Skip to content

test: add gh workflow for tiobe TICS static analysis reporting #6654

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
blackboxsw wants to merge 2 commits into
base: main
Choose a base branch
from
Open

test: add gh workflow for tiobe TICS static analysis reporting #6654

blackboxsw wants to merge 2 commits into from
+52 −0

Conversation

@blackboxsw
Copy link
Collaborator

@blackboxsw blackboxsw commented Jan 6, 2026

Process improvement moving some of our Tiobe TICS automation out of Jenkins and into GH actions.
Scheduling weekly reports from GH workflows will allow us to retire an internal cloud-init jenkins job.

Proposed Commit Message

test: add gh workflow for tiobe TICS static analysis reporting

Additional Context

Test Steps

Merge type

  • Squash merge using "Proposed Commit Message"
  • Rebase and merge unique commits. Requires commit messages per-commit each referencing the pull request number (#<PR_NUM>)

@blackboxsw blackboxsw requested a review from Copilot January 6, 2026 22:18
Copilot AI reviewed Jan 6, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a GitHub Actions workflow to automate weekly Tiobe TICS static analysis reporting, migrating this functionality from Jenkins to enable retirement of an internal Jenkins job.

Key changes:

  • Introduces a new weekly scheduled workflow for TICS static analysis
  • Configures the workflow to run on self-hosted runners with specific requirements
  • Sets up dependency installation, coverage generation, and TICS analysis execution

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@blackboxsw blackboxsw requested a review from holmanb January 6, 2026 22:20
holmanb
holmanb reviewed Jan 6, 2026
View reviewed changes
.github/workflows/weekly-tics.yml Outdated

- name: Coverage
run: |
make coverage
Copy link
Member

@holmanb holmanb Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

?

Copy link
Member

@holmanb holmanb Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No such make target exists in this repo.

Copy link
Collaborator Author

@blackboxsw blackboxsw Jan 7, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, I hadn't committed changes for this stage to create TICS coverage artifacts. I've adapted them now from our server-jenkins/cloud-init/other job Link corrected for server-jenkins-job

Copy link
Member

@holmanb holmanb Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, I hadn't committed changes for this stage to create TICS coverage artifacts. I've adapted them now from our server-jenkins/cloud-init/other job

wrong link?

Copy link
Collaborator Author

@blackboxsw blackboxsw Jan 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Link corrected for server-jenkins-job

@holmanb holmanb self-assigned this Jan 8, 2026
holmanb
holmanb requested changes Jan 8, 2026
View reviewed changes
Copy link
Member

@holmanb holmanb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the clarifications @blackboxsw. I just added more feedback.

.github/workflows/weekly-tics.yml
Comment on lines +39 to +42
- name: Generate TICS artifacts
run: |
mkdir .cover
python3 -m pytest --cov=cloudinit --cov-report=xml:.cover/coverage.xml || true
Copy link
Member

@holmanb holmanb Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the wrong file name.

Why are we installing tox but not using it? I suspect we might not need wireguard or ubuntu-dev-tools either. I'd say that we should use just tox or just the read-dependencies script, but not both. And I lean towards tox's simplicity over depending on a home-grown script but I'll leave it up to you.

.github/workflows/weekly-tics.yml
on:
workflow_dispatch:
schedule:
- cron: '17 5 * * 6' # Run at 5:17a (arbitrary) on Saturday
Copy link
Member

@holmanb holmanb Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In which timezone?

.github/workflows/weekly-tics.yml
Comment on lines +14 to +15
# Best practices per https://library.canonical.com/corporate-policies/
# information-security-policies/ssdlc/ssdlc---static-code-analysis
Copy link
Member

@holmanb holmanb Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the doc applies to the whole file the top of the file seems like a more appropriate location.

Can we please not break the link?

Including "Best practices per" is unnecessary: it doesn't add value over just the link.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@holmanb holmanb holmanb requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@holmanb holmanb

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@blackboxsw @holmanb