| CI |  |
| Python |  |
| Issue Tracker |  |
| Meta |     |
Reusable GitHub Actions workflows for MOAD repositories and workflow management tools
Added Codecov token to pytest-with-coverage workflow to re-enable coverage
report comments in pull requests.
Tokens became required for that functionality with Codecov's change to v4.0.0
of its GitHub action.
Added gha_workflows_checker.py utility script from https://github.com/UBC-MOAD/gha-workflows-checker.
Changed to rely on the Slack github app workflows subscription feature to send workflow status notifications to Slack instead of the 8398a7/action-slack action.
Enable that feature with:
/github subscribe org/repo workflows:{event:"pull_request","push" branch:"main"}
ref: https://github.com/integrations/slack#actions-workflow-notifications
YAML blobs to use the reusable workflows in other repositories.
name: Assign Issue/PR
on:
issues:
types:
- reopened
- opened
pull_request:
types:
- reopened
- opened
jobs:
auto_assign:
permissions:
issues: write
pull-requests: write
uses: UBC-MOAD/gha-workflows/.github/workflows/auto-assign.yaml@mainNote: Each repo should have a different cron schedule.
name: "CodeQL"
on:
push:
branches: [ '*' ]
schedule:
- cron: '20 17 * * 1'
jobs:
analyze:
name: Analyze
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'python' ]
uses: UBC-MOAD/gha-workflows/.github/workflows/codeql-analysis.yaml@SmainHA
with:
language: ${{ matrix.language }}Notes:
- A Codecov token is required for coverage results to be uploaded to Codecov and coverage report comments to appear in pull requests. Codecov tokens are generated as global upload tokens for organizations on Codecov and stored as organization secrets named CODECOV_TOKEN on GitHub.
- Be sure to set the
conda-env-name:value correctly.
name: pytest-with-coverage
on:
push:
branches: [ '*' ]
jobs:
pytest-with-coverage:
permissions:
contents: read
pull-requests: write
strategy:
fail-fast: false
matrix:
python-version: [ '3.10', '3.11' ]
uses: UBC-MOAD/gha-workflows/.github/workflows/pytest-with-coverage.yaml@main
with:
python-version: ${{ matrix.python-version }}
conda-env-file: envs/environment-test.yaml
conda-env-name: <test-env-name>
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}Notes:
- Each repo should have a different cron schedule. Please see https://salishseacast.slack.com/archives/C01GYJBSF0X/p1608574921004500
- Be sure to set the
conda-env-name:value correctly
name: sphinx-linkcheck
on:
push:
branches: [ '*' ]
schedule:
- cron: 43 10 13 * * # 10:43 UTC on the 4th day of each month
jobs:
sphinx-linkcheck:
permissions:
contents: read
strategy:
fail-fast: false
matrix:
# Need to specify Python version here because we use test env which gets its
# Python version via matrix
python-version: [ '3.11' ]
uses: UBC-MOAD/gha-workflows/.github/workflows/sphinx-linkcheck.yaml@main
with:
python-version: ${{ matrix.python-version }}
conda-env-file: envs/environment-test.yaml
conda-env-name: <test-env-name>Use GitHub CLI tool to list GitHub Actions workflows in repositories with their enabled/disabled status.
Initial impetus for this script was to provide an easy way to check for GitHub's automatic disabling of scheduled sphinx-linkcheck workflows in repos that haven't had activity for >60d.
Run via gha_workflows_checker run/debug config in VS Code, or in a terminal via:
$ conda activate gha-workflows
(gha-workflows)$ python3 gha_workflow_checker/gha_workflows_checker.pyDisabled workflows can be re-enabled with commands like:
(gha-workflows)$ gh workflow enable -R UBC-MOAD/moad_tools CodeQL