Feat: Additional Github Workflow Actions #37
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| { | ||
| "LABEL": { | ||
| "name": "title needs formatting", | ||
| "color": "EEEEEE" | ||
| }, | ||
| "CHECKS": { | ||
| "prefixes": ["feat: ", "bugfix: ", "tidy: ", "breaking: ", "core_update: "], | ||
| "regexp": "^(feat|bugfix|tidy|breaking|core_update): .+", | ||
| "regexpFlags": "i", | ||
| "ignoreLabels" : ["dont-check-PRs-with-this-label", "meta"] | ||
| }, | ||
| "MESSAGES": { | ||
| "success": "### ✅ PR Title Formatted Correctly", | ||
| "failure": "### 🚨 PR Title Needs Formatting\n\nThe title of this PR needs to be formatted correctly.\nPlease update the title to match the format `type: description`. For more details, see CONTRIBUTING.md.\n\n#### Examples:\n- `bugfix: fix typo in README.md AB#123`\n- `tidy: update dependencies AB#456`\n- `feat: add new feature AB#789`\n- `breaking: big change`\n", | ||
| "notice": "" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| # This scans MaCh3 and tries to find vulnerabilities | ||
|
|
||
| name: "CodeQL C++ Analysis" | ||
|
|
||
| on: | ||
| schedule: | ||
| - cron: '0 0 * * 0' # Every Sunday at midnight | ||
|
|
||
| jobs: | ||
| analyze: | ||
| name: Analyze C++ Code with CodeQL | ||
| runs-on: ubuntu-latest | ||
| container: | ||
| image: ghcr.io/dune/mach3:alma9latest | ||
| permissions: | ||
| security-events: write | ||
| packages: read | ||
| actions: read | ||
| contents: read | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Initialize CodeQL | ||
| uses: github/codeql-action/init@v3 | ||
| with: | ||
| languages: c-cpp | ||
| build: none # Specify build none to skip any build steps | ||
|
|
||
| - name: Build Code | ||
| run: | | ||
| mkdir build | ||
| cd build | ||
| cmake ../ | ||
| make -j4 | ||
|
|
||
| - name: Perform CodeQL Analysis | ||
| uses: github/codeql-action/analyze@v3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| --- | ||
| # This is a basic workflow make doxygen documentation | ||
| # every time develop is updated | ||
| name: Doxygen | ||
|
|
||
| # Controls when the workflow will run | ||
| on: | ||
| # Triggers the workflow on push or pull request events but only for the develop branch | ||
| push: | ||
| branches: [ develop ] | ||
|
|
||
| # Allows you to run this workflow manually from the Actions tab | ||
| workflow_dispatch: | ||
|
|
||
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | ||
| jobs: | ||
| # This workflow contains a single job called "Doxygen" | ||
|
|
||
| Doxygen: | ||
| # The type of runner that the job will run on | ||
| runs-on: ubuntu-latest | ||
|
|
||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
|
|
||
| # Steps represent a sequence of tasks that will be executed as part of the job | ||
| steps: | ||
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| # Updates the package list to ensure you get the latest version of packages | ||
| - run: sudo apt-get update | ||
|
|
||
| # Installs texlive for LaTeX support in Doxygen documentation | ||
| - run: sudo apt-get install -y texlive | ||
|
|
||
| # Installs libjs-mathjax for rendering mathematical notation in Doxygen documentation | ||
| - run: sudo apt-get install -y libjs-mathjax | ||
|
|
||
| # Install perl for bibtex | ||
| - run: sudo apt-get install -y perl | ||
|
|
||
| # Runs a single command using the runners shell | ||
| - name: Doxygen Action | ||
| uses: mattnotmitt/[email protected] | ||
| with: | ||
| doxyfile-path: './doc/Doxyfile' | ||
| working-directory: . | ||
|
|
||
| # Deploys the generated documentation to GitHub Pages | ||
| - name: Deploy | ||
| uses: peaceiris/actions-gh-pages@v4 | ||
| with: | ||
| github_token: ${{ secrets.GITHUB_TOKEN }} | ||
| publish_dir: ./doc/html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| --- | ||
| # Lint our code and throw error if something is looking fishy in the changes | ||
| name: Super Linter | ||
|
|
||
| on: | ||
| pull_request: | ||
| branches: [develop] | ||
|
|
||
|
|
||
| jobs: | ||
| super-linter: | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Run Super Linter | ||
| uses: github/super-linter@v7 | ||
| continue-on-error: true | ||
| env: | ||
| VALIDATE_MARKDOWN: true # Enable Markdown linting | ||
| VALIDATE_DOCKERFILE: true # Enable Dockerfile linting | ||
| VALIDATE_YAML: true # Enable YAML linting | ||
| VALIDATE_GITHUB_ACTIONS: true # Enable GitHub Actions workflow linting | ||
| VALIDATE_PYTHON: true # Enable Python linting | ||
| VALIDATE_ALL_CODEBASE: true # Lint the entire codebase | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # GitHub token for permissions | ||
| # DISABLE_LINTERS: "CPP" # Disable linting for other languages | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| # This workflow make sure PR tittles obeys Contributing guide | ||
| name: "PR Title Checker" | ||
| on: | ||
| pull_request_target: | ||
| types: | ||
| - opened | ||
| - edited | ||
| - synchronize | ||
| - labeled | ||
| - unlabeled | ||
| workflow_dispatch: # This allows the workflow to be triggered manually | ||
|
|
||
| jobs: | ||
| check: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
|
|
||
| - uses: actions/checkout@v4 | ||
|
|
||
| - uses: thehanimo/[email protected] | ||
| with: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| pass_on_octokit_error: false | ||
| local_configuration_path: .github/pr-title-checker-config.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we really get away with the CPP linter enabled? I guess you've dealt with this by including the continue-on-error true? I think it's more useful to disable the CPP linter and require errors on YAML to be fixed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Like for example, you can see a YAML error here: https://github.com/DUNE/MaCh3_DUNE/actions/runs/13117147270/job/36594095657#step:4:939
To me, it's more important that we catch these YAML errors and have the bot fail