chore: add Github Actions for linting, security, docs and release

Author: Yamini-Microsoft

.github/CODEOWNERS

@@ -0,0 +1,9 @@
+# Lines starting with '#' are comments.# Lines starting with '#' are comments.
+
+# Each line is a file pattern followed by one or more owners.# Each line is a file pattern followed by one or more owners.
+
+
+
+# These owners will be the default owners for everything in the repo.# These owners will be the default owners for everything in the repo.
+
+* @Avijit-Microsoft @Roopan-Microsoft @Prajwal-Microsoft @Vinay-Microsoft @aniaroramsft @toherman-msft @nchandhi @dgp10801

.github/workflows/broken-links-checker.yml

@@ -0,0 +1,57 @@
+name: Broken Link Checker
+
+on:
+  pull_request:
+    paths:
+      - '**/*.md'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  markdown-link-check:
+    name: Check Markdown Broken Links
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      # For PR : Get only changed markdown files
+      - name: Get changed markdown files (PR only)
+        id: changed-markdown-files
+        if: github.event_name == 'pull_request'
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46
+        with:
+          files: |
+            **/*.md
+
+
+      # For PR: Check broken links only in changed files
+      - name: Check Broken Links in Changed Markdown Files
+        id: lychee-check-pr
+        if: github.event_name == 'pull_request' && steps.changed-markdown-files.outputs.any_changed == 'true'
+        uses: lycheeverse/lychee-action@v2.4.1
+        with:
+          args: >
+            --verbose --exclude-mail --no-progress --exclude ^https?://
+            ${{ steps.changed-markdown-files.outputs.all_changed_files }}
+          failIfEmpty: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      # For manual trigger: Check all markdown files in repo
+      - name: Check Broken Links in All Markdown Files in Entire Repo (Manual Trigger)
+        id: lychee-check-manual
+        if: github.event_name == 'workflow_dispatch'
+        uses: lycheeverse/lychee-action@v2.4.1
+        with:
+          args: >
+            --verbose --exclude-mail --no-progress --exclude ^https?://
+            '**/*.md'
+          failIfEmpty: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/create-release.yml

@@ -0,0 +1,66 @@
+name: "Create Release"
+
+on:
+  push:
+    branches: ["main"]
+
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      with:
+        ref: ${{ github.sha }}
+
+    - uses: codfish/semantic-release-action@v3
+      id: semantic
+      with:
+        tag-format: 'v${version}'
+        additional-packages: |
+          ['conventional-changelog-conventionalcommits@7']
+        plugins: |
+          [
+            [
+              "@semantic-release/commit-analyzer",
+              {
+                "preset": "conventionalcommits"
+              }
+            ],
+            [
+              "@semantic-release/release-notes-generator",
+              {
+                "preset": "conventionalcommits",
+                "presetConfig": {
+                  "types": [
+                    { type: 'feat', section: 'Features', hidden: false },
+                    { type: 'fix', section: 'Bug Fixes', hidden: false },
+                    { type: 'perf', section: 'Performance Improvements', hidden: false },
+                    { type: 'revert', section: 'Reverts', hidden: false },
+                    { type: 'docs', section: 'Other Updates', hidden: false },
+                    { type: 'style', section: 'Other Updates', hidden: false },
+                    { type: 'chore', section: 'Other Updates', hidden: false },
+                    { type: 'refactor', section: 'Other Updates', hidden: false },
+                    { type: 'test', section: 'Other Updates', hidden: false },
+                    { type: 'build', section: 'Other Updates', hidden: false },
+                    { type: 'ci', section: 'Other Updates', hidden: false }
+                  ]
+                }
+              }
+            ],
+            '@semantic-release/github'
+          ]
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - run: echo ${{ steps.semantic.outputs.release-version }}
+
+    - run: echo "$OUTPUTS"
+      env:
+        OUTPUTS: ${{ toJson(steps.semantic.outputs) }}

.github/workflows/pylint.yml

@@ -0,0 +1,28 @@
+name: PyLint
+
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11"]
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install flake8  # Ensure flake8 is installed explicitly
+      
+      - name: Run flake8
+        run: |
+          flake8 --config=.flake8 src  # Specify the directory to lint
+

.github/workflows/stale-bot.yml

@@ -0,0 +1,82 @@
+name: "Manage Stale Issues, PRs & Unmerged Branches"
+on:
+  schedule:
+    - cron: '30 1 * * *'  # Runs daily at 1:30 AM UTC
+  workflow_dispatch:  # Allows manual triggering
+permissions:
+  contents: write
+  issues: write
+  pull-requests: write
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Mark Stale Issues and PRs
+        uses: actions/stale@v9
+        with:
+          stale-issue-message: "This issue is stale because it has been open 180 days with no activity. Remove stale label or comment, or it will be closed in 30 days."
+          stale-pr-message: "This PR is stale because it has been open 180 days with no activity. Please update or it will be closed in 30 days."
+          days-before-stale: 180
+          days-before-close: 30
+          exempt-issue-labels: "keep"
+          exempt-pr-labels: "keep"
+  cleanup-branches:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Fetch full history for accurate branch checks
+      - name: Fetch All Branches
+        run: git fetch --all --prune
+      - name: List Merged Branches With No Activity in Last 3 Months
+        run: |
+          
+          echo "Branch Name,Last Commit Date,Committer,Committed In Branch,Action" > merged_branches_report.csv
+          
+          for branch in $(git for-each-ref --format '%(refname:short) %(committerdate:unix)' refs/remotes/origin | awk -v date=$(date -d '3 months ago' +%s) '$2 < date {print $1}'); do
+            if [[ "$branch" != "origin/main" && "$branch" != "origin/dev" ]]; then
+              branch_name=${branch#origin/}
+              # Ensure the branch exists locally before getting last commit date
+              git fetch origin "$branch_name" || echo "Could not fetch branch: $branch_name"
+              last_commit_date=$(git log -1 --format=%ci "origin/$branch_name" || echo "Unknown")
+              committer_name=$(git log -1 --format=%cn "origin/$branch_name" || echo "Unknown")
+              committed_in_branch=$(git branch -r --contains "origin/$branch_name" | tr -d ' ' | paste -sd "," -)
+              echo "$branch_name,$last_commit_date,$committer_name,$committed_in_branch,Delete" >> merged_branches_report.csv
+            fi
+          done
+      - name: List PR Approved and Merged Branches Older Than 30 Days
+        run: |
+          
+          for branch in $(gh api repos/${{ github.repository }}/pulls --jq '.[] | select(.merged_at != null and (.base.ref == "main" or .base.ref == "dev")) | select(.merged_at | fromdateiso8601 < (now - 2592000)) | .head.ref'); do
+            # Ensure the branch exists locally before getting last commit date
+            git fetch origin "$branch" || echo "Could not fetch branch: $branch"
+            last_commit_date=$(git log -1 --format=%ci origin/$branch || echo "Unknown")
+            committer_name=$(git log -1 --format=%cn origin/$branch || echo "Unknown")
+            committed_in_branch=$(git branch -r --contains "origin/$branch" | tr -d ' ' | paste -sd "," -)
+            echo "$branch,$last_commit_date,$committer_name,$committed_in_branch,Delete" >> merged_branches_report.csv
+          done
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: List Open PR Branches With No Activity in Last 3 Months
+        run: |
+          
+          for branch in $(gh api repos/${{ github.repository }}/pulls --state open --jq '.[] | select(.base.ref == "main" or .base.ref == "dev") | .head.ref'); do
+            # Ensure the branch exists locally before getting last commit date
+            git fetch origin "$branch" || echo "Could not fetch branch: $branch"
+            last_commit_date=$(git log -1 --format=%ci origin/$branch || echo "Unknown")
+            committer_name=$(git log -1 --format=%cn origin/$branch || echo "Unknown")
+            if [[ $(date -d "$last_commit_date" +%s) -lt $(date -d '3 months ago' +%s) ]]; then
+              # If no commit in the last 3 months, mark for deletion
+              committed_in_branch=$(git branch -r --contains "origin/$branch" | tr -d ' ' | paste -sd "," -)
+              echo "$branch,$last_commit_date,$committer_name,$committed_in_branch,Delete" >> merged_branches_report.csv
+            fi
+          done
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Upload CSV Report of Inactive Branches
+        uses: actions/upload-artifact@v4
+        with:
+          name: merged-branches-report
+          path: merged_branches_report.csv
+          retention-days: 30