diff --git a/.github/linters/.yaml-lint.yml b/.github/linters/.yaml-lint.yml index 32ff17d..e6bfbf8 100644 --- a/.github/linters/.yaml-lint.yml +++ b/.github/linters/.yaml-lint.yml @@ -2,6 +2,9 @@ extends: default rules: + document-start: disable + comments: + min-spaces-from-content: 1 comments-indentation: disable line-length: level: warning diff --git a/.github/linters/zizmor.yaml b/.github/linters/zizmor.yaml index 00ea2bb..bed072b 100644 --- a/.github/linters/zizmor.yaml +++ b/.github/linters/zizmor.yaml @@ -1,4 +1,6 @@ rules: + secrets-outside-env: + disable: true unpinned-uses: config: policies: diff --git a/.github/workflows/add-labels-standardized.yaml b/.github/workflows/add-labels-standardized.yaml index 9ab803e..6a4b753 100644 --- a/.github/workflows/add-labels-standardized.yaml +++ b/.github/workflows/add-labels-standardized.yaml @@ -15,14 +15,6 @@ jobs: secrets: ORG_MEMBERSHIP_TOKEN: ${{ secrets.ORG_MEMBERSHIP_TOKEN }} MEMBERS: ${{ secrets.SENZING_MEMBERS }} - uses: senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml@v4 - - slack-notification: - needs: [add-issue-labels] - if: ${{ always() && contains(fromJSON('["failure", "cancelled"]'), needs.add-issue-labels.result) }} - secrets: SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} - uses: senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml@v4 - with: - job-status: ${{ needs.add-issue-labels.result }} + uses: senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml@v4 diff --git a/.github/workflows/add-to-project-g2-python-dependabot.yaml b/.github/workflows/add-to-project-g2-python-dependabot.yaml index 51b12ed..922732d 100644 --- a/.github/workflows/add-to-project-g2-python-dependabot.yaml +++ b/.github/workflows/add-to-project-g2-python-dependabot.yaml @@ -12,16 +12,8 @@ jobs: repository-projects: write secrets: PROJECT_RW_TOKEN: ${{ secrets.SENZING_GITHUB_PROJECT_RW_TOKEN }} - uses: senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml@v4 - with: - project: ${{ vars.SENZING_PROJECT_G2_PYTHON }} - - slack-notification: - needs: [add-to-project-dependabot] - if: ${{ always() && contains(fromJSON('["failure", "cancelled"]'), needs.add-to-project-dependabot.result) }} - secrets: SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} - uses: senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml@v4 + uses: senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml@v4 with: - job-status: ${{ needs.add-to-project-dependabot.result }} + project: ${{ vars.SENZING_PROJECT_G2_PYTHON }} diff --git a/.github/workflows/add-to-project-g2-python.yaml b/.github/workflows/add-to-project-g2-python.yaml index 1edc615..b31c64e 100644 --- a/.github/workflows/add-to-project-g2-python.yaml +++ b/.github/workflows/add-to-project-g2-python.yaml @@ -14,17 +14,9 @@ jobs: repository-projects: write secrets: PROJECT_RW_TOKEN: ${{ secrets.SENZING_GITHUB_PROJECT_RW_TOKEN }} + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} + SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} uses: senzing-factory/build-resources/.github/workflows/add-to-project.yaml@v4 with: project-number: ${{ vars.SENZING_PROJECT_G2_PYTHON }} org: ${{ vars.SENZING_GITHUB_ACCOUNT_NAME }} - - slack-notification: - needs: [add-to-project] - if: ${{ always() && contains(fromJSON('["failure", "cancelled"]'), needs.add-to-project.result) }} - secrets: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} - SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} - uses: senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml@v4 - with: - job-status: ${{ needs.add-to-project.result }} diff --git a/.github/workflows/add-to-project-garage-dependabot.yaml b/.github/workflows/add-to-project-garage-dependabot.yaml index 52e6da2..cd0a88a 100644 --- a/.github/workflows/add-to-project-garage-dependabot.yaml +++ b/.github/workflows/add-to-project-garage-dependabot.yaml @@ -12,16 +12,8 @@ jobs: repository-projects: write secrets: PROJECT_RW_TOKEN: ${{ secrets.SENZING_GITHUB_PROJECT_RW_TOKEN }} - uses: senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml@v4 - with: - project: ${{ vars.SENZING_PROJECT_GARAGE }} - - slack-notification: - needs: [add-to-project-dependabot] - if: ${{ always() && contains(fromJSON('["failure", "cancelled"]'), needs.add-to-project-dependabot.result) }} - secrets: SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} - uses: senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml@v4 + uses: senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml@v4 with: - job-status: ${{ needs.add-to-project-dependabot.result }} + project: ${{ vars.SENZING_PROJECT_GARAGE }} diff --git a/.github/workflows/add-to-project-garage.yaml b/.github/workflows/add-to-project-garage.yaml index e932c5d..4fba237 100644 --- a/.github/workflows/add-to-project-garage.yaml +++ b/.github/workflows/add-to-project-garage.yaml @@ -14,17 +14,9 @@ jobs: repository-projects: write secrets: PROJECT_RW_TOKEN: ${{ secrets.SENZING_GITHUB_PROJECT_RW_TOKEN }} + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} + SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} uses: senzing-factory/build-resources/.github/workflows/add-to-project.yaml@v4 with: project-number: ${{ vars.SENZING_PROJECT_GARAGE }} org: ${{ vars.SENZING_GITHUB_ACCOUNT_NAME }} - - slack-notification: - needs: [add-to-project] - if: ${{ always() && contains(fromJSON('["failure", "cancelled"]'), needs.add-to-project.result) }} - secrets: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} - SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} - uses: senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml@v4 - with: - job-status: ${{ needs.add-to-project.result }} diff --git a/.github/workflows/dependabot-approve-and-merge.yaml b/.github/workflows/dependabot-approve-and-merge.yaml index 3b5e853..e30afea 100644 --- a/.github/workflows/dependabot-approve-and-merge.yaml +++ b/.github/workflows/dependabot-approve-and-merge.yaml @@ -4,10 +4,6 @@ on: pull_request: branches: [main] -concurrency: - group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }} - cancel-in-progress: true - permissions: {} jobs: diff --git a/.github/workflows/pylint.yaml b/.github/workflows/pylint.yaml index 7e82f5a..6a29305 100644 --- a/.github/workflows/pylint.yaml +++ b/.github/workflows/pylint.yaml @@ -45,12 +45,11 @@ jobs: # shellcheck disable=SC2046 pylint $(git ls-files '*.py' ':!:docs/source/*') - slack-notification: - needs: [pylint] - if: ${{ always() && contains(fromJSON('["failure", "cancelled"]'), needs.pylint.result ) && github.ref_name == github.event.repository.default_branch }} - secrets: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} - SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} - uses: senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml@v4 - with: - job-status: ${{ needs.pylint.result }} + - name: Notify Slack on failure + if: (failure() || cancelled()) && github.ref_name == github.event.repository.default_branch + uses: senzing-factory/build-resources/slack-failure-notification@v4 + with: + job-status: ${{ job.status }} + slack-channel: ${{ secrets.SLACK_CHANNEL }} + slack-bot-token: ${{ secrets.SLACK_BOT_TOKEN }} + additional-info: "Python: ${{ matrix.python-version }}" diff --git a/.github/workflows/pytest-darwin.yaml b/.github/workflows/pytest-darwin.yaml index 6573155..cede128 100644 --- a/.github/workflows/pytest-darwin.yaml +++ b/.github/workflows/pytest-darwin.yaml @@ -65,10 +65,22 @@ jobs: source ./venv/bin/activate python -m pip install typing_extensions + - name: Mint staging tap token + if: matrix.senzingsdk-version != 'production-v4' + id: staging-token + uses: actions/create-github-app-token@v3.1.1 + with: + client-id: ${{ secrets.SENZINGSDK_STAGING_CLIENT_ID }} + private-key: ${{ secrets.SENZINGSDK_STAGING_APP_KEY }} + owner: senzing-factory # zizmor: ignore[github-app] + repositories: homebrew-senzingsdk-staging + permission-contents: read + - name: Install Senzing SDK - uses: senzing-factory/github-action-install-senzing-sdk@v4 + uses: senzing-factory/github-action-install-senzing-sdk@v5 with: senzingsdk-version: ${{ matrix.senzingsdk-version }} + senzingsdk-token: ${{ steps.staging-token.outputs.token || github.token }} - name: Set environment variables run: | @@ -105,3 +117,12 @@ jobs: with: name: "coverage-${{ matrix.python-version }}-${{ matrix.senzingsdk-version }}" path: "coverage.${{ matrix.python-version }}-${{ matrix.senzingsdk-version }}" + + - name: Notify Slack on failure + if: (failure() || cancelled()) && github.event_name == 'schedule' + uses: senzing-factory/build-resources/slack-failure-notification@v4 + with: + job-status: ${{ job.status }} + slack-channel: ${{ secrets.SLACK_CHANNEL }} + slack-bot-token: ${{ secrets.SLACK_BOT_TOKEN }} + additional-info: "SDK: ${{ matrix.senzingsdk-version }} | Python: ${{ matrix.python-version }}" diff --git a/.github/workflows/pytest-linux.yaml b/.github/workflows/pytest-linux.yaml index e7ece8f..ec1170b 100644 --- a/.github/workflows/pytest-linux.yaml +++ b/.github/workflows/pytest-linux.yaml @@ -68,7 +68,7 @@ jobs: python -m pip install typing_extensions - name: Install Senzing SDK - uses: senzing-factory/github-action-install-senzing-sdk@v4 + uses: senzing-factory/github-action-install-senzing-sdk@v5 with: senzingsdk-version: ${{ matrix.senzingsdk-version }} @@ -106,3 +106,12 @@ jobs: with: name: "coverage-${{ matrix.python-version }}-${{ matrix.senzingsdk-version }}" path: "coverage.${{ matrix.python-version }}-${{ matrix.senzingsdk-version }}" + + - name: Notify Slack on failure + if: (failure() || cancelled()) && (github.ref_name == github.event.repository.default_branch || github.event_name == 'schedule') + uses: senzing-factory/build-resources/slack-failure-notification@v4 + with: + job-status: ${{ job.status }} + slack-channel: ${{ secrets.SLACK_CHANNEL }} + slack-bot-token: ${{ secrets.SLACK_BOT_TOKEN }} + additional-info: "SDK: ${{ matrix.senzingsdk-version }} | Python: ${{ matrix.python-version }}" diff --git a/.github/workflows/pytest-windows.yaml b/.github/workflows/pytest-windows.yaml index 3c510d4..4e36f21 100644 --- a/.github/workflows/pytest-windows.yaml +++ b/.github/workflows/pytest-windows.yaml @@ -63,10 +63,22 @@ jobs: .\\venv\\Scripts\\activate python -m pip install typing_extensions + - name: Mint staging bucket token + if: matrix.senzingsdk-version != 'production-v4' + id: staging-token + uses: actions/create-github-app-token@v3.1.1 + with: + client-id: ${{ secrets.SENZINGSDK_STAGING_CLIENT_ID }} + private-key: ${{ secrets.SENZINGSDK_STAGING_APP_KEY }} + owner: senzing-factory # zizmor: ignore[github-app] + repositories: scoop-senzingsdk-staging + permission-contents: read + - name: Install Senzing SDK - uses: senzing-factory/github-action-install-senzing-sdk@v4 + uses: senzing-factory/github-action-install-senzing-sdk@v5 with: senzingsdk-version: ${{ matrix.senzingsdk-version }} + senzingsdk-token: ${{ steps.staging-token.outputs.token || github.token }} - name: Set environment variables run: | @@ -99,3 +111,12 @@ jobs: with: name: "coverage-${{ matrix.python-version }}-${{ matrix.senzingsdk-version }}" path: "coverage.${{ matrix.python-version }}-${{ matrix.senzingsdk-version }}" + + - name: Notify Slack on failure + if: (failure() || cancelled()) && github.event_name == 'schedule' + uses: senzing-factory/build-resources/slack-failure-notification@v4 + with: + job-status: ${{ job.status }} + slack-channel: ${{ secrets.SLACK_CHANNEL }} + slack-bot-token: ${{ secrets.SLACK_BOT_TOKEN }} + additional-info: "SDK: ${{ matrix.senzingsdk-version }} | Python: ${{ matrix.python-version }}"