From 5a6ee4b2c88a8bb3f0d31749ac08819edee5b920 Mon Sep 17 00:00:00 2001 From: NetcrackerCLPLCI Date: Fri, 25 Apr 2025 12:44:27 +0000 Subject: [PATCH 1/3] chore: update of common workflows --- .github/workflows/automatic-pr-labeler.yaml | 45 +++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/automatic-pr-labeler.yaml diff --git a/.github/workflows/automatic-pr-labeler.yaml b/.github/workflows/automatic-pr-labeler.yaml new file mode 100644 index 0000000..b807867 --- /dev/null +++ b/.github/workflows/automatic-pr-labeler.yaml @@ -0,0 +1,45 @@ +--- + +# The workflow template for automatic PR labeler. +# It requires to have a configuration file with labels and conditions to apply them. +# The configuration file should be placed in the .github folder and named auto-labeler-config.yaml. +# Example file can be found there: +# https://github.com/Netcracker/.github/blob/main/config/examples/auto-labeler-config.yaml + +name: Automatic PR Labeler + +on: + pull_request: + branches: [main] + types: + [opened, reopened, synchronize] + +permissions: + pull-requests: write + contents: read + issues: write + +jobs: + assign-labels: + if: (github.event.pull_request.merged == false) && (github.event.pull_request.user.login != 'dependabot[bot]') && (github.event.pull_request.user.login != 'github-actions[bot]') + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: "Execute assign labels" + id: action-assign-labels + uses: mauroalderete/action-assign-labels@v1 + with: + pull-request-number: ${{ github.event.pull_request.number }} + github-token: ${{ github.token }} + conventional-commits: "./.github/auto-labeler-config.yaml" + maintain-labels-not-matched: true + apply-changes: ${{ github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }} + - name: "Drop warning if PR from fork" + if: ${{ github.event.pull_request.base.repo.id != github.event.pull_request.head.repo.id }} + run: | + { + echo "⚠️ Pull request from fork! ⚠️"; + echo "Labels will not be applied to PR. Assign them manually please."; + echo "Labels to assign: ${{ steps.action-assign-labels.outputs.labels-next }}"; + } >> $GITHUB_STEP_SUMMARY From d358a3bcbabe70e2e51dfad5a4c59fe22e188008 Mon Sep 17 00:00:00 2001 From: NetcrackerCLPLCI Date: Tue, 20 May 2025 09:20:40 +0000 Subject: [PATCH 2/3] chore: update of common workflows --- .github/workflows/cla.yaml | 32 +++++++++++ .github/workflows/link-checker.yaml | 21 ++++++++ .../workflows/pr-conventional-commits.yaml | 21 ++++++++ .github/workflows/pr-lint-title.yaml | 23 ++++++++ .github/workflows/profanity-filter.yaml | 29 ++++++++++ .github/workflows/super-linter.yaml | 53 +++++++++++++++++++ 6 files changed, 179 insertions(+) create mode 100644 .github/workflows/cla.yaml create mode 100644 .github/workflows/link-checker.yaml create mode 100644 .github/workflows/pr-conventional-commits.yaml create mode 100644 .github/workflows/pr-lint-title.yaml create mode 100644 .github/workflows/profanity-filter.yaml create mode 100644 .github/workflows/super-linter.yaml diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml new file mode 100644 index 0000000..f0d0505 --- /dev/null +++ b/.github/workflows/cla.yaml @@ -0,0 +1,32 @@ +--- +name: CLA Assistant +on: + issue_comment: + types: [created] + pull_request_target: + types: [opened, closed, synchronize] + +permissions: + actions: write + contents: read + pull-requests: write + statuses: write + +jobs: + CLAAssistant: + runs-on: ubuntu-latest + steps: + - name: "CLA Assistant" + if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' + uses: contributor-assistant/github-action@v2.6.1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ACCESS_TOKEN }} + with: + path-to-signatures: 'signatures/version1/cla.json' + path-to-document: 'https://github.com/Netcracker/qubership-github-workflows/blob/main/CLA/cla.md' + # branch should not be protected + branch: 'main' + allowlist: NetcrackerCLPLCI,web-flow,bot* + remote-repository-name: cla-storage + remote-organization-name: Netcracker diff --git a/.github/workflows/link-checker.yaml b/.github/workflows/link-checker.yaml new file mode 100644 index 0000000..ffd2459 --- /dev/null +++ b/.github/workflows/link-checker.yaml @@ -0,0 +1,21 @@ +--- +name: Link Checker + +on: + push: null + repository_dispatch: null + workflow_dispatch: null + +jobs: + linkChecker: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Link Checker + id: lychee + uses: lycheeverse/lychee-action@v2 + with: + args: --base . --verbose --no-progress './**/*.md' --accept 100..=103,200..=299,429 + format: markdown + fail: true diff --git a/.github/workflows/pr-conventional-commits.yaml b/.github/workflows/pr-conventional-commits.yaml new file mode 100644 index 0000000..1177d01 --- /dev/null +++ b/.github/workflows/pr-conventional-commits.yaml @@ -0,0 +1,21 @@ +--- + +name: Conventional Commits PR Check + +on: + pull_request: + types: + - opened + - edited + - synchronize + +permissions: + pull-requests: read +jobs: + build: + name: Conventional Commits + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: webiny/action-conventional-commits@v1.3.0 diff --git a/.github/workflows/pr-lint-title.yaml b/.github/workflows/pr-lint-title.yaml new file mode 100644 index 0000000..78bec8b --- /dev/null +++ b/.github/workflows/pr-lint-title.yaml @@ -0,0 +1,23 @@ +--- + +name: "Lint PR Title" + +on: + pull_request: + types: + - opened + - edited + - synchronize + - reopened + +permissions: + pull-requests: read + +jobs: + main: + name: Validate PR title + runs-on: ubuntu-latest + steps: + - uses: amannn/action-semantic-pull-request@v5 + env: + GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/workflows/profanity-filter.yaml b/.github/workflows/profanity-filter.yaml new file mode 100644 index 0000000..74926d3 --- /dev/null +++ b/.github/workflows/profanity-filter.yaml @@ -0,0 +1,29 @@ +--- +name: Profanity filter + +on: + issue_comment: + types: [created, edited] + issues: + types: [opened, edited, reopened] + pull_request: + types: [opened, edited, reopened] + +permissions: + issues: write + pull-requests: write + +jobs: + apply-filter: + runs-on: ubuntu-latest + steps: + - name: Scan issue or pull request for profanity + # Conditionally run the step if the actor isn't a bot + if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'github-actions[bot]' }} + uses: IEvangelist/profanity-filter@9.07 + id: profanity-filter + with: + token: ${{ secrets.GITHUB_TOKEN }} + # See https://bit.ly/potty-mouth-replacement-strategies + replacement-strategy: middle-asterisk # See Replacement strategy + custom-profane-words-url: https://github.com/Hesham-Elbadawi/list-of-banned-words/raw/refs/heads/master/ru diff --git a/.github/workflows/super-linter.yaml b/.github/workflows/super-linter.yaml new file mode 100644 index 0000000..da308b2 --- /dev/null +++ b/.github/workflows/super-linter.yaml @@ -0,0 +1,53 @@ +--- +# This workflow executes several linters on changed files based on languages used in your code base whenever +# you push a code or open a pull request. +# +# You can adjust the behavior by modifying this file. +# For more information, see: +# https://github.com/super-linter/super-linter +# Configuration file for super-linter example: +# .github/super-linter.env +# Configuration files for individual linters should be placed in .github/linters + +name: Lint Code Base + +on: + push: + branches: + - '**' + pull_request: + branches: + - '**' + workflow_dispatch: + inputs: + full_scan: + type: boolean + default: false + required: false + description: "Lint all codebase" +permissions: + contents: read + +jobs: + run-lint: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + # Full git history is needed to get a proper list of changed files within `super-linter` + fetch-depth: 0 + + - name: "Load super-linter environment file" + run: | + # shellcheck disable=2086 + if [ -f "./.github/super-linter.env" ]; then + grep "\S" ./.github/super-linter.env | grep -v "^#" + grep "\S" ./.github/super-linter.env | grep -v "^#" >> $GITHUB_ENV + fi + + - name: Lint Code Base + uses: super-linter/super-linter@v7 + env: + VALIDATE_ALL_CODEBASE: ${{ inputs.full_scan || false }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 3fd916e196e81acc37204de194624b9e2fb9b51c Mon Sep 17 00:00:00 2001 From: NetcrackerCLPLCI Date: Tue, 10 Jun 2025 09:33:28 +0000 Subject: [PATCH 3/3] chore: update of common workflows --- .github/workflows/link-checker.yaml | 3 +- .github/workflows/super-linter.yaml | 75 ++++++++++++++++++++++------- 2 files changed, 60 insertions(+), 18 deletions(-) diff --git a/.github/workflows/link-checker.yaml b/.github/workflows/link-checker.yaml index ffd2459..4656d06 100644 --- a/.github/workflows/link-checker.yaml +++ b/.github/workflows/link-checker.yaml @@ -5,7 +5,8 @@ on: push: null repository_dispatch: null workflow_dispatch: null - +permissions: + contents: read jobs: linkChecker: runs-on: ubuntu-latest diff --git a/.github/workflows/super-linter.yaml b/.github/workflows/super-linter.yaml index da308b2..23fa115 100644 --- a/.github/workflows/super-linter.yaml +++ b/.github/workflows/super-linter.yaml @@ -29,25 +29,66 @@ permissions: contents: read jobs: + prepare-configs: + runs-on: ubuntu-latest + steps: + - name: "Get the common linters configuration" + uses: actions/checkout@v4 + with: + ref: main # fix/superlinter-config + repository: netcracker/.github + sparse-checkout: | + config/linters + - name: "Upload the common linters configsuration" + uses: actions/upload-artifact@v4 + with: + name: linter-config + path: "${{ github.workspace }}/config" + include-hidden-files: true run-lint: + needs: [prepare-configs] runs-on: ubuntu-latest + permissions: + contents: read + packages: read + # To report GitHub Actions status checks + statuses: write steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - # Full git history is needed to get a proper list of changed files within `super-linter` - fetch-depth: 0 + - name: Checkout code + uses: actions/checkout@v4 + with: + # Full git history is needed to get a proper list of changed files within `super-linter` + fetch-depth: 0 + - name: "Get the common linters configuration" + uses: actions/download-artifact@v4 + id: download + with: + name: linter-config + path: /tmp/linter-config + - name: "Apply the common linters configuration" + if: ${{ steps.download.outputs.download-path != '' }} + run: | + mkdir -p ./.github/linters + cp --update=none -vR /tmp/linter-config/linters/* ./.github/linters - - name: "Load super-linter environment file" - run: | - # shellcheck disable=2086 - if [ -f "./.github/super-linter.env" ]; then - grep "\S" ./.github/super-linter.env | grep -v "^#" - grep "\S" ./.github/super-linter.env | grep -v "^#" >> $GITHUB_ENV - fi + - name: "Load super-linter environment file" + shell: bash + run: | + # shellcheck disable=2086 + if [ -f "${GITHUB_WORKSPACE}/.github/super-linter.env" ]; then + echo "Applying local linter environment:" + grep "\S" ${GITHUB_WORKSPACE}/.github/super-linter.env | grep -v "^#" + grep "\S" ${GITHUB_WORKSPACE}/.github/super-linter.env | grep -v "^#" >> $GITHUB_ENV + elif [ -f "/tmp/linter-config/linters/super-linter.env" ]; then + echo "::warning:: Local linter environment file .github/super-linter.env is not found" + echo "Applying common linter environment:" + grep "\S" /tmp/linter-config/linters/super-linter.env | grep -v "^#" + grep "\S" /tmp/linter-config/linters/super-linter.env | grep -v "^#" >> $GITHUB_ENV + fi - - name: Lint Code Base - uses: super-linter/super-linter@v7 - env: - VALIDATE_ALL_CODEBASE: ${{ inputs.full_scan || false }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Lint Code Base + uses: super-linter/super-linter/slim@v7.3.0 + env: + VALIDATE_ALL_CODEBASE: ${{ inputs.full_scan || false }} + # To report GitHub Actions status checks + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}