diff --git a/.github/workflows/issue-cleanup.yml b/.github/workflows/issue-cleanup.yml new file mode 100644 index 00000000..b0511da5 --- /dev/null +++ b/.github/workflows/issue-cleanup.yml @@ -0,0 +1,24 @@ +--- +name: Close Stale Issues & Pull Requests + +on: + schedule: + - cron: "30 1 * * *" + +permissions: + contents: read + +jobs: + close-issues: + runs-on: ubuntu-latest + permissions: + issues: write + pull-requests: write + steps: + - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 + with: + stale-issue-label: "stale" + stale-pr-label: "stale" + stale-issue-message: "This issue is marked stale because it has been open for an extended period with no activity. Remove the 'stale' label or comment otherwise this issue will be closed in 7 days." + stale-pr-message: "This pull request is marked stale because it has been open for an extended period with no activity. Remove the 'stale' label or comment otherwise this pull request will be closed in 7 days." + exempt-all-milestones: true diff --git a/.github/workflows/issue-creation-tool-versions.yml b/.github/workflows/issue-creation-tool-versions.yml new file mode 100644 index 00000000..20f8d799 --- /dev/null +++ b/.github/workflows/issue-creation-tool-versions.yml @@ -0,0 +1,65 @@ +--- +name: Evaluate Tool Versions + +on: + schedule: + - cron: 0 0 1 */3 * + +permissions: {} + +jobs: + create-issue: + name: Create tool version evaluation issue + runs-on: ubuntu-latest + permissions: + issues: write + steps: + - run: | + if [[ $CLOSE_PREVIOUS == true ]]; then + previous_issue_number=$(gh issue list \ + --label "$LABELS" \ + --json number \ + --jq '.[0].number') + if [[ -n $previous_issue_number ]]; then + gh issue close "$previous_issue_number" + gh issue unpin "$previous_issue_number" + fi + fi + new_issue_url=$(gh issue create \ + --title "$TITLE" \ + --assignee "$ASSIGNEES" \ + --label "$LABELS" \ + --body "$BODY") + if [[ $PINNED == true ]]; then + gh issue pin "$new_issue_url" + fi + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_REPO: ${{ github.repository }} + TITLE: Evaluate tool versions + ASSIGNEES: awesome-embedded-projects + LABELS: scheduled,tool-versions + BODY: | + ## Description + + This issue is automatically created as a gentle reminder to evaluate the tool versions, and base container, for + the container image built from this repository. The checklist below describes the steps that should be taken, + and checked-off before this issue can be closed. Any decisions about purposefully not updating a tool to a newer + version should be logged as issue comment. The general philosophy is to always include the latest tool versions + and the latest [LTS](https://ubuntu.com/about/release-cycle) version of Ubuntu. + + Please note that, where possible, tool versions are kept up to date by Dependabot. Below list includes tools that + are not under Dependabot control. + + ## Checklist + + - [ ] The image is based on the latest LTS version of Ubuntu + - [ ] The GCC and [ARM GNU](https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads) toolchains are up to date and match in version + - [ ] The Clang toolchain is up to date + - [ ] The [Docker cli](https://download.docker.com/linux/static/stable/) is up to date + - [ ] [bats-core](https://github.com/bats-core/bats-core), [bats-support](https://github.com/bats-core/bats-support) and [bats-assert](https://github.com/bats-core/bats-assert) are up to date + - [ ] [Mull](https://github.com/mull-project/mull) is up to date and compatible with the currently installed Clang version + - [ ] [include-what-you-use](https://github.com/include-what-you-use/include-what-you-use) is up to date and compatible with the currently installed Clang version + - [ ] [xwin](https://github.com/Jake-Shadle/xwin) is up to date + PINNED: true + CLOSE_PREVIOUS: true diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 4ea03538..cbbaa8c7 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -12,8 +12,7 @@ on: permissions: read-all jobs: - analysis: - name: OSSF Scorecard + ossf-scorecard: runs-on: ubuntu-latest permissions: security-events: write diff --git a/.github/workflows/validate-pr.yml b/.github/workflows/pr-conventional-title.yml similarity index 68% rename from .github/workflows/validate-pr.yml rename to .github/workflows/pr-conventional-title.yml index f8fbd48a..bc86c43e 100644 --- a/.github/workflows/validate-pr.yml +++ b/.github/workflows/pr-conventional-title.yml @@ -1,14 +1,18 @@ --- -name: Validate Pull-Request +name: Pull request Conventional Title on: pull_request: + types: + - opened + - edited + - synchronize permissions: - contents: read + pull-requests: read jobs: - conventional-commit: + validate-pr-title: runs-on: ubuntu-latest steps: - uses: Namchee/conventional-pr@b31518c34a4243c21484e3187abbbee4a44d0ec4 # v0.15.4 diff --git a/.github/workflows/cleanup-pr-image.yml b/.github/workflows/pr-image-cleanup.yml similarity index 97% rename from .github/workflows/cleanup-pr-image.yml rename to .github/workflows/pr-image-cleanup.yml index 7043cb48..108ed758 100644 --- a/.github/workflows/cleanup-pr-image.yml +++ b/.github/workflows/pr-image-cleanup.yml @@ -1,4 +1,5 @@ -name: Cleanup Pull-Request Image +--- +name: Cleanup Pull Request Images on: pull_request: diff --git a/.github/workflows/pr-report.yml b/.github/workflows/pr-report.yml index 1c9af02c..bd8c9fdb 100644 --- a/.github/workflows/pr-report.yml +++ b/.github/workflows/pr-report.yml @@ -1,4 +1,5 @@ -name: PR Report +--- +name: Pull Request Report on: pull_request: diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml index 5cafec7a..d215c866 100644 --- a/.github/workflows/update-dependencies.yml +++ b/.github/workflows/update-dependencies.yml @@ -10,7 +10,7 @@ permissions: contents: read jobs: - update: + update-apt-dependencies: runs-on: ubuntu-latest # Using our own container is required since we need all package sources # set-up correctly.