From 950da0156827e3d0c607a7413e73d580126cd7dc Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Thu, 11 Feb 2021 16:13:49 -0600 Subject: [PATCH 01/13] Add emphasis to acceptance criteria --- .github/pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 67a60a7..ebd66ad 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -6,7 +6,7 @@ It is not: --- -**Please note that at this time we are only accepting new starter workflows for Code Scanning. Updates to existing starter workflows are fine.** +### **Please note that at this time we are only accepting new starter workflows for Code Scanning. Updates to existing starter workflows are fine.** --- From 06274ce3304986be463fb8c2298049af793674bf Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Thu, 11 Feb 2021 17:50:08 -0600 Subject: [PATCH 02/13] Add comments around general guidance So that they are only visible to the PR author --- .github/pull_request_template.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index ebd66ad..5e5859c 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,8 +1,13 @@ + + --- From 0e973208b84d14b88eb1b1ef8e8ed1e71b4ea3de Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Thu, 11 Feb 2021 17:51:24 -0600 Subject: [PATCH 03/13] Add pre-requisites section --- .github/pull_request_template.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 5e5859c..f80e4f1 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -8,6 +8,9 @@ It is not: * A place for you to create a workflow for your repository --> +## Pre-requisites + +- [ ] Prior to submitting a new workflow, please apply to join the GitHub Technology Partner Program: [partner.github.com/apply](https://partner.github.com/apply?partnershipType=Technology+Partner). --- From cdcc451eadcac85a9f017f05b2658c25ccfa0f8e Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Thu, 11 Feb 2021 17:54:56 -0600 Subject: [PATCH 04/13] Add separate sections based on workflow type --- .github/pull_request_template.md | 34 +++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index f80e4f1..60ddcd7 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -18,23 +18,33 @@ It is not: --- -In the workflow and properties files: +## Tasks -- [ ] The workflow filename of CI workflows should be the name of the language or platform, in lower case. Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET"). +**For _all_ workflows, the workflow:** - The workflow filename of publishing workflows should be the name of the language or platform, in lower case, followed by "-publish". -- [ ] Includes a matching `ci/properties/*.properties.json` file. -- [ ] Use sentence case for the names of workflows and steps, for example "Run tests". -- [ ] The name of CI workflows should only be the name of the language or platform: for example "Go" (not "Go CI" or "Go Build") -- [ ] Include comments in the workflow for any parts that are not obvious or could use clarification. -- [ ] CI workflows should run on `push` to `branches: [ $default-branch ]` and `pull_request` to `branches: [ $default-branch ]`. +- [ ] Should be contained in a file having the name of the language or platform, in lower, [_kebab-cased_](https://en.wikipedia.org/wiki/Kebab_case) format. Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET"). +- [ ] Should use sentence case for the names of workflows and steps (for example, "Run tests"). +- [ ] Should be named _only_ by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build") +- [ ] Should include comments in the workflow for any parts that are not obvious or could use clarification. + +**For _CI_ workflows, the workflow:** + +- [ ] Should be preserved under [the `ci` directory](https://github.com/actions/starter-workflows/tree/main/ci) +- [ ] Should include a matching `ci/properties/*.properties.json` file (for example, [`ci/properties/docker-publish.properties.json`](https://github.com/actions/starter-workflows/blob/main/ci/properties/docker-publish.properties.json)). +- [ ] Should run on `push` to `branches: [ $default-branch ]` and `pull_request` to `branches: [ $default-branch ]`. - [ ] Packaging workflows should run on `release` with `types: [ created ]`. -- [ ] Code Scanning workflows should run on `push` to `branches: [ $default-branch, $protected-branches ]` and `pull_request` to `branches: [ $default-branch ]`. We also recommend a `schedule` trigger of `cron: $cron-weekly`. +- [ ] Publishing workflows should have a filename that is the name of the language or platform, in lower case, followed by "-publish" (for example, [`docker-publish.yml`](https://github.com/actions/starter-workflows/blob/main/ci/docker-publish.yml)). -Some general notes: +**For _Code Scanning_ workflows, the workflow:** -- [ ] This workflow must only use actions that are produced by GitHub, [in the `actions` organization](https://github.com/actions), **or** -- [ ] This workflow must only use actions that are produced by the language or ecosystem that the workflow supports. These actions must be [published to the GitHub Marketplace](https://github.com/marketplace?type=actions). We recommend that these actions be referenced using the full 40 character hash of the action's commit instead of a tag. Additionally, workflows must include the following comment at the top of the workflow file: +- [ ] Should be preserved under [the `code-scanning` directory](https://github.com/actions/starter-workflows/tree/main/ci) +- [ ] Should include a matching `code-scanning/properties/*.properties.json` file. +- [ ] Should run on `push` to `branches: [ $default-branch, $protected-branches ]` and `pull_request` to `branches: [ $default-branch ]`. We also recommend a `schedule` trigger of `cron: $cron-weekly` (for example, [`codeql.yml`](https://github.com/actions/starter-workflows/blob/c59b62dee0eae1f9f368b7011cf05c2fc42cf084/code-scanning/codeql.yml#L14-L21)). + +**Some general notes:** + +- [ ] This workflow must _only_ use actions that are produced by GitHub, [in the `actions` organization](https://github.com/actions), **or** +- [ ] This workflow must _only_ use actions that are produced by the language or ecosystem that the workflow supports. These actions must be [published to the GitHub Marketplace](https://github.com/marketplace?type=actions). We recommend that these actions be referenced using the full 40 character hash of the action's commit instead of a tag. Additionally, workflows must include the following comment at the top of the workflow file: ``` # This workflow uses actions that are not certified by GitHub. # They are provided by a third-party and are governed by From 14be8c2b5a8b7c56b0400d841f705234487214eb Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Thu, 11 Feb 2021 17:55:44 -0600 Subject: [PATCH 05/13] Ensure consistent line-endings --- .github/pull_request_template.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 60ddcd7..3eb7bcf 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -24,12 +24,12 @@ It is not: - [ ] Should be contained in a file having the name of the language or platform, in lower, [_kebab-cased_](https://en.wikipedia.org/wiki/Kebab_case) format. Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET"). - [ ] Should use sentence case for the names of workflows and steps (for example, "Run tests"). -- [ ] Should be named _only_ by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build") +- [ ] Should be named _only_ by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build"). - [ ] Should include comments in the workflow for any parts that are not obvious or could use clarification. **For _CI_ workflows, the workflow:** -- [ ] Should be preserved under [the `ci` directory](https://github.com/actions/starter-workflows/tree/main/ci) +- [ ] Should be preserved under [the `ci` directory](https://github.com/actions/starter-workflows/tree/main/ci). - [ ] Should include a matching `ci/properties/*.properties.json` file (for example, [`ci/properties/docker-publish.properties.json`](https://github.com/actions/starter-workflows/blob/main/ci/properties/docker-publish.properties.json)). - [ ] Should run on `push` to `branches: [ $default-branch ]` and `pull_request` to `branches: [ $default-branch ]`. - [ ] Packaging workflows should run on `release` with `types: [ created ]`. @@ -37,7 +37,7 @@ It is not: **For _Code Scanning_ workflows, the workflow:** -- [ ] Should be preserved under [the `code-scanning` directory](https://github.com/actions/starter-workflows/tree/main/ci) +- [ ] Should be preserved under [the `code-scanning` directory](https://github.com/actions/starter-workflows/tree/main/ci). - [ ] Should include a matching `code-scanning/properties/*.properties.json` file. - [ ] Should run on `push` to `branches: [ $default-branch, $protected-branches ]` and `pull_request` to `branches: [ $default-branch ]`. We also recommend a `schedule` trigger of `cron: $cron-weekly` (for example, [`codeql.yml`](https://github.com/actions/starter-workflows/blob/c59b62dee0eae1f9f368b7011cf05c2fc42cf084/code-scanning/codeql.yml#L14-L21)). From 23285c07c690607f52471713592e171626c14022 Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Thu, 11 Feb 2021 17:59:41 -0600 Subject: [PATCH 06/13] Add kebab-case example --- .github/pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 3eb7bcf..3c45890 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -22,7 +22,7 @@ It is not: **For _all_ workflows, the workflow:** -- [ ] Should be contained in a file having the name of the language or platform, in lower, [_kebab-cased_](https://en.wikipedia.org/wiki/Kebab_case) format. Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET"). +- [ ] Should be contained in a `.yml` file with the language or platform as its filename, in lower, [_kebab-cased_](https://en.wikipedia.org/wiki/Kebab_case) format (for example, [`docker-image.yml`](https://github.com/actions/starter-workflows/blob/main/ci/docker-image.yml)). Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET"). - [ ] Should use sentence case for the names of workflows and steps (for example, "Run tests"). - [ ] Should be named _only_ by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build"). - [ ] Should include comments in the workflow for any parts that are not obvious or could use clarification. From f089b6db62c3e01d471902405d2bac8c1ba5befa Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Thu, 11 Feb 2021 18:08:32 -0600 Subject: [PATCH 07/13] Add code scanning instructions for properties.json file --- .github/pull_request_template.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 3c45890..db8f484 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -38,7 +38,12 @@ It is not: **For _Code Scanning_ workflows, the workflow:** - [ ] Should be preserved under [the `code-scanning` directory](https://github.com/actions/starter-workflows/tree/main/ci). -- [ ] Should include a matching `code-scanning/properties/*.properties.json` file. +- [ ] Should include a matching `code-scanning/properties/*.properties.json` file, with properties set as follows: + - [ ] `name`: Name of the Code Scanning integration. + - [ ] `organization`: Name of the organization producing the Code Scanning integration. + - [ ] `description`: Short description of the Code Scanning integration. + - [ ] `languages`: Array of languages supported by the Code Scanning integration. + - [ ] `iconName`: Name of the SVG logo representing the Code Scanning integration. This SVG logo must be present in [the `icons` directory](https://github.com/actions/starter-workflows/tree/main/icons). - [ ] Should run on `push` to `branches: [ $default-branch, $protected-branches ]` and `pull_request` to `branches: [ $default-branch ]`. We also recommend a `schedule` trigger of `cron: $cron-weekly` (for example, [`codeql.yml`](https://github.com/actions/starter-workflows/blob/c59b62dee0eae1f9f368b7011cf05c2fc42cf084/code-scanning/codeql.yml#L14-L21)). **Some general notes:** From e0e30a049072e5faa350a978ca488946590534f9 Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Tue, 16 Feb 2021 10:53:00 -0600 Subject: [PATCH 08/13] Add link to codeql.properties.json as example --- .github/pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index db8f484..f7775f6 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -38,7 +38,7 @@ It is not: **For _Code Scanning_ workflows, the workflow:** - [ ] Should be preserved under [the `code-scanning` directory](https://github.com/actions/starter-workflows/tree/main/ci). -- [ ] Should include a matching `code-scanning/properties/*.properties.json` file, with properties set as follows: +- [ ] Should include a matching `code-scanning/properties/*.properties.json` file (for example, [`code-scanning/properties/codeql.properties.json`](https://github.com/actions/starter-workflows/blob/main/code-scanning/properties/codeql.properties.json)), with properties set as follows: - [ ] `name`: Name of the Code Scanning integration. - [ ] `organization`: Name of the organization producing the Code Scanning integration. - [ ] `description`: Short description of the Code Scanning integration. From 9786331c771877627fc201a98cd8cba0cb89b1a4 Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Tue, 16 Feb 2021 10:53:36 -0600 Subject: [PATCH 09/13] Remove languages in favor of categories --- .github/pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index f7775f6..3ca40ef 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -42,7 +42,7 @@ It is not: - [ ] `name`: Name of the Code Scanning integration. - [ ] `organization`: Name of the organization producing the Code Scanning integration. - [ ] `description`: Short description of the Code Scanning integration. - - [ ] `languages`: Array of languages supported by the Code Scanning integration. + - [ ] `categories`: Array of languages supported by the Code Scanning integration. - [ ] `iconName`: Name of the SVG logo representing the Code Scanning integration. This SVG logo must be present in [the `icons` directory](https://github.com/actions/starter-workflows/tree/main/icons). - [ ] Should run on `push` to `branches: [ $default-branch, $protected-branches ]` and `pull_request` to `branches: [ $default-branch ]`. We also recommend a `schedule` trigger of `cron: $cron-weekly` (for example, [`codeql.yml`](https://github.com/actions/starter-workflows/blob/c59b62dee0eae1f9f368b7011cf05c2fc42cf084/code-scanning/codeql.yml#L14-L21)). From ccc4742cb31514684de92f7f779c680aaf076ad5 Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Tue, 16 Feb 2021 10:56:46 -0600 Subject: [PATCH 10/13] Require 40 character SHA of referenced actions Co-authored-by: Andy McKay --- .github/pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 3ca40ef..6494e8d 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -49,7 +49,7 @@ It is not: **Some general notes:** - [ ] This workflow must _only_ use actions that are produced by GitHub, [in the `actions` organization](https://github.com/actions), **or** -- [ ] This workflow must _only_ use actions that are produced by the language or ecosystem that the workflow supports. These actions must be [published to the GitHub Marketplace](https://github.com/marketplace?type=actions). We recommend that these actions be referenced using the full 40 character hash of the action's commit instead of a tag. Additionally, workflows must include the following comment at the top of the workflow file: +- [ ] This workflow must _only_ use actions that are produced by the language or ecosystem that the workflow supports. These actions must be [published to the GitHub Marketplace](https://github.com/marketplace?type=actions). We require that these actions be referenced using the full 40 character hash of the action's commit instead of a tag. Additionally, workflows must include the following comment at the top of the workflow file: ``` # This workflow uses actions that are not certified by GitHub. # They are provided by a third-party and are governed by From 3cf906bc1bf47f7da3fafe67423b374774389ee2 Mon Sep 17 00:00:00 2001 From: Michael Thomsen Date: Fri, 26 Feb 2021 23:25:23 +0100 Subject: [PATCH 11/13] Update dart.yml (#820) * Update dart.yml Update Dart starter workflow to use `setup-dart` from the Dart team. This enables testing on more operating systems (Linux, Windows, and macOS), and offers more control over the Dart SDK version to test with. * Update dart.yml Add required disclaimer * Update ci/dart.yml Co-authored-by: Josh Gross Co-authored-by: Josh Gross --- ci/dart.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/ci/dart.yml b/ci/dart.yml index 138921f..7486577 100644 --- a/ci/dart.yml +++ b/ci/dart.yml @@ -1,3 +1,8 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + name: Dart on: @@ -10,18 +15,14 @@ jobs: build: runs-on: ubuntu-latest - # Note that this workflow uses the latest stable version of the Dart SDK. - # Docker images for other release channels - like dev and beta - are also - # available. See https://hub.docker.com/r/google/dart/ for the available - # images. - container: - image: google/dart:latest - steps: - uses: actions/checkout@v2 - - name: Print Dart SDK version - run: dart --version + # Note: This workflow uses the latest stable version of the Dart SDK. + # You can specify other versions if desired, see documentation here: + # https://github.com/dart-lang/setup-dart/blob/main/README.md + # - uses: dart-lang/setup-dart@v1 + - uses: dart-lang/setup-dart@9a04e6d73cca37bd455e0608d7e5092f881fd603 - name: Install dependencies run: dart pub get From db576e4bf486f3f0592e3d5ed45bcae36d8fa3e5 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Fri, 26 Feb 2021 23:31:13 +0100 Subject: [PATCH 12/13] Make the validation strict by default (#824) Co-authored-by: Josh Gross --- ci/php.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/php.yml b/ci/php.yml index 5053b43..f811a18 100644 --- a/ci/php.yml +++ b/ci/php.yml @@ -15,7 +15,7 @@ jobs: - uses: actions/checkout@v2 - name: Validate composer.json and composer.lock - run: composer validate + run: composer validate --strict - name: Cache Composer packages id: composer-cache From a1152703407cf97bb8e3cb39eeb909649f69fa02 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Fri, 26 Feb 2021 23:34:09 +0100 Subject: [PATCH 13/13] Always run composer install even if the vendor dir was restored (#825) Co-authored-by: Josh Gross --- ci/php.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/ci/php.yml b/ci/php.yml index f811a18..e1dceef 100644 --- a/ci/php.yml +++ b/ci/php.yml @@ -27,7 +27,6 @@ jobs: ${{ runner.os }}-php- - name: Install dependencies - if: steps.composer-cache.outputs.cache-hit != 'true' run: composer install --prefer-dist --no-progress --no-suggest # Add a test script to composer.json, for instance: "test": "vendor/bin/phpunit"