workflows/global-replicator.yml b/.github/workflows/__global-replicator.yml similarity index 92% rename from .github/workflows/global-replicator.yml rename to .github/workflows/__global-replicator.yml index d86d51eb..cbead3c1 100644 --- a/.github/workflows/global-replicator.yml +++ b/.github/workflows/__global-replicator.yml @@ -46,17 +46,29 @@ jobs: committer_email: ${{ secrets.GH_BOT_EMAIL }} patterns_to_ignore: '' patterns_to_remove: >- + .github/label-actions.yml, .github/pr_release_template.md, .github/workflows/auto-create-pr.yml, .github/workflows/automerge.yml, .github/workflows/autoupdate.yml, .github/workflows/autoupdate-labeler.yml, + .github/workflows/ci-docker.yml, .github/workflows/ci-qodana.yml, + .github/workflows/codeql.yml, + .github/workflows/common-lint.yml, .github/workflows/cpp-lint.yml, .github/workflows/dispatcher.yml, + .github/workflows/issues.yml .github/workflows/issues-stale.yml, .github/workflows/pull-requests.yml, .github/workflows/python-flake8.yml, + .github/workflows/release-notifier.yml, + .github/workflows/update-changelog.yml, + .github/workflows/update-docs.yml, + .github/workflows/update-flathub-repo.yml, + .github/workflows/update-homebrew-release.yml, + .github/workflows/update-pacman-repo.yml, + .github/workflows/update-winget-release.yml, .github/workflows/yaml-lint.yml, qodana-dotnet.yaml, qodana-js.yaml, @@ -83,16 +95,9 @@ jobs: patterns_to_ignore: '' patterns_to_include: >- .github/dependabot.yml, - .github/label-actions.yml, - .github/pr_release_template.md, .github/semantic.yml, - .github/workflows/auto-create-pr.yml, - .github/workflows/automerge.yml, - .github/workflows/autoupdate.yml, - .github/workflows/autoupdate-labeler.yml, - .github/workflows/codeql.yml, - .github/workflows/common-lint.yml, - .github/workflows/issues.yml + .github/workflows/_codeql.yml, + .github/workflows/_common-lint.yml topics_to_include: '' exclude_private: false exclude_forked: false @@ -112,7 +117,7 @@ jobs: committer_email: ${{ secrets.GH_BOT_EMAIL }} patterns_to_ignore: '' patterns_to_include: >- - .github/workflows/update-docs.yml + .github/workflows/_update-docs.yml topics_to_include: 'rtd' exclude_private: false exclude_forked: false @@ -132,7 +137,7 @@ jobs: committer_email: ${{ secrets.GH_BOT_EMAIL }} patterns_to_ignore: '' patterns_to_include: >- - .github/workflows/update-flathub-repo.yml + .github/workflows/_update-flathub-repo.yml topics_to_include: 'flathub-pkg' exclude_private: false exclude_forked: false @@ -152,7 +157,7 @@ jobs: committer_email: ${{ secrets.GH_BOT_EMAIL }} patterns_to_ignore: '' patterns_to_include: >- - .github/workflows/update-homebrew-release.yml + .github/workflows/_update-homebrew-repo.yml topics_to_include: 'homebrew-pkg' exclude_private: false exclude_forked: false @@ -172,7 +177,7 @@ jobs: committer_email: ${{ secrets.GH_BOT_EMAIL }} patterns_to_ignore: '' patterns_to_include: >- - .github/workflows/update-pacman-repo.yml + .github/workflows/_update-pacman-repo.yml topics_to_include: 'pacman-pkg' exclude_private: false exclude_forked: false @@ -192,7 +197,7 @@ jobs: committer_email: ${{ secrets.GH_BOT_EMAIL }} patterns_to_ignore: '' patterns_to_include: >- - .github/workflows/update-winget-release.yml + .github/workflows/_update-winget-repo.yml topics_to_include: 'winget-pkg' exclude_private: false exclude_forked: false @@ -232,7 +237,7 @@ jobs: committer_email: ${{ secrets.GH_BOT_EMAIL }} patterns_to_ignore: '' patterns_to_include: >- - .github/workflows/ci-docker.yml + .github/workflows/_docker.yml topics_to_include: 'docker' exclude_private: false exclude_forked: false @@ -293,8 +298,8 @@ jobs: committer_email: ${{ secrets.GH_BOT_EMAIL }} patterns_to_ignore: '' patterns_to_include: >- - .github/workflows/release-notifier.yml, - .github/workflows/update-changelog.yml + .github/workflows/_release-notifier.yml, + .github/workflows/_update-changelog.yml topics_to_include: 'replicator-release-notifications' exclude_private: false exclude_forked: false diff --git a/.github/workflows/issues-stale.yml b/.github/workflows/__issues-stale.yml similarity index 100% rename from .github/workflows/issues-stale.yml rename to .github/workflows/__issues-stale.yml diff --git a/.github/workflows/renovate-config-validator.yml b/.github/workflows/__renovate-config-validator.yml similarity index 100% rename from .github/workflows/renovate-config-validator.yml rename to .github/workflows/__renovate-config-validator.yml diff --git a/.github/workflows/social-post.yml b/.github/workflows/__social-post.yml similarity index 100% rename from .github/workflows/social-post.yml rename to .github/workflows/__social-post.yml diff --git a/.github/workflows/_codeql.yml b/.github/workflows/_codeql.yml new file mode 100644 index 00000000..cfa961cb --- /dev/null +++ b/.github/workflows/_codeql.yml @@ -0,0 +1,30 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +name: CodeQL +permissions: + actions: read + contents: read + security-events: write + +on: + push: + branches: + - master + pull_request: + branches: + - master + schedule: + - cron: '00 12 * * 0' # every Sunday at 12:00 UTC + +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: true + +jobs: + call-codeql: + name: CodeQL + uses: LizardByte/.github/.github/workflows/__call-codeql.yml@master + if: ${{ github.repository != 'LizardByte/.github' }} diff --git a/.github/workflows/_common-lint.yml b/.github/workflows/_common-lint.yml new file mode 100644 index 00000000..7c317130 --- /dev/null +++ b/.github/workflows/_common-lint.yml @@ -0,0 +1,27 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +name: common lint +permissions: + contents: read + +on: + pull_request: + branches: + - master + types: + - opened + - synchronize + - reopened + +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: true + +jobs: + lint: + name: Common Lint + uses: LizardByte/.github/.github/workflows/__call-common-lint.yml@master + if: ${{ github.repository != 'LizardByte/.github' }} diff --git a/.github/workflows/_docker.yml b/.github/workflows/_docker.yml new file mode 100644 index 00000000..82f0ab25 --- /dev/null +++ b/.github/workflows/_docker.yml @@ -0,0 +1,38 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +name: Docker +permissions: + contents: write + packages: write + +on: + pull_request: + branches: + - master + types: + - opened + - synchronize + - reopened + push: + branches: + - master + workflow_dispatch: + +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: true + +jobs: + call-docker: + name: Docker + uses: LizardByte/.github/.github/workflows/__call-docker.yml@master + if: ${{ github.repository != 'LizardByte/.github' }} + secrets: + DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }} + DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + GH_BOT_NAME: ${{ secrets.GH_BOT_NAME }} + GH_BOT_TOKEN: ${{ secrets.GH_BOT_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/_release-notifier.yml b/.github/workflows/_release-notifier.yml new file mode 100644 index 00000000..b32da784 --- /dev/null +++ b/.github/workflows/_release-notifier.yml @@ -0,0 +1,23 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# Create a blog post for a new release and open a PR to the blog repo + +name: Release Notifications +permissions: + contents: read + +on: + release: + types: + - released # this triggers when a release is published, but does not include pre-releases or drafts + +jobs: + update-blog: + name: Update blog + uses: LizardByte/.github/.github/workflows/__call-release-notifier.yml@master + if: github.repository_owner == 'LizardByte' + secrets: + GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} diff --git a/.github/workflows/update-changelog.yml b/.github/workflows/_update-changelog.yml similarity index 52% rename from .github/workflows/update-changelog.yml rename to .github/workflows/_update-changelog.yml index 35ed0b93..283e7770 100644 --- a/.github/workflows/update-changelog.yml +++ b/.github/workflows/_update-changelog.yml @@ -1,10 +1,8 @@ --- -# This workflow is centrally managed in https://github.com//.github/ +# This workflow is centrally managed in https://github.com/LizardByte/.github/ # Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in # the above-mentioned repo. -# Update changelog on release events. - name: Update changelog permissions: contents: read @@ -24,14 +22,10 @@ concurrency: jobs: update-changelog: name: Update Changelog + uses: LizardByte/.github/.github/workflows/__call-update-changelog.yml@master if: >- - github.event_name == 'workflow_dispatch' || - (!github.event.release.prerelease && !github.event.release.draft) - runs-on: ubuntu-latest - steps: - - name: Update Changelog - uses: LizardByte/update-changelog-action@v2025.426.173858 - with: - changelogBranch: changelog - changelogFile: CHANGELOG.md - token: ${{ secrets.GH_BOT_TOKEN }} + github.repository_owner == 'LizardByte' && + (github.event_name == 'workflow_dispatch' || + (!github.event.release.prerelease && !github.event.release.draft)) + secrets: + GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} diff --git a/.github/workflows/_update-docs.yml b/.github/workflows/_update-docs.yml new file mode 100644 index 00000000..6dd66c55 --- /dev/null +++ b/.github/workflows/_update-docs.yml @@ -0,0 +1,34 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `rtd` repository label to identify repositories that should trigger this workflow. +# If the project slug is not the repository name, add a repository variable named `READTHEDOCS_SLUG` with the value of +# the ReadTheDocs project slug. + +# Update readthedocs on release events. + +name: Update docs +permissions: {} + +on: + release: + types: + - created + - edited + - deleted + +concurrency: + group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" + cancel-in-progress: true + +jobs: + update-docs: + name: Update docs + uses: LizardByte/.github/.github/workflows/__call-update-docs.yml@master + if: github.repository_owner == 'LizardByte' + with: + readthedocs_slug: ${{ vars.READTHEDOCS_SLUG }} + secrets: + READTHEDOCS_TOKEN: ${{ secrets.READTHEDOCS_TOKEN }} diff --git a/.github/workflows/_update-flathub-repo.yml b/.github/workflows/_update-flathub-repo.yml new file mode 100644 index 00000000..1f4ba3c7 --- /dev/null +++ b/.github/workflows/_update-flathub-repo.yml @@ -0,0 +1,29 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `flathub-pkg` repository label to identify repositories that should trigger this workflow. + +# Update Flathub on release events. + +name: Update Flathub repo +permissions: + contents: read + +on: + release: + types: + - released + +concurrency: + group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" + cancel-in-progress: true + +jobs: + update-flathub-repo: + name: Update Flathub Repo + uses: LizardByte/.github/.github/workflows/__call-update-flathub-repo.yml@master + if: github.repository_owner == 'LizardByte' + secrets: + GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} diff --git a/.github/workflows/_update-homebrew-repo.yml b/.github/workflows/_update-homebrew-repo.yml new file mode 100644 index 00000000..947c7872 --- /dev/null +++ b/.github/workflows/_update-homebrew-repo.yml @@ -0,0 +1,31 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `homebrew-pkg` repository label to identify repositories that should trigger this workflow. + +# Update Homebrew on release events. + +name: Update Homebrew repo +permissions: + contents: read + +on: + release: + types: + - released + +concurrency: + group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" + cancel-in-progress: true + +jobs: + update-homebrew-repo: + name: Update Homebrew repo + uses: LizardByte/.github/.github/workflows/__call-update-homebrew-repo.yml@master + if: github.repository_owner == 'LizardByte' + secrets: + GH_EMAIL: ${{ secrets.GH_BOT_EMAIL }} + GH_USERNAME: ${{ secrets.GH_BOT_NAME }} + GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} diff --git a/.github/workflows/_update-pacman-repo.yml b/.github/workflows/_update-pacman-repo.yml new file mode 100644 index 00000000..c62b34a4 --- /dev/null +++ b/.github/workflows/_update-pacman-repo.yml @@ -0,0 +1,29 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `pacman-pkg` repository label to identify repositories that should trigger this workflow. + +# Update pacman repo on release events. + +name: Update pacman repo +permissions: + contents: read + +on: + release: + types: + - released + +concurrency: + group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" + cancel-in-progress: true + +jobs: + update-homebrew-release: + name: Update pacman repo + uses: LizardByte/.github/.github/workflows/__call-update-pacman-repo.yml@master + if: github.repository_owner == 'LizardByte' + secrets: + GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} diff --git a/.github/workflows/_update-winget-repo.yml b/.github/workflows/_update-winget-repo.yml new file mode 100644 index 00000000..1cac56bf --- /dev/null +++ b/.github/workflows/_update-winget-repo.yml @@ -0,0 +1,29 @@ +--- +# This workflow is centrally managed in https://github.com/LizardByte/.github/ +# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in +# the above-mentioned repo. + +# To use, add the `winget-pkg` repository label to identify repositories that should trigger this workflow. + +# Update Winget on release events. + +name: Update Winget repo +permissions: + contents: read + +on: + release: + types: + - released + +concurrency: + group: "${{ github.workflow }}-${{ github.event.release.tag_name }}" + cancel-in-progress: true + +jobs: + update-winget-repo: + name: Update Winget repo + uses: LizardByte/.github/.github/workflows/__call-update-winget-repo.yml@master + if: github.repository_owner == 'LizardByte' + secrets: + GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} diff --git a/.github/workflows/issues.yml b/.github/workflows/issues.yml deleted file mode 100644 index 5bd4e881..00000000 --- a/.github/workflows/issues.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# This workflow is centrally managed in https://github.com//.github/ -# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in -# the above-mentioned repo. - -# Label and un-label actions using `../label-actions.yml`. - -name: Issues -permissions: {} - -on: - issues: - types: - - labeled - - unlabeled - discussion: - types: - - labeled - - unlabeled - -jobs: - label: - name: Label Actions - if: startsWith(github.repository, 'LizardByte/') - runs-on: ubuntu-latest - steps: - - name: Label Actions - uses: dessant/label-actions@v4 - with: - github-token: ${{ secrets.GH_BOT_TOKEN }} diff --git a/.github/workflows/patch_missing_releases.yml b/.github/workflows/patch_missing_releases.yml deleted file mode 100644 index 77be163f..00000000 --- a/.github/workflows/patch_missing_releases.yml +++ /dev/null @@ -1,70 +0,0 @@ ---- -# GitHub releases made by @LizardByte-bot were hidden from the GitHub UI and API endpoint `/releases` -# on 1/23/2024. The releases can still be accessed at their own URL, and API endpoint. - -# It was discovered that the releases will re-appear if they are manually "edited". - -name: Patch Missing Releases -permissions: {} - -on: - workflow_dispatch: - -jobs: - patch_missing_releases: - name: Patch Missing Releases - runs-on: ubuntu-latest - steps: - - name: Patch - uses: actions/github-script@v7 - with: - github-token: ${{ secrets.GH_BOT_TOKEN }} - script: | - // get all repos in the org - console.log(`Getting repos for org: ${context.repo.owner}`) - const repos_opts = github.rest.repos.listForOrg.endpoint.merge({ - org: context.repo.owner, - }) - const repos = await github.paginate(repos_opts) - console.log(`Found ${repos.length} repos`) - - // iterate over repos - for (const repo of repos) { - console.log('--------------------------') - console.log(`Updating releases for repo: ${repo.name}`) - - // tags still exist and they match releases - // get all tags for the repo - console.log(`Getting tags for repo: ${repo.name}`) - const tags_opts = github.rest.repos.listTags.endpoint.merge({ - owner: context.repo.owner, - repo: repo.name - }) - const tags = await github.paginate(tags_opts) - console.log(`Found ${tags.length} tags`) - - // iterate over tags - for (const tag of tags) { - console.log(`Updating release for tag: ${tag.name}`) - - // get release for tag - console.log(`Getting release for tag: ${tag.name}`) - try { - const release = await github.rest.repos.getReleaseByTag({ - owner: context.repo.owner, - repo: repo.name, - tag: tag.name - }) - - // edit the release (without making any changes) - console.log(`Editing release for tag: ${tag.name}`) - await github.rest.repos.updateRelease({ - owner: context.repo.owner, - repo: repo.name, - release_id: release.data.id, - }) - } catch (error) { - console.log(`No release found for tag: ${tag.name}`) - } - } - }