From 3b3925e1b7466d1f9613e84ab2250e19fe5bbb77 Mon Sep 17 00:00:00 2001 From: Andrew Vaughan Date: Sun, 14 Jan 2024 20:19:17 -0500 Subject: [PATCH] Ops: Added GitHub workflow to generate Issue Labels (closes #1) (#72) * Ops: Added GitHub workflow to generate Issue Labels (closes #1) * Added action write permission to enable workflow creation * Attempting to fix workflow permission * Fixed issue with formatting of workflow * [MegaLinter] Apply linters fixes --------- Co-authored-by: andrewvaughan --- .github/.config/labels.yml | 98 +++++++++++++++++++++++++++++++ .github/workflows/mega-linter.yml | 12 ++-- .github/workflows/sync-labels.yml | 77 ++++++++++++++++++++++++ _TEMPLATE_CHECKLIST.md | 27 ++++----- 4 files changed, 193 insertions(+), 21 deletions(-) create mode 100644 .github/.config/labels.yml create mode 100644 .github/workflows/sync-labels.yml diff --git a/.github/.config/labels.yml b/.github/.config/labels.yml new file mode 100644 index 0000000..a3815e2 --- /dev/null +++ b/.github/.config/labels.yml @@ -0,0 +1,98 @@ +## +# Label configurations used on GitHub.com as part of the Software Development Lifecycle of this project. +# +# @see {@link https://github.com/andrewvaughan/template-core/blob/main/.github/CONTRIBUTING.md#working-on-issues} +# @see {@link https://github.com/marketplace/actions/label-sync#config-files} +# +--- +- name: Blocked + color: "#B60205" + description: This Issue is dependent on another Issue's resolution. + +- name: Help Wanted + color: "#66ff66" + description: The Project Maintainers are requesting assistance from the community to complete this Issue. + +- name: Needs More Info + color: "#ffb16f" + description: The Reporter must provide more information for this Issue to progress. + aliases: + - Need More Info + +- name: Needs Triage + color: "#ff00ff" + description: This Issue is pending initial acceptance review from the Repository's Project Maintainers. + aliases: + - triage + +- name: On Hold + color: "#ffb16f" + description: A Project Maintainer has placed a stop on development. See the Issue for details. + aliases: + - "Status: On Hold" + +- name: Pending Release Assignment + color: "#ff00ff" + description: A Project Maintainer must add this to the Roadmap by assigning a Release Milestone. + aliases: + - Needs Release Assignment + +- name: Stale + color: "#ffb16f" + description: This Issue hasn't had any activity in preceding 30 days and may close soon. + +## REQUESTS ############################################################################################################ + +- name: "Request: Bug Fix" + color: "#ffdddd" + description: A preliminary report of an unintended outcome, experience, or problem with the Project. + +- name: "Type: Bug Fix" + color: "#ff7474" + description: A task to rectify An unintended outcome, experience, or problem with the Project. + +- name: "Request: Documentation" + color: "#fff6cc" + description: A preliminary request to update or create documentation and/or documentation tooling for the Project. + +- name: "Type: Documentation" + color: "#ffe67c" + description: A task to update or create documentation and/or documentation tooling for the Project. + +- name: "Request: Feature" + color: "#ddffd7" + description: A preliminary request for a new feature and/or enhancement to the capabilities of the Project. + +- name: "Type: Feature" + color: "#aaffc7" + description: A task to create or update a feature and/or enhancement to the existing capabilities of the Project. + +- name: "Request: Operations" + color: "#dfefff" + description: A preliminary request for an update to dependencies and/or other operational capabilities of the Project. + aliases: + - "Request: DevOps" + - "Request: Ops" + +- name: "Type: Operations" + color: "#8fe1e7" + description: A task to update dependencies and/or other operational capabilities of the Project. + aliases: + - "Type: DevOps" + - "Type: Ops" + +- name: "Type: Release" + color: "#000000" + description: A versioned release of the Project. + aliases: + - "Release" + +## REJECTIONS ########################################################################################################## + +- name: "Wontfix: Duplicate" + color: "#555555" + description: This Issue is a duplicate of another Issue. See Issue for details. + +- name: "Wontfix: Invalid" + color: "#555555" + description: This Issue is invalid or inappropriate. See Issue for details. diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 540d2b3..fbd89b8 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -1,5 +1,3 @@ -# kics-scan disable=555ab8f9-2001-455e-a077-f2d0f41e2fb9 - ## # MegaLinter GitHub Action configuration file. # @@ -93,7 +91,7 @@ jobs: # @link https://github.com/actions/checkout # - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # @3.6.0 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} @@ -132,7 +130,7 @@ jobs: # TEMPLATE TODO - Select a more-specific MegaLinter flavor for the project and update the `uses` configuration # here to significantly increase GitHub Action performance. # - uses: oxsecurity/megalinter@v7 + uses: oxsecurity/megalinter@7e042c726c68415475b05a65a686c612120a1232 # @v7.7.0 ## # Variables are overridden on GitHub workflows for certain conditions. @@ -179,7 +177,7 @@ jobs: # - name: Archive production artifacts if: success() || failure() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # @3.1.3 with: name: MegaLinter reports path: | @@ -205,7 +203,7 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository ) && !contains(github.event.head_commit.message, 'skip fix') - uses: peter-evans/create-pull-request@v5 + uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # @5.0.2 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes" @@ -259,7 +257,7 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository ) && !contains(github.event.head_commit.message, 'skip fix') - uses: stefanzweifel/git-auto-commit-action@v4 + uses: stefanzweifel/git-auto-commit-action@3ea6ae190baf489ba007f7c92608f33ce20ef04a # @4.16.0 with: branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }} commit_message: "[MegaLinter] Apply linters fixes" diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml new file mode 100644 index 0000000..65b8276 --- /dev/null +++ b/.github/workflows/sync-labels.yml @@ -0,0 +1,77 @@ +## +# GitHub Action that syncs labels from the parent `template-core` Repository. +# +# @link https://github.com/andrewvaughan/template-core/labels +# +--- +name: Sync Labels from andrewvaughan/template-core + +on: + # This action must trigger manually from the GitHub Actions interface + workflow_dispatch: + +## +# All steps should have read-only access, unless explicitly given. +# +permissions: read-all + +## +# Sync labels from `andrewvaughan/template-core` parent Repository. +# +# @link https://docs.github.com/en/actions/using-jobs/using-jobs-in-a-workflow +# +jobs: + sync-labels: + name: Replace GitHub Labels with Standard + runs-on: ubuntu-latest + + ## + # This job's `GITHUB_TOKEN` or `PAT` must have these permissions. + # + # Always aim to provide as few permissions as possible for personal access tokens. + # + # @link https://docs.github.com/en/actions/security-guides/automatic-token-authentication + # + permissions: + actions: write + issues: write + + steps: + ## + # Checkout just the label configuration from this project for the sync manager to access. + # + - name: Checkout Label configuration + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # @4.1.1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + fetch-depth: 1 + sparse-checkout: | + .github/.config/labels.yml + + ## + # Sync the labels from the parent Repository. + # + # @see {@link https://github.com/marketplace/actions/label-sync} + # + - name: Sync Labels + uses: EndBug/label-sync@da00f2c11fdb78e4fae44adac2fdd713778ea3e8 # @2.3.2 + with: + # Configure from the label configuration imported from `template-core` + config-file: .github/.config/labels.yml + + # This can also stay up to date with the `template-core` Repository Labels, but this may cause issues with + # automation and isn't generally recommended: + # source-repo: andrewvaughan/template-core + + # If you're using a private source repo or a URL that needs an 'Authorization' header, you'll need to add a + # custom token for the action to read it + request-token: ${{ secrets.GITHUB_TOKEN }} + + # Delete any Labels that don't meet the standard + delete-other-labels: true + + # Available for dry-run testing, if needed + # dry-run: true + + # By default, this uses the user's `GITHUB_TOKEN`, but any PAT can live here with appropriate permissions + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/_TEMPLATE_CHECKLIST.md b/_TEMPLATE_CHECKLIST.md index bbac55a..dc0c28c 100644 --- a/_TEMPLATE_CHECKLIST.md +++ b/_TEMPLATE_CHECKLIST.md @@ -92,11 +92,11 @@ in the directory into the project: ### Labels -> Work is in progress on a [workflow][issue-label-sync] to automate label syncing with the core template; however, this -> hasn't seem implementation, yet. -> -> In the meantime, copy all labels manually from the [`template-core`][template-core] Repository to the [Labels][labels] -> section of this project. This may take some time. +A manual workflow called `Sync Labels` must trigger from the GitHub Actions page for this Repository to create the +Labels necessary for automation to function and for the Software Development Lifecycle. You must trigger this workflow +manually. + +- [ ] Run the [`Sync Labels`][workflow-labels] workflow for this project --- @@ -149,7 +149,7 @@ rm LICENSE.* ### Permissions | License File | Commercial Use | Distribution | Modification | Patent Use | Private Use | -|:---------------------------------|:--------------:|:------------:|:------------:|:----------:|:-----------:| +| :------------------------------- | :------------: | :----------: | :----------: | :--------: | :---------: | | [`LICENSE.unlicense`][unlicense] | Yes | Yes | Yes | - | Yes | | [`LICENSE.mit`][mit] | Yes | Yes | Yes | - | Yes | | [`LICENSE.apache`][apache2] | Yes | Yes | Yes | Yes | Yes | @@ -159,7 +159,7 @@ rm LICENSE.* As described by: | Permission | Description | -|:---------------|:--------------------------------------------------------------------------| +| :------------- | :------------------------------------------------------------------------ | | Commercial Use | This License grants use for commercial purpose, including derivatives | | Distribution | This License grants distribution of the licensed material | | Modification | This Licensed grants modification rights | @@ -169,7 +169,7 @@ As described by: ### Conditions | License File | Disclose Source | License/Copyright Notice | Same License | State Changes | -|:---------------------------------|:---------------:|:------------------------:|:------------:|:-------------:| +| :------------------------------- | :-------------: | :----------------------: | :----------: | :-----------: | | [`LICENSE.unlicense`][unlicense] | - | - | - | - | | [`LICENSE.mit`][mit] | - | Yes | - | - | | [`LICENSE.apache`][apache2] | - | Yes | - | Yes | @@ -181,7 +181,7 @@ As described by: | Permission | Description | -|:-------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| :----------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Disclose Source | Licensees must make source code available when distributing | | License/Copyright Notice | Licensees must include a copy of the License and copyright notice with the material | | Same License | Licensee must Release modifications under the same License when distributing the licensed material - in some cases the Licensee may use a similar or related License | @@ -192,7 +192,7 @@ As described by: ### Limitations | License File | Limited Liability | No Trademark | No Warranty | -|:---------------------------------|:-----------------:|:------------:|:-----------:| +| :------------------------------- | :---------------: | :----------: | :---------: | | [`LICENSE.unlicense`][unlicense] | Yes | - | Yes | | [`LICENSE.mit`][mit] | Yes | - | Yes | | [`LICENSE.apache`][apache2] | Yes | Yes | Yes | @@ -204,7 +204,7 @@ As described by: | Permission | Description | -|:------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| :---------------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Limited Liability | This License includes a limitation of liability | | No Trademark | This License explicitly states that it doesn't grant trademark rights, even though Licenses without such a statement probably don't grant any implicit trademark rights | | No Warranty | This License explicitly states that it doesn't provide any warranty | @@ -285,7 +285,7 @@ This template comes with the following standard folder structure: | Folder | Purpose | -|:-------------------------------|:-----------------------------------------------------------------------------------------------| +| :----------------------------- | :--------------------------------------------------------------------------------------------- | | [.build](.build) | All scripts and resources tied to deployment (for example, Docker Compose) | | [.config](.config) | All configuration files for local development | | [.devcontainer](.devcontainer) | DevContainer configurations ([GitHub Docs][dc-gh], [VSCode Docs][dc-vsc], [Reference][dc-ref]) | @@ -309,8 +309,6 @@ This template comes with the following standard folder structure: [dictionary]: .config/dictionaries/project.txt [gpl3]: https://choosealicense.com/licenses/gpl-3.0/ [homebrew-sed]: https://formulae.brew.sh/formula/gnu-sed -[issue-label-sync]: https://github.com/andrewvaughan/template-core/issues/1 -[labels]: https://github.com/andrewvaughan/template-core/labels [license]: LICENSE [license-dir]: https://github.com/andrewvaughan/template-core/tree/main [makefile]: .config/make @@ -328,6 +326,7 @@ This template comes with the following standard folder structure: [vale-vocab]: .config/linters/vale/styles/Vocab [vscode]: .vscode [vscode-docs]: https://stackoverflow.com/questions/32964920/should-i-commit-the-vscode-folder-to-source-control +[workflow-labels]: https://github.com/andrewvaughan/template-core/actions/workflows/sync-labels.yml