Reenable spell checker (#150)

Enables the spell checker CI action again with a revised workflow. This
now uses `pull_request_target` for the action context, so that PRs from
forks can have comments posted on the PR.

The workflow broke previously because the `prerelease` branch was
force-pushed and the old pinned commit was removed. I'm keeping the
pinned commit since this is running with the `pull_request_target` event
because of security considerations, even if it may mean it breaks again
in the future. If that happens, most likely only the commit needs to be
updated.

As before, the reporting may be too verbose, in which case we need to
silence this a bit, but that can be changed over time.

Author: msimberg

.github/workflows/spelling.yaml

@@ -0,0 +1,61 @@
+name: Check Spelling
+
+# Based on example in https://github.com/check-spelling/spell-check-this.
+on:
+  push:
+    branches: ['main']
+  pull_request_target:
+    branches: ['main']
+    types: ['opened', 'reopened', 'synchronize']
+  issue_comment:
+    types: ['created']
+
+jobs:
+  spelling:
+    name: Check Spelling
+    permissions:
+      contents: read
+      pull-requests: write
+      actions: read
+      security-events: write
+    outputs:
+      followup: ${{ steps.spelling.outputs.followup }}
+    runs-on: ubuntu-latest
+    if: ${{ contains(github.event_name, 'pull_request') || github.event_name == 'push' }}
+    concurrency:
+      group: spelling-${{ github.event.pull_request.number || github.ref }}
+      cancel-in-progress: true
+    steps:
+    - name: check-spelling
+      id: spelling
+      uses: check-spelling/check-spelling@2d5f9dd9d2d43584d36e4ae03a3508eff411eda9
+      with:
+        suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && 1 }}
+        checkout: true
+        check_file_names: 0
+        post_comment: 1
+        use_magic_file: 1
+        warnings: bad-regex,binary-file,deprecated-feature,large-file,limited-references,no-newline-at-eof,noisy-file,non-alpha-in-dictionary,token-is-substring,unexpected-line-ending,whitespace-in-dictionary,minified-file,unsupported-configuration,no-files-to-check
+        use_sarif: ${{ (!github.event.pull_request || (github.event.pull_request.head.repo.full_name == github.repository)) && 1 }}
+        extra_dictionary_limit: 20
+        extra_dictionaries:
+          cspell:software-terms/dict/softwareTerms.txt
+          cspell:bash/dict/bash-words.txt
+          cspell:companies/dict/companies.txt
+          cspell:filetypes/filetypes.txt
+
+  comment-pr:
+    name: Check Spelling Report (PR)
+    runs-on: ubuntu-latest
+    needs: spelling
+    permissions:
+      actions: read
+      contents: read
+      pull-requests: write
+    if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request')
+    steps:
+    - name: comment
+      uses: check-spelling/check-spelling@2d5f9dd9d2d43584d36e4ae03a3508eff411eda9
+      with:
+        checkout: true
+        task: ${{ needs.spelling.outputs.followup }}

docs/accounts/account-create.md

@@ -38,7 +38,7 @@ After your password has been set, you will be redirected to a page where you log
 
 ![](../images/access/first-login.png)
 
-From here you will need to set up [multi-factor authentification][ref-mfa-configure-otp] (MFA).
+From here you will need to set up [multi-factor authentication][ref-mfa-configure-otp] (MFA).
 
 Once MFA has been configured, you will finally be redirected to the CSCS portal as shown:
 

docs/services/firecrest.md

@@ -21,7 +21,7 @@ Version 2 is faster, easier to use, and more efficient in resource management th
 
 !!! warning "Deprecation notice"
     If you're using **version 1**, we recommend you to port your applications to use the new version.
-    We will communicate soon the exact date of the decomission of version 1 (not before Quarter 4 of 2025).
+    We will communicate soon the exact date of the decommissioning of version 1 (not before Quarter 4 of 2025).
 
 === "Version 2"
 

docs/software/uenv/configure.md

@@ -55,6 +55,6 @@ By default, uenv will generate color output according to the following:
 The default repo location for downloaded uenv images.
 The repo is selected according to the following process:
 
-* if the `--repo` CLI arguement overrides 
+* if the `--repo` CLI argument is given, use that setting
 * else if `repo` is set in the config file, use that setting
 * else use the default value of `$SCRATCH/.uenv-images`

docs/software/uenv/deploy.md

@@ -106,11 +106,11 @@ However, it is not desirable to build every recipe on every possible target syst
 For example:
 
 * An ICON development environment would only be deployed on the weather and climate platform
-* A GROMACS recipe would not be deployed on the weather and climate platrofm
+* A GROMACS recipe would not be deployed on the weather and climate platform
 * Development builds only need to run on test and staging clusters
 
 A YAML file `config.yaml` is maintained in the [github.com/eth-cscs/alps-uenv](https://github.com/eth-cscs/alps-uenv/blob/main/config.yaml) repository that maps
-recipes to deployed versions on mucroarchitectures.
+recipes to deployed versions on microarchitectures.
 
 ### Permissions
 
@@ -215,13 +215,13 @@ However,
 * access to some packages is restricted by applying access rules to the package path
 * e.g. access to `uenv-sources/vasp` is restricted to members of the vasp6 group
 
-Permissons to acces restricted resources is set on a per-pipeline basis
+Permissions to access restricted resources is set on a per-pipeline basis
 
 * For example, only the `alps-uenv` pipeline has access to the VASP source code, while the [`uenv build`][ref-uenv-build] pipeline does not.
 
 | Package | Access | Path | Notes | Contact |
 |---------|--------|------|-------| ------- |
-| `cray-mpich` | anonymous | `uenv-sources/cray-mpich` | `cray-mpich`, `cray-gtl`, `cray-pals`, `cray-mpi` | Simon Pintarelli, Benjamin Comming|
+| `cray-mpich` | anonymous | `uenv-sources/cray-mpich` | `cray-mpich`, `cray-gtl`, `cray-pals`, `cray-mpi` | Simon Pintarelli, Benjamin Cumming|
 | `namd` | `uenv-sources-csstaff` | `uenv-sources/namd` | NAMD requires an account to download the source code | Rocco Meli |
 | `vasp` | `vasp6`, `cscs-uenv-admin` | `uenv-sources/vasp` | VASP requires a paid license to access source | Simon Frasch |
 | `vmd` | `uenv-sources-csstaff` | `uenv-sources/vmd` | VMD requires an account to download the source code | Alberto Invernizzi |

docs/storage/filesystems.md

@@ -317,7 +317,7 @@ A daily process removes files that have not been **accessed (either read or writ
 !!! warning "Do not artificially update the access time of files"
     It is not allowed to automatically or artificially update the access time of files to avoid the cleanup policy, and CSCS scans for these activities.
 
-    Please move data to a file system that is suitable for persistant storage instead.
+    Please move data to a file system that is suitable for persistent storage instead.
 
 In addition to the automatic deletion of old files, if occupancy exceeds 60% the following steps are taken to maintain performance of the file system: