Skip to content

Commit

Permalink
Merge pull request #1473 from xael-fry/github-actions-configuration
Browse files Browse the repository at this point in the history
feat(dependabot): add dependabot.yml configuration
  • Loading branch information
xael-fry authored Mar 3, 2024
2 parents 3cbf19e + 02c1de5 commit 97b07a4
Show file tree
Hide file tree
Showing 4 changed files with 128 additions and 0 deletions.
7 changes: 7 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
version: 2
updates:
- package-ecosystem: "github-actions" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"

40 changes: 40 additions & 0 deletions .github/release-drafts/increasing-minor-version.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
_extends: .github:.github/release-drafts/increasing-minor-version.yml
template: |
# :mega: Play $NEXT_MINOR_VERSION Released
The Play Team is proud to announce the release of Play $NEXT_MINOR_VERSION. This release adds many new features and continues our efforts to make Play more modular, flexible, and secure. Play $NEXT_MINOR_VERSION is the result of more than **X months** of relentless work from our fantastic community, comprehending **more than a thousand (TODO?) changes** made from **X contributors**.
## :green_book: What is new?
The highlights in Play $NEXT_MINOR_VERSION include, but are not limited by:
To get started with Play, follow the instructions in our [Getting Started page](https://www.playframework.com/documentation/1.5.x/home#started).
## Full Changelog
Following pull requests got merged for this release:
<details>
<summary>Following pull requests got merged for this release (click to expand)</summary>
$CHANGES
</details>
For more details see the [full list of changes](https://github.com/playframework/play1/compare/$PREVIOUS_TAG...$NEXT_MINOR_VERSION/) and the [$NEXT_MINOR_VERSION milestone](https://github.com/playframework/play1/issues?page=1&q=milestone%3A%22$NEXT_MINOR_VERSION%22).
## 🙇 Thanks to our contributors
Finally, thanks to the community for their help with detailed bug reports, discussions about new features and pull request reviews. This project is only possible due to the help we had from amazing contributors.
Special thanks to all code contributors who helped with this particular release (they are listed below)!
categories:
- title: '🚀 Features'
labels:
- 'feature'
- 'refactoring'
- title: '🐛 Bug Fixes'
label: 'bug'
- title: 📦 Dependency updates
label: 'dependencies'
- title: 📖 Documentation
label: 'documentation'
23 changes: 23 additions & 0 deletions .github/release-drafts/release-drafter.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Release Drafter

on:
push:
branches:
- master

permissions: {}
jobs:
update_release_draft:
permissions:
pull-requests: write # to add label to PR (release-drafter/release-drafter)
contents: write # to create a github release (release-drafter/release-drafter)

runs-on: ubuntu-latest
steps:
- uses: release-drafter/release-drafter@v6
with:
name: "Play $RESOLVED_VERSION"
config-name: release-drafts/increasing-minor-version.yml # located in .github/ in the default branch within this or the .github repo
commitish: ${{ env.GITHUB_REF_NAME }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
58 changes: 58 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
name: "CodeQL"

on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
schedule:
- cron: '15 1 * * 6'

jobs:
analyze:
name: Analyze
# Runner size impacts CodeQL analysis time. To learn more, please see:
# - https://gh.io/recommended-hardware-resources-for-running-codeql
# - https://gh.io/supported-runners-and-hardware-resources
# - https://gh.io/using-larger-runners
# Consider using larger runners for possible analysis time improvements.
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
permissions:
# required for all workflows
security-events: write

# only required for workflows in private repositories
actions: read
contents: read

strategy:
fail-fast: false
matrix:
language: [ 'java-kotlin', 'javascript-typescript', 'python' ]

steps:
- name: Checkout repository
uses: actions/checkout@v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.

# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality

- name: Build with Ant
if: ${{ matrix.language }} == 'java-kotlin'
working-directory: ./framework
run: ant jar

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"

0 comments on commit 97b07a4

Please sign in to comment.