From c0cf7321ab017d7195a289ad6570e6302d30d432 Mon Sep 17 00:00:00 2001 From: sarina Date: Fri, 19 Jul 2024 09:43:13 -0400 Subject: [PATCH] build: Update Quarterly workflows to be offset and notify properly * The two jobs were big for one on-call shift, so splitting up the repo_checks and GH audit jobs into two separate months * Add proper hooks for tagging on-call and notifying in Slack (copying from the working weekly jobs file) --- .github/workflows/add-quarterly-GH-audit.yml | 37 +++++++++++ .../workflows/add-quarterly-gh-requests.yml | 62 ------------------- .../workflows/add-quarterly-repo-checks.yml | 37 +++++++++++ 3 files changed, 74 insertions(+), 62 deletions(-) create mode 100644 .github/workflows/add-quarterly-GH-audit.yml delete mode 100644 .github/workflows/add-quarterly-gh-requests.yml create mode 100644 .github/workflows/add-quarterly-repo-checks.yml diff --git a/.github/workflows/add-quarterly-GH-audit.yml b/.github/workflows/add-quarterly-GH-audit.yml new file mode 100644 index 0000000..2c32720 --- /dev/null +++ b/.github/workflows/add-quarterly-GH-audit.yml @@ -0,0 +1,37 @@ +name: Create quarterly issues for GitHub audit +on: + schedule: + - cron: 0 0 1 1,4,7,10 * + workflow_dispatch: {} + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +jobs: + create_issue: + name: Create quarterly issues + runs-on: ubuntu-latest + permissions: + issues: write + steps: + - run: | + # Audit GitHub Users + gh issue create --repo "openedx/axim-engineering" \ + --title "Quarterly Audit of Github Users" \ + --label "github-request" \ + --body "It is time to perform the quartely audit of GitHub users in the \`openedx\` org. The playbook for performing the audit can be found [here](https://openedx.atlassian.net/wiki/spaces/COMM/pages/3438903337/On-call+Playbooks#%F0%9F%94%8D-Audit-Github-Users)." + + - name: Comment on issue + run: gh issue comment $NEW_ISSUE_URL --body "@openedx/axim-oncall heads up on this request" + + - name: Send custom JSON data to Slack workflow + id: slack + uses: slackapi/slack-github-action@v1.26.0 + with: + # This data can be any valid JSON from a previous step in the GitHub Action + payload: | + { + "msg": "Time to check for new Discourse members. ${{ env.NEW_ISSUE_URL }}" + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file diff --git a/.github/workflows/add-quarterly-gh-requests.yml b/.github/workflows/add-quarterly-gh-requests.yml deleted file mode 100644 index 44320cc..0000000 --- a/.github/workflows/add-quarterly-gh-requests.yml +++ /dev/null @@ -1,62 +0,0 @@ -name: Create quarterly issues -on: - schedule: - - cron: 0 0 1 1,4,7,10 * - workflow_dispatch: {} - -env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - -jobs: - create_issue: - name: Create quarterly issues - runs-on: ubuntu-latest - permissions: - issues: write - steps: - - run: | - # Audit GitHub Users - gh issue create --repo "openedx/axim-engineering" \ - --title "Quarterly Audit of Github Users" \ - --label "github-request" \ - --body "It is time to perform the quartely audit of GitHub users in the \`openedx\` org. The playbook for performing the audit can be found [here](https://openedx.atlassian.net/wiki/spaces/COMM/pages/3438903337/On-call+Playbooks#%F0%9F%94%8D-Audit-Github-Users)." - - run: | - # Run repo-checks.py - gh issue create --repo "openedx/axim-engineering" \ - --title "Quarterly repo-checks.py Run" \ - --label "github-request" \ - --body "It is time to perform the quartely run of \`repo-checks.py\` for the \`openedx\` org. Instructions for running the script can be found [here](https://github.com/openedx/repo-tools/tree/master/edx_repo_tools/repo_checks#usage)." - - tag_and_notify: - runs-on: ubuntu-latest - steps: - - name: Generate token - id: generate_token - uses: tibdex/github-app-token@v1 - with: - app_id: ${{ secrets.GRAPHQL_AUTH_APP_ID }} - private_key: ${{ secrets.GRAPHQL_AUTH_APP_PEM }} - - - name: Tag axim on-call - env: - URL: ${{ github.event.issue.comments_url }} - GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} - run: | - curl \ - -X POST \ - $URL \ - -H "Content-Type: application/json" \ - -H "Authorization: token $GITHUB_TOKEN" \ - --data '{ "body": "@openedx/axim-oncall - heads up on this request." }' - - - name: Send custom JSON data to Slack workflow - id: slack - uses: slackapi/slack-github-action@v1.26.0 - with: - # This data can be any valid JSON from a previous step in the GitHub Action - payload: | - { - "msg": "${{ github.event.issue.title }}\nAuthor: ${{ github.event.issue.user.login }}\nURL: https://www.github.com/openedx/axim-engineering/issues/${{ github.event.issue.number }}" - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/add-quarterly-repo-checks.yml b/.github/workflows/add-quarterly-repo-checks.yml new file mode 100644 index 0000000..9a94d27 --- /dev/null +++ b/.github/workflows/add-quarterly-repo-checks.yml @@ -0,0 +1,37 @@ +name: Create quarterly issues for Repo Checks audit +on: + schedule: + - cron: 0 0 1 2,5,8,11 * + workflow_dispatch: {} + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +jobs: + create_issue: + name: Create quarterly repo checks task + runs-on: ubuntu-latest + permissions: + issues: write + steps: + - run: | + # Run repo-checks.py + gh issue create --repo "openedx/axim-engineering" \ + --title "Quarterly repo-checks.py Run" \ + --label "github-request" \ + --body "It is time to perform the quartely run of \`repo-checks.py\` for the \`openedx\` org. Instructions for running the script can be found [here](https://github.com/openedx/repo-tools/tree/master/edx_repo_tools/repo_checks#usage)." + + - name: Comment on issue + run: gh issue comment $NEW_ISSUE_URL --body "@openedx/axim-oncall heads up on this request" + + - name: Send custom JSON data to Slack workflow + id: slack + uses: slackapi/slack-github-action@v1.26.0 + with: + # This data can be any valid JSON from a previous step in the GitHub Action + payload: | + { + "msg": "Time to check for new Discourse members. ${{ env.NEW_ISSUE_URL }}" + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file