From 6ee84ec65b56dd6ea45f0ee4ce9a37736d88130b Mon Sep 17 00:00:00 2001 From: Nicholas Date: Mon, 11 Mar 2024 16:56:47 +0000 Subject: [PATCH] chore: improve and update ci cd --- .github/workflows/cla.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/coverage.yml | 6 +- .github/workflows/dependency-review.yml | 14 ++++ .github/workflows/lock-threads.yml | 29 ++++++++ .github/workflows/publish.yml | 26 +++++++ .github/workflows/stale.yml | 9 ++- .github/workflows/test.yml | 4 +- package.json | 91 +++++++++++++++++++++++++ 9 files changed, 174 insertions(+), 9 deletions(-) create mode 100644 .github/workflows/dependency-review.yml create mode 100644 .github/workflows/lock-threads.yml create mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 3d9c0f0..1db56a2 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -16,7 +16,7 @@ jobs: steps: - name: "CLA Check" if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' - uses: contributor-assistant/github-action@v2.2.1 + uses: contributor-assistant/github-action@v2.3.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 14e2257..2f44a5c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 6ebe3bf..48c3d53 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,10 +17,10 @@ jobs: node-version: [18.x] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} @@ -28,7 +28,7 @@ jobs: run: npm ci - name: Report Coverage - uses: paambaati/codeclimate-action@v3.2.0 + uses: paambaati/codeclimate-action@v5.0.0 env: CC_TEST_REPORTER_ID: b7dd7a17709f29e70a936a1a9482a9d7c0da56915aec94382436d4e8f9bcb78e with: diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 0000000..6f44bbb --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,14 @@ +name: 'Dependency Review' +on: [pull_request] + +permissions: + contents: read + +jobs: + dependency-review: + runs-on: ubuntu-latest + steps: + - name: 'Checkout Repository' + uses: actions/checkout@v4 + - name: 'Dependency Review' + uses: actions/dependency-review-action@v3 \ No newline at end of file diff --git a/.github/workflows/lock-threads.yml b/.github/workflows/lock-threads.yml new file mode 100644 index 0000000..4eed77c --- /dev/null +++ b/.github/workflows/lock-threads.yml @@ -0,0 +1,29 @@ +name: "Lock Threads" + +on: + schedule: + - cron: "0 * * * *" # Once a day, at midnight UTC + workflow_dispatch: + +permissions: + issues: write + pull-requests: write + +concurrency: + group: lock + +jobs: + action: + runs-on: ubuntu-latest + steps: + - uses: dessant/lock-threads@v4 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + issue-inactive-days: "30" # Lock issues after 30 days of being closed + pr-inactive-days: "5" # Lock closed PRs after 5 days. This ensures that issues that stem from a PR are opened as issues, rather than comments on the recently merged PR. + add-issue-labels: "outdated" + exclude-issue-created-before: "2023-01-01" + issue-comment: > + This issue has been closed for more than 30 days. If this issue is still occuring, please open a new issue with more recent context. + pr-comment: > + This pull request has already been merged/closed. If you experience issues related to these changes, please open a new issue referencing this pull request. \ No newline at end of file diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..fb9fc41 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,26 @@ +name: Publish Package to npmjs +on: + workflow_dispatch: +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: write + issues: write + pull-requests: write + id-token: write + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: '20.x' + cache: 'npm' + registry-url: 'https://registry.npmjs.org' + - run: npm ci + - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies + run: npm audit signatures + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + run: npx semantic-release \ No newline at end of file diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index e9e8389..2ed2e9e 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -7,7 +7,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@v6 + - uses: actions/stale@v8 with: stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.' stale-pr-message: 'This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.' @@ -16,4 +16,9 @@ jobs: days-before-issue-stale: 30 days-before-pr-stale: 45 days-before-issue-close: 5 - days-before-pr-close: 10 \ No newline at end of file + days-before-pr-close: 10 + operations-per-run: 90 + exempt-issue-labels: keep + exempt-pr-labels: keep + exempt-all-assignees: true + exempt-all-milestones: true \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7f974fe..cdfbf28 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,10 +17,10 @@ jobs: node-version: [18.x, 20.x] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} diff --git a/package.json b/package.json index 3f14da5..9de832b 100644 --- a/package.json +++ b/package.json @@ -38,19 +38,110 @@ "queue" ], "homepage": "https://bbc.github.io/sqs-producer/", + "publishConfig": { + "provenance": true + }, + "release": { + "branches": [ + "main", + { + "name": "canary", + "prerelease": true + } + ], + "plugins": [ + [ + "@semantic-release/commit-analyzer", + { + "preset": "conventionalcommits", + "releaseRules": [ + { + "type": "feat", + "release": "minor" + }, + { + "type": "chore", + "release": "patch" + }, + { + "type": "fix", + "release": "patch" + }, + { + "type": "docs", + "release": "patch" + }, + { + "type": "refactor", + "release": "patch" + }, + { + "type": "test", + "release": "patch" + } + ] + } + ], + [ + "@semantic-release/release-notes-generator", + { + "preset": "conventionalcommits", + "presetConfig": { + "types": [ + { + "type": "feat", + "section": "Features" + }, + { + "type": "fix", + "section": "Bug Fixes" + }, + { + "type": "chore", + "section": "Chores" + }, + { + "type": "docs", + "section": "Documentation" + }, + { + "type": "refactor", + "section": "Refactors" + }, + { + "type": "test", + "section": "Tests" + } + ] + } + } + ], + "@semantic-release/changelog", + "@semantic-release/github", + "@semantic-release/npm" + ] + }, "devDependencies": { + "@semantic-release/changelog": "^6.0.3", + "@semantic-release/commit-analyzer": "^11.1.0", + "@semantic-release/git": "^10.0.1", + "@semantic-release/github": "^9.2.6", + "@semantic-release/npm": "^11.0.2", + "@semantic-release/release-notes-generator": "^12.1.0", "@types/chai": "^4.3.12", "@types/debug": "^4.1.12", "@types/mocha": "^10.0.6", "@types/node": "^20.11.25", "@types/sinon": "^17.0.3", "chai": "^4.4.1", + "conventional-changelog-conventionalcommits": "^7.0.2", "eslint": "^8.57.0", "eslint-config-iplayer": "^9.2.0", "eslint-config-prettier": "^9.1.0", "mocha": "^10.3.0", "c8": "^9.1.0", "prettier": "^3.2.5", + "semantic-release": "^23.0.0", "sinon": "^17.0.1", "ts-node": "^10.9.2", "typedoc": "^0.25.12",