Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bootstrap repository, prep for v1.0.0 #1

Merged
merged 12 commits into from
Apr 18, 2024
Merged

Bootstrap repository, prep for v1.0.0 #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
df1bec7
Add static analysis action
nwiltsie Apr 15, 2024
2db522d
Try to work around lack of templating
nwiltsie Apr 16, 2024
0133bee
Add explicit shell
nwiltsie Apr 16, 2024
14087e1
Try the templating thing
nwiltsie Apr 16, 2024
51f3fa6
Typo
nwiltsie Apr 16, 2024
5e892ac
Oops, path only
nwiltsie Apr 16, 2024
3cde1a0
Rename action to determine what name goes where
nwiltsie Apr 16, 2024
5ef6add
Fix up the README
nwiltsie Apr 16, 2024
495c137
Use python to allow for more checks
nwiltsie Apr 16, 2024
02216b5
Pivot to only hosting a single Action
nwiltsie Apr 16, 2024
33c8985
Update README, CHANGELOG
nwiltsie Apr 16, 2024
5f0e90f
Add Version to metadata
nwiltsie Apr 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 3 additions & 29 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Changelog
All notable changes to the tool_name Docker file.
All notable changes to the static analysis Action.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

Expand All @@ -8,32 +8,6 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
---

## [Unreleased]
### Changed
- Update links in on-prem Confluence to point to cloud-based Confluence
- Update `.gitignore` - Add common non-plain text file extensions (e.g. image and Office suite)
- Change something but it is not part of the last release.

---

## [1.0.0] - YYYY-MM-DD
### Added
- For new features.
- Add item 1.

### Changed
- For changes in existing functionality.
- Change item 1.

### Deprecated
- For soon-to-be removed features.

### Removed
- For now removed features.
- Remove item 1.

### Fixed
- For any bug fixes.
- Fix item 1.

### Security
- In case of vulnerabilities.
- Add README documentation about usage and versioning
- Bootstrap Action for static analysis
46 changes: 38 additions & 8 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,50 @@
# Project/Repo Title
# Static Code Analysis for the Boutros Lab

Template Repository for the Boutros Lab general project repos. Describe a simple overview of use/purpose here.
Run static analyses for code style, linting, and repository configuration.

## Description
## Usage
```yaml
---
name: Static analysis

on:
push:
branches:
- main
pull_request:
branches:
- main

jobs:
analysis:
runs-on: ubuntu-latest

steps:
- uses: uclahs-cds/tool-static-analysis@v1
# The below is optional and shows the default value
with:
docker-tag: latest
```

## Versioning

Per [GitHub's advice](https://docs.github.com/en/actions/creating-actions/about-custom-actions#using-tags-for-release-management) for release management, this repository uses semantic version tags. The key details are:

* Full semantic version tags, such as `v1.0.2`, are immutable and will always refer to the same commit hash.
* Major version tags, such as `v1` or `v2`, are kept up-to-date with the latest matching semantic version tag.

Callers should use the latest major version tag (currently `v1`), as that will refer to the most recent stable and backwards-compatible version. Specifying semantic version tags is discouraged unless there is a specific need for absolute reproducibility.

An in-depth paragraph about your project and overview of use.

## License

Author: Name1([email protected]), Name2(username2@mednet.ucla.edu)
Author: Nicholas Wiltsie (nwiltsie@mednet.ucla.edu)

[This project] is licensed under the GNU General Public License version 2. See the file LICENSE.md for the terms of the GNU GPL license.
tool-static-analysis is licensed under the GNU General Public License version 2. See the file LICENSE.md for the terms of the GNU GPL license.

<one line to give the project/program's name and a brief idea of what it does.>
GitHub automations common to the Boutros Lab repositories.

Copyright (C) 2023 University of California Los Angeles ("Boutros Lab") All rights reserved.
Copyright (C) 2024 University of California Los Angeles ("Boutros Lab") All rights reserved.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

Expand Down
50 changes: 50 additions & 0 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
---
name: Perform static analyses

description: Run static analysis checks on code for pull requests

inputs:
docker-tag:
description: Docker image tag to use for running checks
default: latest
required: false

runs:
using: "composite"
steps:
- name: Checkout repository
uses: actions/checkout@v4

# https://github.com/orgs/community/discussions/9049#discussioncomment-4239509
# Due to limitations on composite Actions, we can't do something like:
# - uses: docker://ghcr.io/uclahs-cds/cicd-base:${{ inputs.docker-tag }}
# Instead, we need to write another action.yml on-the-fly and then use that.
# There absolutely should not be an 'action.yml' file underneath the .git
# folder of the calling repository already, so we can use that.
yashpatel6 marked this conversation as resolved.
Show resolved Hide resolved
- name: Configure workflow
shell: python
env:
DOCKER_IMAGE_TAG: ${{ inputs.docker-tag }}
run: |
nwiltsie marked this conversation as resolved.
Show resolved Hide resolved
import os
import re
from pathlib import Path

# Bail out if there are any illegal characters in the tag
tag = os.environ.get("DOCKER_IMAGE_TAG")
if re.search(r"[^a-zA-Z0-9_.\-]", tag):
raise ValueError(f"Problem with the tag `{tag}`!")

template = Path(
os.environ.get("GITHUB_ACTION_PATH"), "template", "action.yml"
)

Path(".git/action.yml").write_text(
template.read_text(encoding="utf-8").replace(
"DOCKER_IMAGE_TAG", tag
),
encoding="utf-8"
)

- name: Run checks
uses: ./.git
15 changes: 8 additions & 7 deletions metadata.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
---
Category: '' # shoule be one of docker/pipeline/project/template/tool/training/users
Description: '' # Description of why the repository exists
Maintainers: ['[email protected]', '[email protected]'] # email address of maintainers
Contributors: 'Xavier Hernandez' # Full names of contributors
Languages: ['R', 'perl', 'nextflow'] # programming languages used
Dependencies: 'BPG' # packages, tools that repo needs to run
References: '' # is the tool/dependencies published, is there a confluence page
Category: 'tool'
Description: 'GitHub composite Action to perform static code analysis'
Maintainers: ['[email protected]']
Contributors: 'Nicholas Wiltsie'
Languages: ['python']
Version: ['1.0.0'] # Tool version number
Dependencies: ''
References: ''
9 changes: 9 additions & 0 deletions template/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
name: Static analysis implementation

description: Run static analysis checks on code for pull requests
runs:
using: "composite"
steps:
- name: Run static checks
uses: docker://ghcr.io/uclahs-cds/cicd-base:DOCKER_IMAGE_TAG
Loading