From 9fc7e557a243973b040ef598158254f2cf92a3ba Mon Sep 17 00:00:00 2001 From: Dan Webb Date: Thu, 9 Oct 2025 20:44:48 +0100 Subject: [PATCH] feat(ci): migrate to reusable workflows v4.1.0 Update ci.yml to use lint-unit workflow v4.1.0 Add conventional-commits workflow for PR validation Add prevent-file-change workflow for metadata protection Add release workflow using release-cookbook v4.1.0 Add release-please configuration files Use secrets: inherit for proper secret propagation --- .github/workflows/ci.yml | 3 ++- .github/workflows/conventional-commits.yml | 13 +++++++++++++ .github/workflows/prevent-file-change.yml | 13 +++++++++++++ .github/workflows/release.yml | 19 +++++++++++++++++++ .release-please-manifest.json | 3 +++ release-please-config.json | 12 ++++++++++++ 6 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/conventional-commits.yml create mode 100644 .github/workflows/prevent-file-change.yml create mode 100644 .github/workflows/release.yml create mode 100644 .release-please-manifest.json create mode 100644 release-please-config.json diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cf9d4bd..8fab4ac 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,10 +8,11 @@ name: ci jobs: lint-unit: - uses: sous-chefs/.github/.github/workflows/lint-unit.yml@4.0.0 + uses: sous-chefs/.github/.github/workflows/lint-unit.yml@4.1.0 permissions: actions: write checks: write pull-requests: write statuses: write issues: write + secrets: inherit diff --git a/.github/workflows/conventional-commits.yml b/.github/workflows/conventional-commits.yml new file mode 100644 index 0000000..c3ac2e2 --- /dev/null +++ b/.github/workflows/conventional-commits.yml @@ -0,0 +1,13 @@ +--- +name: 'Validate PR' + +"on": + pull_request_target: + types: [opened, edited, reopened] + +jobs: + conventional-commits: + uses: sous-chefs/.github/.github/workflows/conventional-commits.yml@4.1.0 + permissions: + pull-requests: read + secrets: inherit diff --git a/.github/workflows/prevent-file-change.yml b/.github/workflows/prevent-file-change.yml new file mode 100644 index 0000000..758333b --- /dev/null +++ b/.github/workflows/prevent-file-change.yml @@ -0,0 +1,13 @@ +--- +name: 'Prevent file change' + +"on": + pull_request_target: + branches: [main] + +jobs: + prevent-file-change: + uses: sous-chefs/.github/.github/workflows/prevent-file-change.yml@4.1.0 + permissions: + pull-requests: write + secrets: inherit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..61455e3 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,19 @@ +--- +name: release-please + +"on": + push: + branches: [main] + +permissions: + contents: write + issues: write + pull-requests: write + packages: write + attestations: write + id-token: write + +jobs: + release-cookbook: + uses: sous-chefs/.github/.github/workflows/release-cookbook.yml@4.1.0 + secrets: inherit diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 0000000..033e2d4 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "0.2.10" +} diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 0000000..ec4cd60 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,12 @@ +{ + "packages": { + ".": { + "package-name": "appveyor-ci", + "changelog-path": "CHANGELOG.md", + "release-type": "ruby", + "include-component-in-tag": false, + "version-file": "metadata.rb" + } + }, + "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json" +}