STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9790 commits 87 branches 0 tags 160 MiB
Commit graph

284 commits

Author SHA1 Message Date
Kynan Ware
8a5302ec6e Remove unused GH_TOKEN env variable from workflow 
The GH_TOKEN environment variable was set but not used in the pr-vars-dispatch step. This commit removes it for clarity and to avoid confusion.
 2025-06-30 10:55:10 -06:00
Kynan Ware
45c8c827c5
Add workflow_dispatch support to PR Help Wanted check (#11179) 
* Add workflow_dispatch support to PR Help Wanted check

This update allows the PR Help Wanted workflow to be triggered manually via workflow_dispatch with a specified PR URL. It adds logic to fetch PR details using the GitHub CLI for manual runs and unifies variable handling for both event types.

* Update workflow to use PR number instead of URL

Changed the workflow_dispatch input from 'pr_url' to 'pr_number' and updated the script to construct the PR URL from the number.

* Move help-wanted check for draft PRs into script

* Don't prefix URL with `#`

* Invert draft checking logic

Inverting this logic because anything other than "false" means we should skip it.

* Move PR draft status check to shell script

The logic for checking if a pull request is a draft has been moved from the GitHub Actions workflow YAML to the check-help-wanted.sh script. This simplifies the workflow file and centralizes the draft status check within the script.
 2025-06-30 12:51:54 -04:00
Andy Feller
728e973a20 Ensure automation uses pinned go-licenses version 2025-06-23 13:22:27 -04:00
Andy Feller
11e8a8127d Use make for license generation and checks 2025-06-20 16:53:11 -04:00
Andy Feller
98ea250ede Merge branch 'trunk' into andyfeller/9422-license-compliance 2025-06-20 16:23:00 -04:00
Kynan Ware
50e4a4ad15 Fix step order for CodeQL workflow 2025-06-17 08:41:14 -06:00
William Martin
86c251154e
Merge pull request #11121 from cli/11101-use-golangci-lint-version-2 
Bump golangci-lint to v2
 2025-06-17 11:43:14 +02:00
Andy Feller
14c2673d27 Merge branch 'trunk' into andyfeller/9422-license-compliance 2025-06-16 15:27:28 -04:00
Kynan Ware
9e161cda4e
Apply suggestion from @Copilot 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-06-16 13:20:20 -06:00
Kynan Ware
fa3402f783 Improve help wanted check skipping logic 2025-06-16 13:11:37 -06:00
William Martin
8e5ed00ad7
Merge pull request #11133 from cli/wm/execute-gh 
Ensure gh executes in workflow check script
 2025-06-16 21:02:50 +02:00
William Martin
31b3dc1ba6 Ensure gh executes in workflow check script 2025-06-16 20:46:24 +02:00
Kynan Ware
2609b4e283
Merge branch 'trunk' into kw/fix-file-not-found-in-help-wanted-workflow-2 2025-06-16 11:59:31 -06:00
Kynan Ware
7d1b5d2ce0 Fix repo checkout in help-wanted check 2025-06-16 11:47:48 -06:00
Andy Feller
8532997a4b
Merge pull request #11127 from cli/andyfeller/11126-ghas-ignore-3rd-party-source 
Exclude 3rd party license compliance content from GHAS scanning
 2025-06-16 13:45:42 -04:00
Andy Feller
c7b1afd293 Fixes #11126 
These changes will cause GitHub Advanced Security to ignore the auto-generated content around 3rd party dependencies used by `cli/cli` from static code analysis and secret scanning.

For more information:

- https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning
- https://docs.github.com/en/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/excluding-folders-and-files-from-secret-scanning
 2025-06-16 13:36:37 -04:00
Andy Feller
f652fd76dc
Merge pull request #11125 from cli/kw/fix-file-not-found-in-help-wanted-workflow 
Fix script path for help-wanted check
 2025-06-16 13:14:18 -04:00
Kynan Ware
7fa213251c Fix script path for help-wanted check 2025-06-16 10:14:38 -06:00
William Martin
c7baa7a555 Quote workflow conditional 2025-06-16 17:54:24 +02:00
William Martin
35e95a42c9
Merge pull request #11107 from cli/dependabot/github_actions/actions/attest-build-provenance-2.4.0 
chore(deps): bump actions/attest-build-provenance from 2.3.0 to 2.4.0
 2025-06-16 17:09:33 +02:00
William Martin
928a326cee
Add workflow to check help wanted labelling (#11105) 
Co-authored-by: Kynan Ware <47394200+BagToad@users.noreply.github.com>
Co-authored-by: Babak K. Shandiz <babakks@github.com>
Co-authored-by: Andy Feller <andyfeller@github.com>
 2025-06-16 17:09:04 +02:00
dependabot[bot]
f8a3133003
chore(deps): bump actions/attest-build-provenance from 2.3.0 to 2.4.0 
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](db473fddc0...e8998f9491)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-version: 2.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-12 14:33:02 +00:00
dependabot[bot]
2266c7a5b5
chore(deps): bump mislav/bump-homebrew-formula-action from 3.2 to 3.4 
Bumps [mislav/bump-homebrew-formula-action](https://github.com/mislav/bump-homebrew-formula-action) from 3.2 to 3.4.
- [Release notes](https://github.com/mislav/bump-homebrew-formula-action/releases)
- [Commits](942e550c63...8e2baa47da)

---
updated-dependencies:
- dependency-name: mislav/bump-homebrew-formula-action
  dependency-version: '3.4'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-03 14:57:13 +00:00
Andy Feller
b30101c496 Avoid analyzing 3rd party license content with CodeQL 
With these changes, `cli/cli` will be redistributing code as-is due to license compliance, which we will not change or address issues around.  Without these changes, our pull requests are getting a bunch of false positive annotations we cannot and will not fix directly.
 2025-05-30 13:22:42 -04:00
Andy Feller
bd24865076 Adopt license compliance scripts into workflows, docs 
This commit introduces the use of `go-licenses` within CI/CD and manual processes for generating / updating the license information used by GitHub CLI including the code required by license to be redistributed.

During GitHub CLI pull requests, the `lint` workflow will notify users if this information is not updated.
 2025-05-30 12:46:51 -04:00
dependabot[bot]
9bb89de87c
chore(deps): bump actions/attest-build-provenance from 2.2.2 to 2.3.0 
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 2.2.2 to 2.3.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](bd77c07785...db473fddc0)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-28 15:44:19 +00:00
Kynan Ware
e21243fe9b ci: pin third party actions to commit sha 2025-04-04 21:45:54 -06:00
Tyler McGoffin
e0533f9f73 Change issueauto and prauto actions to use the cli-automation env 2025-03-07 12:04:59 -08:00
Tyler McGoffin
824acc86dd Add environment to prauto and issueauto workflows 2025-03-06 11:20:39 -08:00
Tyler McGoffin
09b233746c Add cli-discuss-automation environment to triage.md 
Previously, we were getting the token from repository secrets. We have
moved the token to its own environment secret in the
cli-discuss-automation environment. It is in its own environment so that
we don't inject our other secrets into this workflow as we don't need
them here.
 2025-03-06 11:13:01 -08:00
Kynan Ware
601c3e448c Fix(ci): base64 decode GPG passphrase 2025-03-05 12:43:44 -07:00
dependabot[bot]
b83a1a06ef
Bump actions/attest-build-provenance from 2.2.0 to 2.2.2 
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 2.2.0 to 2.2.2.
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](520d128f16...bd77c07785)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-28 14:52:41 +00:00
Michael Hoffman
4c1a9215c9
Merge branch 'trunk' into remove-project-automation 2025-01-30 14:45:07 -05:00
Andy Feller
df250a2b53
Update deployment.yml 
Fix failing tag validate job
 2025-01-30 13:07:21 -05:00
Michael Hoffman
d1b5facb48 Remove unused env var, PRID 2025-01-30 12:59:29 -05:00
Michael Hoffman
077f064f4a Remove v1 project 'add to board' automation from prauto workflow 2025-01-29 10:21:11 -05:00
Tyler McGoffin
7fcb4453ed
Merge pull request #10121 from cli/jtmcg/add-tagname-enforcement-to-deployment-workflow 
Add job to deployment workflow to validate the tag name for a given release
 2025-01-24 14:31:59 -08:00
Andy Feller
c23a2834c7
Merge pull request #10297 from dennisameling/windows-arm64-msi 
Enable MSI building for Windows arm64
 2025-01-24 08:04:35 -05:00
dependabot[bot]
fe3d18c96a
Bump actions/attest-build-provenance from 2.1.0 to 2.2.0 
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](7668571508...520d128f16)

---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-23 14:53:49 +00:00
Dennis Ameling
d4aebb1cbb Enable MSI building for Windows arm64 2025-01-22 18:06:40 +01:00
William Martin
0ead3398a7 Bump golang ci lint to work with go 1.24 2025-01-21 17:55:39 +01:00
shauryatiwari1
eed3626521 Remove release discussion posts and clean up related block in deployment yml 2024-12-27 15:15:21 +05:30
Tyler McGoffin
5fc56ded50 Escape '.' in version validation regex in deployment workflow 2024-12-26 10:50:09 -08:00
Tyler McGoffin
1386e3671f Add job to deployment workflow to validate the tag name for a given release 2024-12-20 14:55:29 -08:00
Meredith Lancaster
64bf37e31c
Merge pull request #10051 from malancas/gh-attestation-download-windows-bug 
Use Windows compatible file name for downloaded attestations when running `gh attestation download`
 2024-12-16 08:01:36 -07:00
Meredith Lancaster
5ebfa26487 use bash shell with integration tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-12-11 08:03:42 -07:00
Meredith Lancaster
2ced59fba3 update integration test scripts 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-12-11 07:42:05 -07:00
Meredith Lancaster
050f295b37 run all tests in a single script 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-12-10 11:41:15 -07:00
Meredith Lancaster
0e15557000 windows for loop syntax 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-12-10 10:18:15 -07:00
Meredith Lancaster
9f6d18c70e run integration tests with windows specific syntax 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-12-10 08:37:32 -07:00