From 5f5ddce20117a49ac8ed118b4c2af762fb1ae614 Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Thu, 30 Jan 2025 13:34:29 -0800 Subject: [PATCH] Added gh action jobs to workflows dir Signed-off-by: Natalia Luzuriaga --- .github/workflows/auto-changelog.yml | 15 ++++++ .github/workflows/contributors.yml | 78 ++++++++++++++++++++++++++++ .github/workflows/gitleaks.yml | 15 ++++++ 3 files changed, 108 insertions(+) create mode 100644 .github/workflows/auto-changelog.yml create mode 100644 .github/workflows/contributors.yml create mode 100644 .github/workflows/gitleaks.yml diff --git a/.github/workflows/auto-changelog.yml b/.github/workflows/auto-changelog.yml new file mode 100644 index 0000000..90879c0 --- /dev/null +++ b/.github/workflows/auto-changelog.yml @@ -0,0 +1,15 @@ +name: Changelog +on: + release: + types: + - created +jobs: + changelog: + runs-on: ubuntu-latest + steps: + - name: "Auto Generate changelog" + uses: heinrichreimer/action-github-changelog-generator@v2.3 + with: + {% raw %} + token: ${{ secrets.GITHUB_TOKEN }} + {% endraw %} \ No newline at end of file diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml new file mode 100644 index 0000000..80d45eb --- /dev/null +++ b/.github/workflows/contributors.yml @@ -0,0 +1,78 @@ +name: Update Contributors Information + +on: + workflow_dispatch: {} + schedule: + # Weekly on Saturdays. + - cron: "30 1 * * 6" + push: + branches: [main] + +jobs: + update-contributors: + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Update contributor list + id: contrib_list + uses: akhilmhdh/contributors-readme-action@v2.3.10 + env: + {% raw %} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + {% endraw %} + with: + readme_path: MAINTAINERS.md + use_username: false + commit_message: "update contributors information" + + - name: Get contributors count + id: get_contributors + env: + {% raw %} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + {% endraw %} + + run: | + OWNER=$(echo $GITHUB_REPOSITORY | cut -d'/' -f1) + REPO=$(echo $GITHUB_REPOSITORY | cut -d'/' -f2) + QUERY='query { repository(owner: \"'"$OWNER"'\", name: \"'"$REPO"'\") { collaborators { totalCount } } }' + + CONTRIBUTORS=$(gh api \ + -H "Accept: application/vnd.github+json" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + "/repos/$OWNER/$REPO/contributors?per_page=100" | \ + jq '[.[] | select(.type != "Bot" and (.login | test("\\[bot\\]$") | not) and (.login | test("-bot$") | not))] | length') + + echo "Total contributors: $CONTRIBUTORS" + echo "contributors=$CONTRIBUTORS" >> $GITHUB_OUTPUT + + + - name: Update MAINTAINERS.md + run: | + {% raw %} + CONTRIBUTORS="${{ steps.get_contributors.outputs.contributors }}" + {% endraw %} + + perl -i -pe 's/().*?()/$1 '"$CONTRIBUTORS"' $2/' MAINTAINERS.md + + git config user.name 'github-actions[bot]' + git config user.email 'github-actions[bot]@users.noreply.github.com' + git add MAINTAINERS.md + git commit -m "update contributors count to $CONTRIBUTORS" || exit 0 + + - name: Push protected + uses: CasperWA/push-protected@v2 + with: + {% raw %} + token: ${{ secrets.PUSH_TO_PROTECTED_BRANCH }} + {% endraw %} + + branch: main \ No newline at end of file diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml new file mode 100644 index 0000000..d4b1597 --- /dev/null +++ b/.github/workflows/gitleaks.yml @@ -0,0 +1,15 @@ +name: Check for Secrets +on: + pull_request: + push: + +jobs: + scan-for-secrets: + name: Run gitleaks + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: { fetch-depth: 0 } + + - name: Check for GitLeaks + uses: gacts/gitleaks@v1