GitHub repository check #6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GitHub Repository Archive Workflow | |
| # | |
| # Purpose: | |
| # Monitors and manages repository archival status, sending notifications | |
| # for inactive repositories based on configured thresholds. | |
| # | |
| # Triggers: | |
| # - schedule: Weekly on Sunday at midnight (00:00 UTC) | |
| # | |
| # Permissions: | |
| # - contents: read - Required for accessing repository metadata | |
| # | |
| # Jobs: | |
| # setup: | |
| # - Prepares the infrastructure and environment configuration | |
| # - Outputs: environment name and timezone for downstream jobs | |
| # | |
| # archive: | |
| # - Checks out the repository code | |
| # - Executes repository archival check | |
| # - Sends notifications via GOV.UK Notify for repositories approaching archival threshold | |
| # | |
| # Configuration: | |
| # - Environment: base (configurable via env vars) | |
| # - Timezone: Configurable via repository variables (TIMEZONE) | |
| # | |
| # Required Secrets: | |
| # - GITHUB_TOKEN: Automatically provided token for repository operations | |
| # - OCTO_GOV_NOTIFY_KEY: GOV.UK Notify API key for sending notifications | |
| # | |
| # Required Variables: | |
| # - TIMEZONE: Repository variable defining the timezone for operations | |
| # - ARCHIVAL_DAYS: Number of days of inactivity before archival consideration | |
| # - OCTO_NOTIFICATION_EMAIL: Email address for archival notifications | |
| # - ARCHIVAL_GOV_NOTIFY_TEMPLATE_ID: GOV.UK Notify template ID for notifications | |
| name: GitHub 🔎 | |
| run-name: GitHub repository check | |
| on: | |
| schedule: | |
| - cron: "0 0 * * 0" | |
| permissions: {} | |
| env: | |
| environment: base | |
| timezone: ${{ vars.TIMEZONE }} | |
| jobs: | |
| setup: | |
| name: Infrastructure 🔧 | |
| runs-on: ["ubuntu-latest"] | |
| outputs: | |
| environment: ${{ env.environment }} | |
| timezone: ${{ env.timezone }} | |
| steps: | |
| - name: Environment 🧪 | |
| run: echo "Environment set to ${{ env.environment }}" | |
| - name: Timezone 🌐 | |
| run: echo "Timezone set to ${{ env.timezone }}" | |
| archive: | |
| permissions: | |
| contents: read | |
| name: Archive ⚙️ | |
| runs-on: ["ubuntu-latest"] | |
| needs: setup | |
| environment: | |
| name: ${{ needs.setup.outputs.environment }} | |
| steps: | |
| - name: Repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Archive | |
| uses: ministryofjustice/devsecops-actions/github/repository/archive@f965eb1771ec66cfc41d7d57dc607fa6dfbc10ed # v1.4.0 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| archival-days: ${{ vars.ARCHIVAL_DAYS }} | |
| notification-email: "${{ vars.OCTO_NOTIFICATION_EMAIL }}" | |
| gov-notify-key: "${{ secrets.OCTO_GOV_NOTIFY_KEY }}" | |
| gov-notify-template-id: "${{ vars.ARCHIVAL_GOV_NOTIFY_TEMPLATE_ID }}" |