Workflow Updates (#16)

* ci: Add pre-commit hook to validate markdown links * ci: Update release workflow to pass in the full path to the template files * docs: Update example to use proper json syntax * ci: Skip a hook that is unable to be run in pre-commit.ci due to no external network access allowed * feat: Add a pre-commit cache to the test-code and update-python-and-pre-commit-dependencies reusable workflows * feat: Add a job that checks that all CodeQL analysis passed to enable easier Required Status Checks
tektronix · Aug 27, 2024 · 36b73ab · 36b73ab
1 parent f1a4822
commit 36b73ab
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 7 deletions.
diff --git a/.github/workflows/_reusable-codeql-analysis.yml b/.github/workflows/_reusable-codeql-analysis.yml
@@ -35,3 +35,13 @@ jobs:
         uses: github/codeql-action/analyze@v3
         with:
           category: /language:${{matrix.language}}
+  # Check that all jobs passed
+  check-codeql-passed:
+    if: ${{ !cancelled() }}
+    needs: [analyze]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Decide whether the needed jobs succeeded or failed
+        uses: re-actors/[email protected]
+        with:
+          jobs: ${{ toJSON(needs) }}
diff --git a/.github/workflows/_reusable-test-code.yml b/.github/workflows/_reusable-test-code.yml
@@ -50,6 +50,12 @@ jobs:
           check-latest: true
       - name: Install dependencies
         run: python -m pip install tox tox-gh-actions
+      - name: Set up pre-commit cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pre-commit
+          key: pre-commit|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml')
+            }}
       - name: Run tox
         run: tox -v
       - uses: actions/upload-artifact@v4

diff --git a/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml b/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml
@@ -77,6 +77,13 @@ jobs:
           passphrase: ${{ secrets.gpg-signing-key-passphrase }}
           git_user_signingkey: true
           git_commit_gpgsign: true
+      - name: Set up pre-commit cache
+        if: ${{ inputs.update-pre-commit || inputs.run-pre-commit }}
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pre-commit
+          key: pre-commit|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml')
+            }}
       - if: ${{ endsWith(github.repository, '/python-package-ci-cd') }}  # Run the local action when this is run in the python-package-ci-cd repository
         uses: ./actions/update_development_dependencies
         with:

diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml
@@ -24,6 +24,8 @@ jobs:
       commit-user-name: ${{ vars.TEK_OPENSOURCE_NAME }}
       commit-user-email: ${{ vars.TEK_OPENSOURCE_EMAIL }}
       release-level: ${{ inputs.release-level }}
+      previous-changelog-filepath: python_semantic_release_templates/.previous_changelog_for_template.md
+      previous-release-notes-filepath: python_semantic_release_templates/.previous_release_notes_for_template.md
     permissions:
       contents: write
       id-token: write

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -4,7 +4,7 @@ default_stages: [pre-commit]
 ci:
   autofix_prs: false
   autoupdate_schedule: quarterly
-  skip: [check-poetry, pyright, poetry-audit]
+  skip: [check-poetry, pyright, poetry-audit, markdown-link-check]
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: 2c9f875913ee60ca25ce70243dc24d5b6415598c  # frozen: v4.6.0
@@ -80,11 +80,11 @@ repos:
           - mdformat-toc
           - mdformat-web
           - mdformat-wikilink
-# TODO: enable after repo is made public
-#  - repo: https://github.com/tcort/markdown-link-check
-#    rev: 6f18a0fe55028917b06edbbd56554d9f975fd2f4  # frozen: v3.12.2
-#    hooks:
-#      - id: markdown-link-check
+  - repo: https://github.com/tcort/markdown-link-check
+    rev: 6f18a0fe55028917b06edbbd56554d9f975fd2f4  # frozen: v3.12.2
+    hooks:
+      - id: markdown-link-check
+        args: [--quiet]
   - repo: https://gitlab.com/smop/pre-commit-hooks
     rev: df034f88cf92b394e6f00a78fa97a2aa4e270e60  # frozen: v1.0.0
     hooks:

diff --git a/workflows/update-python-and-pre-commit-dependencies.md b/workflows/update-python-and-pre-commit-dependencies.md
@@ -60,7 +60,7 @@ jobs:
     with:
       commit-user-name: 'User Name'
       commit-user-email: 'user-email'
-      dependency-dict: '{"dev": ("pylint", "ruff"), "tests": ("ruff")}'  # optional, but without it nothing will get updated by Poetry
+      dependency-dict: '{"dev": ["pylint", "ruff"], "tests": ["ruff"]}'  # optional, but without it nothing will get updated by Poetry
       update-pre-commit: true  # optional
       run-pre-commit: true  # optional
       pre-commit-hook-skip-list: pylint,pyright,pyroma,poetry-audit  # optional, hooks that don't auto-fix things can (and probably should be) skipped