From 68eca89e29ed3457217ce713c87339e659fb811c Mon Sep 17 00:00:00 2001 From: chris3ware <36608309+chris3ware@users.noreply.github.com> Date: Wed, 4 Sep 2024 14:30:47 +0100 Subject: [PATCH 1/8] ci(replication): Add workflow to replicate files --- .github/workflows/file_replication.yaml | 47 +++++++++++++++++++++++++ commitlint.config.js | 45 +++++++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 .github/workflows/file_replication.yaml create mode 100644 commitlint.config.js diff --git a/.github/workflows/file_replication.yaml b/.github/workflows/file_replication.yaml new file mode 100644 index 0000000..c10ec12 --- /dev/null +++ b/.github/workflows/file_replication.yaml @@ -0,0 +1,47 @@ +name: Replicate Files + +on: + workflow_dispatch: {} + push: + branches: [main] + +permissions: {} + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref }} + cancel-in-progress: true + +jobs: + get-temp-token: + uses: 3ware/workflows/.github/workflows/get-workflow-token.yaml@57a900982a56bebaf91e660a56adb7f021690d15 # v4.0.0 + secrets: inherit + + replicate-files: + runs-on: ubuntu-latest + timeout-minutes: 30 + needs: [get-temp-token] + steps: + - name: Decrypt the installation access token + id: decrypt-token + run: | + DECRYPTED_TOKEN=$(gpg --decrypt --quiet --batch --passphrase "$KEY" \ + --output - <(echo "${{ needs.get-temp-token.outputs.temp-token }}" \ + | base64 --decode)) + echo "::add-mask::$DECRYPTED_TOKEN" + echo "temp-token=$DECRYPTED_TOKEN" >> $GITHUB_OUTPUT + env: + KEY: ${{ secrets.PGP_SECRET_SIGNING_PASSPHRASE }} + + - name: Checkout repository + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + with: + token: ${{ steps.decrypt-token.outputs.temp-token }} + + - name: Replicate files + uses: derberg/manage-files-in-multiple-repositories@beecbe897cf5ed7f3de5a791a3f2d70102fe7c25 # v2 + with: + github_token: ${{ steps.decrypt-token.outputs.temp-token }} + patterns_to_include: '.releaserc.json' + exclude_private: true + exclude_forked: true + repos_to_ignore: 'workflows,www-src' diff --git a/commitlint.config.js b/commitlint.config.js new file mode 100644 index 0000000..1d06751 --- /dev/null +++ b/commitlint.config.js @@ -0,0 +1,45 @@ +module.exports = { + rules: { + "body-leading-blank": [1, "always"], + "body-max-line-length": [2, "always", 72], + "footer-leading-blank": [1, "always"], + "footer-max-line-length": [2, "always", 72], + "header-max-length": [2, "always", 72], + "scope-case": [2, "always", "lower-case"], + "scope-empty": [1, "never"], + "scope-enum": [ + 1, + "always", + [ + "commitlint", + "pr-check", + "release", + "trunk", + "replicate" + ], + ], + //"signed-off-by": [1, "always", "Signed-off-by:"], + "subject-case": [1, "always", "sentence-case"], + "subject-empty": [2, "never"], + "subject-full-stop": [2, "never", "."], + "type-case": [2, "always", "lower-case"], + "type-empty": [2, "never"], + "type-enum": [ + 2, + "always", + [ + "build", + "chore", + "ci", + "docs", + "feat", + "fix", + "perf", + "refactor", + "revert", + "style", + "test", + ], + ], + }, +}; From 9b357aca98fbeb622200da81c49f7a466dbfc1aa Mon Sep 17 00:00:00 2001 From: chris3ware <36608309+chris3ware@users.noreply.github.com> Date: Wed, 4 Sep 2024 14:33:09 +0100 Subject: [PATCH 2/8] chore(.github): Add repository files --- .editorconfig | 18 ++++++++++++++ .releaserc.json | 57 ++++++++++++++++++++++++++++++++++++++++++++ CODEOWNERS | 1 + commitlint.config.js | 5 ++-- 4 files changed, 79 insertions(+), 2 deletions(-) create mode 100644 .editorconfig create mode 100644 .releaserc.json create mode 100644 CODEOWNERS diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..098e8f2 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,18 @@ +# EditorConfig is awesome: https://EditorConfig.org + +# top-most EditorConfig file +root = true + +# Default settings +[*] +indent_style = space +indent_size = 2 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true + +# Do not trim trailing whitespace on Markdown files as double space can be used +# for a newline +[*.md] +trim_trailing_whitespace = false diff --git a/.releaserc.json b/.releaserc.json new file mode 100644 index 0000000..02bcbcd --- /dev/null +++ b/.releaserc.json @@ -0,0 +1,57 @@ +{ + "branches": ["main"], + "plugins": [ + [ + "@semantic-release/commit-analyzer", + { + "preset": "conventionalcommits", + "releaseRules": [ + { "breaking": true, "release": "major" }, + { "type": "refactor", "release": "minor" }, + { "type": "chore", "scope": "deps", "release": "patch" } + ] + } + ], + [ + "@semantic-release/release-notes-generator", + { + "preset": "conventionalcommits", + "presetConfig": { + "types": [ + { "type": "refactor", "section": "Enhancement", "hidden": false }, + { "type": "feat", "section": "Features", "hidden": false }, + { "type": "fix", "section": "Bug Fixes", "hidden": false }, + { + "type": "chore", + "scope": "deps", + "section": "Chores", + "hidden": false + } + ] + } + } + ], + [ + "@semantic-release/github", + { + "successComment": "This ${issue.pull_request ? 'PR is included' : 'issue has been resolved'} in version ${nextRelease.version}", + "labels": false, + "releasedLabels": false + } + ], + [ + "@semantic-release/changelog", + { + "changelogFile": "CHANGELOG.md", + "changelogTitle": "# Changelog\n\nAll notable changes to this project will be documented in this file." + } + ], + [ + "@semantic-release/git", + { + "assets": ["CHANGELOG.md"], + "message": "chore(release): version ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" + } + ] + ] +} diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..1e329c1 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1 @@ +* @3ware/repo-maintainers diff --git a/commitlint.config.js b/commitlint.config.js index 1d06751..406231e 100644 --- a/commitlint.config.js +++ b/commitlint.config.js @@ -12,10 +12,11 @@ module.exports = { "always", [ "commitlint", + ".github", "pr-check", "release", - "trunk", - "replicate" + "replicate", + "trunk" ], ], //"signed-off-by": [1, "always", "Signed-off-by:"], From 662e4a483024b87951d8c7f05c0e0a1d7ea2cfb0 Mon Sep 17 00:00:00 2001 From: chris3ware <36608309+chris3ware@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:03:22 +0100 Subject: [PATCH 3/8] chore(.github): Move files to .github directory --- CODEOWNERS => .github/CODEOWNERS | 0 README.md => .github/README.md | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename CODEOWNERS => .github/CODEOWNERS (100%) rename README.md => .github/README.md (100%) diff --git a/CODEOWNERS b/.github/CODEOWNERS similarity index 100% rename from CODEOWNERS rename to .github/CODEOWNERS diff --git a/README.md b/.github/README.md similarity index 100% rename from README.md rename to .github/README.md From 7c7f44661669937288c55ccc14f6821e495ce11a Mon Sep 17 00:00:00 2001 From: chris3ware <36608309+chris3ware@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:04:15 +0100 Subject: [PATCH 4/8] chore(.github): Move SECURITY.md to docs folder To differentiate which files apply to this repo and files that should be shared with all repos. --- SECURITY.md => docs/SECURITY.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename SECURITY.md => docs/SECURITY.md (100%) diff --git a/SECURITY.md b/docs/SECURITY.md similarity index 100% rename from SECURITY.md rename to docs/SECURITY.md From 9705739bdf8b23907d9003df16b313b6f4e7817a Mon Sep 17 00:00:00 2001 From: chris3ware <36608309+chris3ware@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:05:34 +0100 Subject: [PATCH 5/8] chore(.github): Remove file replication workflow Doesn't work with a GitHub App token. Fails to push. --- .github/workflows/file_replication.yaml | 47 -------------------- .releaserc.json | 57 ------------------------- 2 files changed, 104 deletions(-) delete mode 100644 .github/workflows/file_replication.yaml delete mode 100644 .releaserc.json diff --git a/.github/workflows/file_replication.yaml b/.github/workflows/file_replication.yaml deleted file mode 100644 index c10ec12..0000000 --- a/.github/workflows/file_replication.yaml +++ /dev/null @@ -1,47 +0,0 @@ -name: Replicate Files - -on: - workflow_dispatch: {} - push: - branches: [main] - -permissions: {} - -concurrency: - group: ${{ github.workflow }}-${{ github.head_ref }} - cancel-in-progress: true - -jobs: - get-temp-token: - uses: 3ware/workflows/.github/workflows/get-workflow-token.yaml@57a900982a56bebaf91e660a56adb7f021690d15 # v4.0.0 - secrets: inherit - - replicate-files: - runs-on: ubuntu-latest - timeout-minutes: 30 - needs: [get-temp-token] - steps: - - name: Decrypt the installation access token - id: decrypt-token - run: | - DECRYPTED_TOKEN=$(gpg --decrypt --quiet --batch --passphrase "$KEY" \ - --output - <(echo "${{ needs.get-temp-token.outputs.temp-token }}" \ - | base64 --decode)) - echo "::add-mask::$DECRYPTED_TOKEN" - echo "temp-token=$DECRYPTED_TOKEN" >> $GITHUB_OUTPUT - env: - KEY: ${{ secrets.PGP_SECRET_SIGNING_PASSPHRASE }} - - - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - with: - token: ${{ steps.decrypt-token.outputs.temp-token }} - - - name: Replicate files - uses: derberg/manage-files-in-multiple-repositories@beecbe897cf5ed7f3de5a791a3f2d70102fe7c25 # v2 - with: - github_token: ${{ steps.decrypt-token.outputs.temp-token }} - patterns_to_include: '.releaserc.json' - exclude_private: true - exclude_forked: true - repos_to_ignore: 'workflows,www-src' diff --git a/.releaserc.json b/.releaserc.json deleted file mode 100644 index 02bcbcd..0000000 --- a/.releaserc.json +++ /dev/null @@ -1,57 +0,0 @@ -{ - "branches": ["main"], - "plugins": [ - [ - "@semantic-release/commit-analyzer", - { - "preset": "conventionalcommits", - "releaseRules": [ - { "breaking": true, "release": "major" }, - { "type": "refactor", "release": "minor" }, - { "type": "chore", "scope": "deps", "release": "patch" } - ] - } - ], - [ - "@semantic-release/release-notes-generator", - { - "preset": "conventionalcommits", - "presetConfig": { - "types": [ - { "type": "refactor", "section": "Enhancement", "hidden": false }, - { "type": "feat", "section": "Features", "hidden": false }, - { "type": "fix", "section": "Bug Fixes", "hidden": false }, - { - "type": "chore", - "scope": "deps", - "section": "Chores", - "hidden": false - } - ] - } - } - ], - [ - "@semantic-release/github", - { - "successComment": "This ${issue.pull_request ? 'PR is included' : 'issue has been resolved'} in version ${nextRelease.version}", - "labels": false, - "releasedLabels": false - } - ], - [ - "@semantic-release/changelog", - { - "changelogFile": "CHANGELOG.md", - "changelogTitle": "# Changelog\n\nAll notable changes to this project will be documented in this file." - } - ], - [ - "@semantic-release/git", - { - "assets": ["CHANGELOG.md"], - "message": "chore(release): version ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" - } - ] - ] -} From ab1c3235153506ce13f53567ce81244467dc7c07 Mon Sep 17 00:00:00 2001 From: chris3ware <36608309+chris3ware@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:10:13 +0100 Subject: [PATCH 6/8] ci(pr-check): Add new workflow --- .github/workflows/delete-workflow-run.yaml | 28 ++++++++++++++++++++++ .github/workflows/pr-check.yaml | 14 +++++++++++ 2 files changed, 42 insertions(+) create mode 100644 .github/workflows/delete-workflow-run.yaml create mode 100644 .github/workflows/pr-check.yaml diff --git a/.github/workflows/delete-workflow-run.yaml b/.github/workflows/delete-workflow-run.yaml new file mode 100644 index 0000000..3555976 --- /dev/null +++ b/.github/workflows/delete-workflow-run.yaml @@ -0,0 +1,28 @@ +name: Delete old workflow runs +on: + schedule: + - cron: 0 0 1 * * + workflow_call: {} + +# Disable permissions for all available scopes +permissions: {} + +concurrency: + group: ${{ github.workflow }}-${{ github.repository }} + cancel-in-progress: true + +jobs: + delete-workflow-run: + permissions: + actions: write + contents: read + runs-on: ubuntu-latest + timeout-minutes: 30 + steps: + - name: Delete workflow runs + uses: Mattraks/delete-workflow-runs@39f0bbed25d76b34de5594dceab824811479e5de # v2.0.6 + with: + token: ${{ github.token }} + repository: ${{ github.repository }} + retain_days: 90 + keep_minimum_runs: 14 diff --git a/.github/workflows/pr-check.yaml b/.github/workflows/pr-check.yaml new file mode 100644 index 0000000..290356b --- /dev/null +++ b/.github/workflows/pr-check.yaml @@ -0,0 +1,14 @@ +name: PR Check +on: + pull_request: + types: [opened, edited, synchronize] + +# Disable permissions for all available scopes +permissions: {} + +jobs: + validate-pr-title: + name: Validate PR title + permissions: + pull-requests: write + uses: 3ware/workflows/.github/workflows/pr-title.yaml@5cf20b3ba1cfdbe501dd2595dfb4ade9360641d8 # v3.1.0 From 814c2cf201e48083f9ee5ac5f9360410a052e941 Mon Sep 17 00:00:00 2001 From: chris3ware <36608309+chris3ware@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:10:47 +0100 Subject: [PATCH 7/8] ci(commitlint): Remove scope --- commitlint.config.js | 1 - 1 file changed, 1 deletion(-) diff --git a/commitlint.config.js b/commitlint.config.js index 406231e..badfc8e 100644 --- a/commitlint.config.js +++ b/commitlint.config.js @@ -15,7 +15,6 @@ module.exports = { ".github", "pr-check", "release", - "replicate", "trunk" ], ], From d9872842f68d1ece17461f51ff9eff86ee7392f4 Mon Sep 17 00:00:00 2001 From: chris3ware <36608309+chris3ware@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:11:33 +0100 Subject: [PATCH 8/8] docs(.github): Add new lines to end of README files --- .github/README.md | 2 +- profile/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/README.md b/.github/README.md index 752e35d..a60da7d 100644 --- a/.github/README.md +++ b/.github/README.md @@ -2,4 +2,4 @@ The main purpose of this repository is to host the README file for the 3ware GitHub page. -It is also used for hosting files that can be shared to all 3ware repositories. \ No newline at end of file +It is also used for hosting files that can be shared to all 3ware repositories. diff --git a/profile/README.md b/profile/README.md index cc36441..33189c3 100644 --- a/profile/README.md +++ b/profile/README.md @@ -2,4 +2,4 @@ Welcome to the 3ware GitHub profile. -Here we share some code for the projects we've been working on, including managing our own website with Hugo and GitHub Pages, reusable GitHub Actions and managing our repositories with terraform / opentofu. \ No newline at end of file +Here we share some code for the projects we've been working on, including managing our own website with Hugo and GitHub Pages, reusable GitHub Actions and managing our repositories with terraform / opentofu.