From 0572e40e6d32d47a9fc6c88b6c8cb552dce5cf1b Mon Sep 17 00:00:00 2001 From: Thomas Owen Date: Thu, 2 Oct 2025 12:26:25 +0100 Subject: [PATCH 1/3] feat(ci): add conventional commit ci check --- .github/workflows/conventional-commit.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .github/workflows/conventional-commit.yml diff --git a/.github/workflows/conventional-commit.yml b/.github/workflows/conventional-commit.yml new file mode 100644 index 0000000..b095627 --- /dev/null +++ b/.github/workflows/conventional-commit.yml @@ -0,0 +1,17 @@ +name: PR Conventional Commit Validation +on: + pull_request: + types: [opened, synchronize, reopened, edited] + branches-ignore: + - 'dependabot/**/**' +jobs: + validate-pr-title: + if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' + runs-on: ubuntu-latest + steps: + - name: PR Conventional Commit Validation + uses: ytanikin/pr-conventional-commits@1.4.0 + with: + task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]' + custom_labels: '{"feat": "enhancement", "fix": "bug", "docs": "documentation", "test": "test", "ci": "CI/CD", "refactor": "refactor", "perf": "performance", "chore": "chore", "revert": "revert", "wip": "WIP"}' + add_scope_label: 'false' From 410b15d6ebcf0b5bc1ddac165d71aa0d81dd954d Mon Sep 17 00:00:00 2001 From: Thomas Owen Date: Tue, 7 Oct 2025 16:56:01 +0100 Subject: [PATCH 2/3] chore: add conventional commit check to main ci.yml --- .github/workflows/ci.yml | 94 ++++++++++++++--------- .github/workflows/conventional-commit.yml | 17 ---- 2 files changed, 56 insertions(+), 55 deletions(-) delete mode 100644 .github/workflows/conventional-commit.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b7c2c1c..dff8964 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,50 +1,68 @@ --- - name: CI +name: CI - on: # yamllint disable-line rule:truthy - push: - pull_request: +on: # yamllint disable-line rule:truthy + push: + pull_request: + branches-ignore: + - 'dependabot/**/**' +concurrency: + group: "${{ github.head_ref || github.ref }}-${{ github.workflow }}" + cancel-in-progress: true - concurrency: - group: "${{ github.head_ref || github.ref }}-${{ github.workflow }}" - cancel-in-progress: true +jobs: + validate-pr-title: + if: | + github.event_name == 'pull_request' && + (github.event.action == 'opened' || + github.event.action == 'synchronize' || + github.event.action == 'reopened' || + github.event.action == 'edited') && + github.actor != 'dependabot[bot]' && + github.actor != 'dependabot-preview[bot]' + runs-on: ubuntu-latest + steps: + - name: PR Conventional Commit Validation + uses: ytanikin/pr-conventional-commits@1.4.0 + with: + task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]' + custom_labels: '{"feat": "enhancement", "fix": "bug", "docs": "documentation", "test": "test", "ci": "CI/CD", "refactor": "refactor", "perf": "performance", "chore": "chore", "revert": "revert", "wip": "WIP"}' + add_scope_label: 'false' + lint-test: + if: '! github.event.pull_request.draft' + name: Lint and Test + runs-on: ubuntu-22.04 + strategy: + matrix: + python-version: ["3.12"] - jobs: - lint-test: - if: '! github.event.pull_request.draft' - name: Lint and Test - runs-on: ubuntu-22.04 - strategy: - matrix: - python-version: ["3.12"] + steps: + - uses: actions/checkout@v4 + - name: Install uv + uses: astral-sh/setup-uv@v6 - steps: - - uses: actions/checkout@v4 - - name: Install uv - uses: astral-sh/setup-uv@v6 + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: ${{ matrix.python-version }} - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: ${{ matrix.python-version }} + - name: Display Python version + run: python -c "import sys; print(sys.version)" - - name: Display Python version - run: python -c "import sys; print(sys.version)" + - name: Build uv lock file + run: uv lock - - name: Build uv lock file - run: uv lock + - name: Install dependencies + run: uv sync - - name: Install dependencies - run: uv sync + - name: setup gitleaks + run: make setup-gitleaks - - name: setup gitleaks - run: make setup-gitleaks + - name: run gitleaks + run: make run-gitleaks - - name: run gitleaks - run: make run-gitleaks + - name: check code formatting & vulnerability detection + run: make check-python-nofix - - name: check code formatting & vulnerability detection - run: make check-python-nofix - - - name: Cleanup residue file - run: make clean + - name: Cleanup residue file + run: make clean diff --git a/.github/workflows/conventional-commit.yml b/.github/workflows/conventional-commit.yml deleted file mode 100644 index b095627..0000000 --- a/.github/workflows/conventional-commit.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: PR Conventional Commit Validation -on: - pull_request: - types: [opened, synchronize, reopened, edited] - branches-ignore: - - 'dependabot/**/**' -jobs: - validate-pr-title: - if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' - runs-on: ubuntu-latest - steps: - - name: PR Conventional Commit Validation - uses: ytanikin/pr-conventional-commits@1.4.0 - with: - task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]' - custom_labels: '{"feat": "enhancement", "fix": "bug", "docs": "documentation", "test": "test", "ci": "CI/CD", "refactor": "refactor", "perf": "performance", "chore": "chore", "revert": "revert", "wip": "WIP"}' - add_scope_label: 'false' From cc6b2db79d2da80d40cf73c41eaf25b51a65b4ef Mon Sep 17 00:00:00 2001 From: Thomas Owen Date: Tue, 7 Oct 2025 17:04:38 +0100 Subject: [PATCH 3/3] chore: add conventional commit check to steps, not jobs --- .github/workflows/ci.yml | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dff8964..71adc19 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,23 +11,6 @@ concurrency: cancel-in-progress: true jobs: - validate-pr-title: - if: | - github.event_name == 'pull_request' && - (github.event.action == 'opened' || - github.event.action == 'synchronize' || - github.event.action == 'reopened' || - github.event.action == 'edited') && - github.actor != 'dependabot[bot]' && - github.actor != 'dependabot-preview[bot]' - runs-on: ubuntu-latest - steps: - - name: PR Conventional Commit Validation - uses: ytanikin/pr-conventional-commits@1.4.0 - with: - task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]' - custom_labels: '{"feat": "enhancement", "fix": "bug", "docs": "documentation", "test": "test", "ci": "CI/CD", "refactor": "refactor", "perf": "performance", "chore": "chore", "revert": "revert", "wip": "WIP"}' - add_scope_label: 'false' lint-test: if: '! github.event.pull_request.draft' name: Lint and Test @@ -37,6 +20,20 @@ jobs: python-version: ["3.12"] steps: + - name: PR Conventional Commit Validation + if: | + github.event_name == 'pull_request' && + (github.event.action == 'opened' || + github.event.action == 'synchronize' || + github.event.action == 'reopened' || + github.event.action == 'edited') && + github.actor != 'dependabot[bot]' && + github.actor != 'dependabot-preview[bot]' + uses: ytanikin/pr-conventional-commits@1.4.0 + with: + task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]' + custom_labels: '{"feat": "enhancement", "fix": "bug", "docs": "documentation", "test": "test", "ci": "CI/CD", "refactor": "refactor", "perf": "performance", "chore": "chore", "revert": "revert", "wip": "WIP"}' + add_scope_label: 'false' - uses: actions/checkout@v4 - name: Install uv uses: astral-sh/setup-uv@v6