diff --git a/.github/labeler.yaml b/.github/labeler.yaml index ce33cc6806..a8cc9eaf3c 100644 --- a/.github/labeler.yaml +++ b/.github/labeler.yaml @@ -1,20 +1,19 @@ --- area/github: - - ".github/**/*" -area/cluster: - - "kubernetes/**/*" + - changed-files: + - any-glob-to-any-file: ".github/**/*" area/hack: - - "hack/**/*" + - changed-files: + - any-glob-to-any-file: "hack/**/*" area/infrastructure: - - "infrastructure/**/*" + - changed-files: + - any-glob-to-any-file: "infrastructure/**/*" cluster/main: - changed-files: - any-glob-to-any-file: "kubernetes/main/**/*" - - any-glob-to-any-file: "infrastructure/talos/main/**/*" cluster/staging: - changed-files: - any-glob-to-any-file: "kubernetes/staging/**/*" - - any-glob-to-any-file: "infrastructure/talos/staging/**/*" cluster/nas: - changed-files: - any-glob-to-any-file: "kubernetes/nas/**/*" diff --git a/.github/labels.yaml b/.github/labels.yaml index f5fa0dd3ac..296d008ddf 100644 --- a/.github/labels.yaml +++ b/.github/labels.yaml @@ -4,10 +4,18 @@ color: "72ccf3" description: >- Changes made in the github directory -- name: area/cluster +- name: cluster/main color: "72ccf3" description: >- - Changes made in the cluster directory + Changes made in the main cluster +- name: cluster/staging + color: "72ccf3" + description: >- + Changes made in the staging cluster +- name: cluster/nas + color: "72ccf3" + description: >- + Changes made in the nas cluster - name: area/hack color: "72ccf3" description: >- diff --git a/.github/renovate/clusters.json5 b/.github/renovate/clusters.json5 index e9e15e2757..59f0faa9e5 100644 --- a/.github/renovate/clusters.json5 +++ b/.github/renovate/clusters.json5 @@ -7,8 +7,7 @@ "**/kubernetes/main/**", "**/infrastructure/talos/main/**" ], - "additionalBranchPrefix": "main-", - "commitMessagePrefix": "[main]" + "additionalBranchPrefix": "main-" }, { "description": "Separate PRs for staging cluster", @@ -16,16 +15,14 @@ "**/kubernetes/staging/**", "**/infrastructure/talos/staging/**" ], - "additionalBranchPrefix": "staging-", - "commitMessagePrefix": "[staging]" + "additionalBranchPrefix": "staging-" }, { "description": "Separate PRs for nas cluster", "matchFileNames": [ "**/kubernetes/nas/**" ], - "additionalBranchPrefix": "nas-", - "commitMessagePrefix": "[nas]" + "additionalBranchPrefix": "nas-" } ] } diff --git a/.github/workflows/create-blacklist.yaml b/.github/workflows/create-blacklist.yaml index 285d605d70..f8631aa0d6 100644 --- a/.github/workflows/create-blacklist.yaml +++ b/.github/workflows/create-blacklist.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Build blacklist" on: @@ -13,7 +14,7 @@ jobs: steps: - name: Generate Token uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 - id: generate-token + id: app-token with: app_id: "${{ secrets.BOT_APP_ID }}" private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" @@ -96,7 +97,7 @@ jobs: uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2 with: release_name: "Pi-Hole Blacklist" - repo_token: ${{ steps.generate-token.outputs.token }} + repo_token: ${{ steps.app-token.outputs.token }} file: hosts.blacklist asset_name: hosts.blacklist tag: pi-hole diff --git a/.github/workflows/link-checker.yaml b/.github/workflows/link-checker.yaml index 2da6de2b59..3f38bd0bb3 100644 --- a/.github/workflows/link-checker.yaml +++ b/.github/workflows/link-checker.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: Link Checker on: # yamllint disable-line rule:truthy @@ -6,6 +7,9 @@ on: # yamllint disable-line rule:truthy schedule: - cron: "0 0 * * *" +env: + WORKFLOW_ISSUE_TITLE: "Link Checker Dashboard 🔗" + jobs: link-checker: name: Link Checker @@ -13,7 +17,7 @@ jobs: steps: - name: Generate Token uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 - id: generate-token + id: app-token with: app_id: "${{ secrets.BOT_APP_ID }}" private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" @@ -21,18 +25,50 @@ jobs: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: - token: "${{ steps.generate-token.outputs.token }}" + token: "${{ steps.app-token.outputs.token }}" + + - name: Setup Homebrew + uses: Homebrew/actions/setup-homebrew@master + + - name: Setup Workflow Tools + shell: bash + run: brew install lychee + + - name: Scan For Broken Links + shell: bash + env: + GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" + run: | + lychee --verbose --no-progress \ + --format markdown \ + --output results.md \ + --exclude-all-private \ + --exclude-mail \ + ./**/*.md || true + + - name: Print Output + run: cat results.md - - name: Link Checker - uses: lycheeverse/lychee-action@c053181aa0c3d17606addfe97a9075a32723548a # v1.9.3 - id: lychee + - name: Find Link Checker Issue + id: find-issue + shell: bash env: - GITHUB_TOKEN: "${{ steps.generate-token.outputs.token }}" + GH_TOKEN: "${{ steps.app-token.outputs.token }}" + run: | + issue_number=$( \ + gh issue list \ + --search "in:title ${{ env.WORKFLOW_ISSUE_TITLE }}" \ + --state open \ + --json number \ + | jq --raw-output '.[0].number' \ + ) + echo "issue-number=${issue_number}" >> $GITHUB_OUTPUT + echo "${issue_number}" - - name: Create Issue From File - if: env.lychee_exit_code != 0 - uses: peter-evans/create-issue-from-file@24452a72d85239eacf1468b0f1982a9f3fec4c94 # v5 + - name: Create or Update Issue + uses: peter-evans/create-issue-from-file@v5 with: - title: Link Checker Report - content-filepath: ./lychee/out.md - labels: report, automated issue + token: "${{ steps.app-token.outputs.token }}" + title: "${{ env.WORKFLOW_ISSUE_TITLE }}" + issue-number: "${{ steps.find-issue.outputs.issue-number || '' }}" + content-filepath: results.md diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index ef229524ca..9928430974 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: Lint on: # yamllint disable-line rule:truthy @@ -18,7 +19,7 @@ jobs: steps: - name: Generate Token uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 - id: generate-token + id: app-token with: app_id: "${{ secrets.BOT_APP_ID }}" private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" @@ -26,13 +27,13 @@ jobs: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: - token: "${{ steps.generate-token.outputs.token }}" + token: "${{ steps.app-token.outputs.token }}" fetch-depth: 0 - name: MegaLinter uses: oxsecurity/megalinter@a7a0163b6c8ff7474a283d99a706e27483ddd80f # v7.10.0 env: - GITHUB_TOKEN: "${{ steps.generate-token.outputs.token }}" + GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" PRINT_ALPACA: false VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'workflow_dispatch' }} ENABLE_LINTERS: |- diff --git a/.github/workflows/meta-enforce-labels.yaml b/.github/workflows/meta-enforce-labels.yaml index 35b669d314..c0c7ea0b19 100644 --- a/.github/workflows/meta-enforce-labels.yaml +++ b/.github/workflows/meta-enforce-labels.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: Meta - Enforce PR labels on: # yamllint disable-line rule:truthy diff --git a/.github/workflows/meta-label-size.yaml b/.github/workflows/meta-label-size.yaml deleted file mode 100644 index 0be811f160..0000000000 --- a/.github/workflows/meta-label-size.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -name: Meta - Label Size - -on: # yamllint disable-line rule:truthy - pull_request: - branches: - - main - -jobs: - label-size: - name: Label Size - runs-on: ubuntu-latest - steps: - - name: Generate Token - uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 - id: generate-token - with: - app_id: "${{ secrets.BOT_APP_ID }}" - private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - - name: Label Size - uses: pascalgn/size-label-action@37a5ad4ae20ea8032abf169d953bcd661fd82cd3 # v0.5.0 - env: - GITHUB_TOKEN: "${{ steps.generate-token.outputs.token }}" - with: - sizes: > - { - "0": "XS", - "20": "S", - "50": "M", - "200": "L", - "800": "XL", - "2000": "XXL" - } diff --git a/.github/workflows/meta-labeler.yaml b/.github/workflows/meta-labeler.yaml new file mode 100644 index 0000000000..4bd3a88d8b --- /dev/null +++ b/.github/workflows/meta-labeler.yaml @@ -0,0 +1,49 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: "Meta - Labeler" + +on: + workflow_dispatch: + pull_request_target: + branches: ["main"] + +jobs: + labeler: + name: Labeler + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: + - name: Generate Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: "${{ secrets.BOT_APP_ID }}" + private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" + + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + token: "${{ steps.app-token.outputs.token }}" + + - name: Labeler + uses: actions/labeler@v5 + with: + repo-token: "${{ steps.app-token.outputs.token }}" + configuration-path: .github/labeler.yaml + + - name: Label Size + uses: pascalgn/size-label-action@37a5ad4ae20ea8032abf169d953bcd661fd82cd3 # v0.5.0 + env: + GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" + with: + sizes: > + { + "0": "XS", + "20": "S", + "50": "M", + "200": "L", + "800": "XL", + "2000": "XXL" + } diff --git a/.github/workflows/meta-sync-labels.yaml b/.github/workflows/meta-sync-labels.yaml index 9dca47e089..9d144969bc 100644 --- a/.github/workflows/meta-sync-labels.yaml +++ b/.github/workflows/meta-sync-labels.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: Meta - Sync labels on: # yamllint disable-line rule:truthy @@ -16,7 +17,7 @@ jobs: steps: - name: Generate Token uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 - id: generate-token + id: app-token with: app_id: "${{ secrets.BOT_APP_ID }}" private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" @@ -24,11 +25,11 @@ jobs: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: - token: "${{ steps.generate-token.outputs.token }}" + token: "${{ steps.app-token.outputs.token }}" - name: Sync Labels uses: EndBug/label-sync@52074158190acb45f3077f9099fea818aa43f97a # v2 with: config-file: .github/labels.yaml - token: "${{ steps.generate-token.outputs.token }}" + token: "${{ steps.app-token.outputs.token }}" delete-other-labels: true diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 3f280adf26..e0015f2b3f 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -47,7 +47,7 @@ jobs: steps: - name: Generate Token uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 - id: generate-token + id: app-token with: app_id: "${{ secrets.BOT_APP_ID }}" private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" @@ -55,7 +55,7 @@ jobs: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: - token: "${{ steps.generate-token.outputs.token }}" + token: "${{ steps.app-token.outputs.token }}" - name: Override default config from dispatch variables run: | @@ -66,5 +66,5 @@ jobs: uses: renovatebot/github-action@89bd050bafa5a15de5d9383e3129edf210422004 # v40.1.5 with: configurationFile: .github/renovate.json5 - token: "${{ steps.generate-token.outputs.token }}" + token: "${{ steps.app-token.outputs.token }}" renovate-version: "${{ env.WORKFLOW_RENOVATE_VERSION }}"