Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reusable workflows #256

Merged
merged 16 commits into from
Dec 3, 2022
Merged

Reusable workflows #256

merged 16 commits into from
Dec 3, 2022

Conversation

waybackarchiver
Copy link
Contributor

@waybackarchiver waybackarchiver commented Nov 6, 2022
edited
Loading

Description

Relates to wabarc/.github#1

TODOs

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Checklist

  • I have followed the contributing guidelines of this project as mentioned in CONTRIBUTING.md
  • I have checked to ensure there aren't other open Pull Requests for the same update/change?
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes needed to the documentation

@waybackarchiver waybackarchiver added the github_actions Pull requests that update Github_actions code label Nov 6, 2022
@waybackarchiver waybackarchiver force-pushed the reusable-workflows branch 3 times, most recently from 1621e31 to ff6011c Compare November 7, 2022 16:09
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 7, 2022
View reviewed changes
.github/workflows/analysis.yml
uses: wabarc/.github/.github/workflows/reusable-scorecards.yml@main
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write

Check failure

Code scanning / Scorecard

Token-Permissions

score is 0: jobLevel 'security-events' permission set to 'write' Click Remediation section below to solve this issue
.github/workflows/analysis.yml
codeql:
name: CodeQL
permissions:
security-events: write

Check failure

Code scanning / Scorecard

Token-Permissions

score is 0: jobLevel 'security-events' permission set to 'write' Click Remediation section below to solve this issue
@waybackarchiver waybackarchiver mentioned this pull request Nov 8, 2022
Closed
9 tasks
@waybackarchiver
Migrate linter to reusable workflows
6b0ea83
@waybackarchiver
Migrate stale to reusable workflows
cf41fb1
@waybackarchiver
Migrate license to reusable workflow
602549c
@waybackarchiver
Migrate analysis to reusable workflows
9b96299 
codeql-analysis.yml -> analysis.yml

Rename workflow CodeQL to Analysis

Add Scorecards supply-chain security analysis

Add dependency review

pin dependencies

Using reusable dependency review

Call reusable dependency review workflow without args
@waybackarchiver
Migrate builder to reusable workflows
6f60557
@codecov
Copy link

codecov bot commented Nov 30, 2022
edited
Loading

Codecov Report

Base: 45.51% // Head: 45.55% // Increases project coverage by +0.04% 🎉

Coverage data is based on head (3c5c159) compared to base (48530cd).
Patch has no changes to coverable lines.

❗ Current head 3c5c159 differs from pull request most recent head 9bdf569. Consider uploading reports for the commit 9bdf569 to get more accurate results

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #256      +/-   ##
==========================================
+ Coverage   45.51%   45.55%   +0.04%     
==========================================
  Files          40       40              
  Lines        4998     4998              
==========================================
+ Hits         2275     2277       +2     
+ Misses       2445     2443       -2     
  Partials      278      278
Impacted Files Coverage Δ
service/slack/slack.go 5.47% <0.00%> (+0.57%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 30, 2022
View reviewed changes
.github/workflows/release.yml
draft: false
needs: [ build, debpkg, rpmpkg, aurpkg, snapcraft, flatpak ]
permissions:
contents: write

Check failure

Code scanning / Scorecard

Token-Permissions

score is 0: jobLevel 'contents' permission set to 'write' Click Remediation section below to solve this issue
.github/workflows/testing.yml Fixed Show fixed Hide fixed
.github/workflows/testing.yml Fixed Show fixed Hide fixed
.github/workflows/testing.yml Fixed Show fixed Hide fixed
.github/workflows/testing.yml Fixed Show fixed Hide fixed
.github/workflows/testing.yml Fixed Show fixed Hide fixed
.github/workflows/testing.yml Fixed Show fixed Hide fixed
.github/workflows/testing.yml
sudo add-apt-repository universe
sudo apt-get -y -qq update
sudo apt-get -y -qq install ffmpeg webp youtube-dl
pip3 install you-get

Check warning

Code scanning / Scorecard

Pinned-Dependencies

score is 5: pipCommand not pinned by hash Click Remediation section below to solve this issue
.github/workflows/testing.yml
shell: bash
run: |
# search package https://community.chocolatey.org/packages
choco install --no-progress wget ffmpeg webp youtube-dl you-get

Check warning

Code scanning / Scorecard

Pinned-Dependencies

score is 5: chocoCommand not pinned by hash Click Remediation section below to solve this issue
@waybackarchiver waybackarchiver marked this pull request as ready for review December 3, 2022 07:04
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 3, 2022
View reviewed changes
.github/workflows/docker.yml

jobs:
publish:
name: Build and push Docker image
runs-on: ubuntu-latest
permissions:
packages: write

Check failure

Code scanning / Scorecard

Token-Permissions

score is 0: jobLevel 'packages' permission set to 'write' Click Remediation section below to solve this issue
.github/workflows/docker.yml
allinone:
name: AllInOne Docker image
runs-on: ubuntu-latest
permissions:
packages: write

Check failure

Code scanning / Scorecard

Token-Permissions

score is 0: jobLevel 'packages' permission set to 'write' Click Remediation section below to solve this issue
@waybackarchiver waybackarchiver merged commit 6c6bf79 into main Dec 3, 2022
@waybackarchiver waybackarchiver deleted the reusable-workflows branch December 3, 2022 10:01
@waybackarchiver waybackarchiver mentioned this pull request Dec 3, 2022
Merged
9 tasks
@waybackarchiver waybackarchiver mentioned this pull request Mar 21, 2023
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
github_actions Pull requests that update Github_actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@waybackarchiver