Initial commit

Author: simonbeaudoin0935

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,38 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Desktop (please complete the following information):**
+ - OS: [e.g. iOS]
+ - Browser [e.g. chrome, safari]
+ - Version [e.g. 22]
+
+**Smartphone (please complete the following information):**
+ - Device: [e.g. iPhone6]
+ - OS: [e.g. iOS8.1]
+ - Browser [e.g. stock browser, safari]
+ - Version [e.g. 22]
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/PULL_REQUEST_TEMPLATE/pr_template.md

@@ -0,0 +1,27 @@
+## Pull Request
+
+**Description**
+A clear and concise description of what this pull request does.
+
+**Related Issue**
+Link to the issue that this pull request addresses (e.g., `Fixes #123`).
+
+**Type of Change**
+Please delete options that are not relevant.
+- Bug fix (non-breaking change which fixes an issue)
+- New feature (non-breaking change which adds functionality)
+- Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- Documentation update
+
+**Checklist**
+- [ ] My code follows the style guidelines of this project
+- [ ] I have performed a self-review of my own code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
+- [ ] Any dependent changes have been merged and published in downstream modules
+
+**Additional Context**
+Add any other context or screenshots about the pull request here.

.github/actions/build_container/action.yml

@@ -0,0 +1,41 @@
+name: Builds the container and chroots
+description: |
+  This Github Actions builds the container and sets up the chroot environment for building packages for noble and questing.
+
+inputs:
+
+  arch:
+    description: The architecture to build for. Ex amd64, arm64, etc
+    required: true
+
+  push-to-ghcr:
+    description: Whether to push the built image to GitHub Container Registry
+    required: true
+    default: "true"
+
+  token:
+    description: PAT token
+    required: true
+
+  username:
+    description: Username for the PAT token
+    required: true
+
+runs:
+  using: "composite"
+  
+  steps:
+
+    - name: Build noble and questing containers
+      shell: bash
+      run: ./docker_deb_build.py --rebuild
+
+    - name: Push to GHCR
+      if: ${{inputs.push-to-ghcr}} == 'true'
+      shell: bash
+      run: |
+        echo ${{inputs.token}} | docker login ghcr.io -u ${{inputs.username}} --password-stdin
+        docker push ghcr.io/${{env.QCOM_ORG_NAME}}/${{env.IMAGE_NAME}}:${{inputs.arch}}-noble
+        docker push ghcr.io/${{env.QCOM_ORG_NAME}}/${{env.IMAGE_NAME}}:${{inputs.arch}}-questing
+
+

.github/dependabots.yaml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions" # See documentation for possible values
+    directory: "/" # This points to .github/workflows
+    schedule:
+      interval: "daily"

.github/workflows/Readme.md

@@ -0,0 +1,6 @@
+# List of workflows and actions
+This folder contains workflows that are helpful for maintaining a smooth and secure development process. The workflows should be enabled for open-source projects.
+
+Workflows:
+1. `qcom-preflight-checks.yml` - This workflow runs several preflight checks, including copyight, email, repolinter, and security checks.  See [qualcomm/qcom-actions](https://github.com/qualcomm/qcom-actions)
+2. `stale-issues.yaml` - This workflow will periodically run every 30 days to check for stalled issues and PRs. If the workflow detects any stalled issues and/or PRs, it will automatically leave just a comment to draw attention.

.github/workflows/qcom-container-build-and-upload.yml

@@ -0,0 +1,75 @@
+name: Container Build And Upload
+description: |
+  Builds and uploads to GHCR (GitHub Container Registry) the container used to build the Qualcomm debian packages.
+  This workflow will assumes the build architecture is amd64 (x86_64) since the github's 'ubuntu-latest' runs-on tag
+  is used. Using docker's buildx, the Dockerfile in this repo's docker/ folder will be built for amd64 and cross-compiled
+  for arm64.
+
+on:
+  schedule:
+    # Runs at 00:00 UTC every Monday
+    - cron: '0 0 * * 1'
+
+  pull_request_target:
+    branches:
+      - main
+    paths:
+      - '.github/workflows/qcom-container-build-and-upload.yml'
+      - 'docker/**'
+
+  push:
+    branches:
+      - main
+    paths:
+      - '.github/workflows/qcom-container-build-and-upload.yml'
+      - 'docker/**'
+
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+env:
+  QCOM_ORG_NAME: "qualcomm-linux"
+
+  IMAGE_NAME: "pkg-builder"
+
+jobs:
+
+  # Build the amd64 natively on ubuntu-latest which is an x86_64 host
+  build-image-amd64:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          ref: ${{github.head_ref}}
+
+      - name: Build Images
+        uses: ./.github/actions/build_container
+        with:
+          arch: amd64
+          push-to-ghcr: ${{ github.event_name != 'pull_request_target' }}
+          token: ${{ secrets.DEB_PKG_BOT_CI_TOKEN }}
+          username: ${{ vars.DEB_PKG_BOT_CI_USERNAME }}
+
+  # Build the arm64 natively using a self-hosted runner on an arm64 host
+  # Cross compiling the image using buildx on an x86_64 host was tried but failed due to
+  # issues with qemu and multiarch support in docker buildx.
+  build-image-arm64:
+    runs-on: ["self-hosted", "lecore-prd-u2404-arm64-xlrg-od-ephem"]
+    steps:
+      
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          ref: ${{github.head_ref}}
+
+      - name: Build Images
+        uses: ./.github/actions/build_container
+        with:
+          arch: arm64
+          push-to-ghcr: ${{ github.event_name != 'pull_request_target' }}
+          token: ${{ secrets.DEB_PKG_BOT_CI_TOKEN }}
+          username: ${{ vars.DEB_PKG_BOT_CI_USERNAME }}

.github/workflows/qcom-preflight-checks.yml

@@ -0,0 +1,24 @@
+name: Qualcomm Preflight Checks
+on:
+  pull_request_target:
+    branches: [ main ]
+  push:
+    branches: [ main ]
+  workflow_dispatch:
+
+permissions:
+ contents: read
+ security-events: write
+
+jobs:
+  qcom-preflight-checks:
+    uses: qualcomm/qcom-reusable-workflows/.github/workflows/qcom-preflight-checks-reusable-workflow.yml@v1.1.4
+    with:
+        # ✅ Preflight Checkers
+        repolinter: true                   # default: true
+        semgrep: true                      # default: true
+        copyright-license-detector: true   # default: true
+        pr-check-emails: true              # default: true
+        dependency-review: true            # default: true
+    secrets:
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}

.github/workflows/stale-issues.yaml

@@ -0,0 +1,24 @@
+name: 'Close stale issues and pull requests with no recent activity'
+on:
+  schedule:
+  - cron: "30 1 * * *"
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/stale@v9
+      with:
+        stale-issue-message: 'This issue has been marked as stale due to 60 days of inactivity. To prevent automatic closure in 10 days, remove the stale label or add a comment. You can reopen a closed issue at any time.'
+        stale-pr-message: 'This pull request has been marked as stale due to 60 days of inactivity. To prevent automatic closure in 10 days, remove the stale label or add a comment. You can reopen a closed pull request at any time.'
+        exempt-issue-labels: bug,enhancement
+        exempt-pr-labels: bug,enhancement
+        days-before-stale: 60
+        days-before-close: 10
+        remove-stale-when-updated: true
+        remove-issue-stale-when-updated: true
+        remove-pr-stale-when-updated: true