Hygiene (#16)

* Add ignore md files to previous workflows * Add version-tag-exists check to python-build * Add the version-tag-exists check for manual deployment from all -build workflows * Add changes to the workflows into the readme, add base readme template and uplift the python, julia, java and go readmes * Make the other readme's a little prettier * Copy lang emoji's for the 4 already chosen * Added emoji's for the other 4 stubs, added the same LICENSE everywhere * Add dependabot and mention the OSSF Scorecard in devlog * Add the OpenSSF and Go badges Co-authored-by: Skenvy <>
Skenvy · Jul 29, 2022 · 92b8945 · 92b8945
1 parent 790f0c2
commit 92b8945
Show file tree

Hide file tree

Showing 32 changed files with 1,704 additions and 133 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,35 @@
+version: 2
+updates:
+# Workflow files stored in the default location of `.github/workflows`
+- package-ecosystem: github-actions
+  directory: "/"
+  schedule:
+    interval: daily
+- package-ecosystem: nuget
+  directory: "/C#"
+  schedule:
+    interval: monthly
+- package-ecosystem: gomod
+  directory: "/go"
+  schedule:
+    interval: weekly
+- package-ecosystem: maven
+  directory: "/java"
+  schedule:
+    interval: weekly
+# Julia has no supported ecosystem
+# https://github.com/dependabot/dependabot-core/issues/2105
+- package-ecosystem: npm
+  directory: "/node.js"
+  schedule:
+    interval: monthly
+- package-ecosystem: pip
+  directory: "/python"
+  schedule:
+    interval: weekly
+# R has no supported ecosystem
+# https://github.com/dependabot/dependabot-core/issues/2042
+- package-ecosystem: bundler
+  directory: "/ruby"
+  schedule:
+    interval: monthly
diff --git a/.github/workflows/README.md b/.github/workflows/README.md
@@ -11,7 +11,7 @@ Parallel to this is that any operation performed during an "action", if performe
 _Any_ push to _any_ branch, **that changes files relevant to** _some_ release target(s), should invoke a **"CI verification"** on that release.
 * The steps within a **"CI verification"** can have either a _limited_ or _entire_ scope.
     * All release targets for the _entire_ scope should be included in the `jobs.<job_id>.strategy.matrix` such as;
-        ```
+        ```yaml
         jobs:
           <job_id>:
             runs-on: '${{ matrix.os }}'
@@ -54,7 +54,7 @@ flowchart TD
 ```
 We want different processes for the workflows across four essential categories.
 1. A push to main that changes the idiomatic release versioning.
-    ```
+    ```yaml
     on:
       push:
         branches:
@@ -65,7 +65,7 @@ We want different processes for the workflows across four essential categories.
     * Entire Scope CI
     * CD Process
 1. A push to main that doesn't change the idiomatic release versioning.
-    ```
+    ```yaml
     on:
       push:
         branches:
@@ -77,7 +77,7 @@ We want different processes for the workflows across four essential categories.
     ```
     * Entire Scope CI
 1. A push to any other branch
-    ```
+    ```yaml
     on:
       push:
         branches-ignore:
@@ -88,7 +88,7 @@ We want different processes for the workflows across four essential categories.
     ```
     * Limited Scope CI
 1. A PR against main
-    ```
+    ```yaml
     on:
       pull_request:
         branches:
@@ -104,10 +104,11 @@ Can be search+replace'd on
 * `<gh-action-setup-language@semver>` + `<language-version>`
 * `<make-environment-dependencies>`
 * `<version-file>` (appears as `export VERSION_FILE="<language>/<version-file>"`)
+* `<version-extracting-command>` (appears as `export VER=$(<version-extracting-command>)`)
 
 The caveat on the lowercase `<language>` is that it is replacing the value in `working-directory: <language>`, so is synonymous with the subfolder that contains that language, and might not always actually be replaced with something in lower case. It's also required that this uses the same capitalisation as the `.github/workflows/<language>-*` files.
 ## `<language>-test.yaml`
-```
+```yaml
 name: <Language> <language-emojis> Tests 🦂
 on:
   push:
@@ -185,7 +186,7 @@ jobs:
   #     run: make docs
 ```
 ## `<language>-build.yaml`
-```
+```yaml
 name: <Language> <language-emojis> Test 🦂 Build 🧱 Release 🚰 and Publish 📦
 on:
   push:
@@ -212,6 +213,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       version-file-changed: ${{ steps.version-file-check.outputs.version-file-changed }}
+      version-tag-exists: ${{ steps.version-tag-exists.outputs.version-tag-exists }}
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
@@ -222,14 +224,26 @@ jobs:
       run: |
         export VERSION_FILE="<language>/<version-file>"
         [ "$(git diff HEAD^1.. --name-only | grep -e "^$VERSION_FILE$")" == "$VERSION_FILE" ] && echo "::set-output name=version-file-changed::${{toJSON(true)}}" || echo "::set-output name=version-file-changed::${{toJSON(false)}}"
-    - name: Notify of conditions
+    - name: Notify on version-file-check
       run: echo "::Notice::version-file-changed is ${{ fromJSON(steps.version-file-check.outputs.version-file-changed) }}"
-  # Now any step that should only run on the version change can use "needs: [workflow-conditions]"
-  # Which will yield the condition check "if: ${{ fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true }}"
+    - name: Check if version specified in version file has not released.
+      id: version-tag-exists
+      run: |
+        git fetch --tags
+        export VER=$(<version-extracting-command>)
+        [ -z "$(git tag -l "<language>-v$VER")" ] && echo "::set-output name=version-tag-exists::${{toJSON(false)}}" || echo "::set-output name=version-tag-exists::${{toJSON(true)}}"
+    - name: Notify on version-tag-exists
+      run: echo "::Notice::version-tag-exists is ${{ fromJSON(steps.version-tag-exists.outputs.version-tag-exists) }}"
+  # Now any step that should only run on the version change can use
+  # "needs: [workflow-conditions]" Which will yield the condition checks below.
+  # We want to "release" automatically if "version-file-changed" is true on push
+  # Or manually if workflow_dispatch and "version-tag-exists" is false.
   build:
     name: <Language> <language-emojis> Build 🧱
     needs: [test, workflow-conditions]
-    if: ${{ fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true }}
+    if: >-
+      ${{ (fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true && github.event_name == 'push') ||
+      (fromJSON(needs.workflow-conditions.outputs.version-tag-exists) == false && github.event_name == 'workflow_dispatch') }}
     runs-on: ubuntu-latest
     steps:
     - name: 🏁 Checkout

diff --git a/.github/workflows/go-build.yaml b/.github/workflows/go-build.yaml
@@ -24,6 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       version-file-changed: ${{ steps.version-file-check.outputs.version-file-changed }}
+      version-tag-exists: ${{ steps.version-tag-exists.outputs.version-tag-exists }}
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
@@ -34,14 +35,26 @@ jobs:
       run: |
         export VERSION_FILE="go/go.ver"
         [ "$(git diff HEAD^1.. --name-only | grep -e "^$VERSION_FILE$")" == "$VERSION_FILE" ] && echo "::set-output name=version-file-changed::${{toJSON(true)}}" || echo "::set-output name=version-file-changed::${{toJSON(false)}}"
-    - name: Notify of conditions
+    - name: Notify on version-file-check
       run: echo "::Notice::version-file-changed is ${{ fromJSON(steps.version-file-check.outputs.version-file-changed) }}"
-  # Now any step that should only run on the version change can use "needs: [workflow-conditions]"
-  # Which will yield the condition check "if: ${{ fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true }}"
+    - name: Check if version specified in version file has not released.
+      id: version-tag-exists
+      run: |
+        git fetch --tags
+        export VER=$(cat go.ver)
+        [ -z "$(git tag -l "go-v$VER")" ] && echo "::set-output name=version-tag-exists::${{toJSON(false)}}" || echo "::set-output name=version-tag-exists::${{toJSON(true)}}"
+    - name: Notify on version-tag-exists
+      run: echo "::Notice::version-tag-exists is ${{ fromJSON(steps.version-tag-exists.outputs.version-tag-exists) }}"
+  # Now any step that should only run on the version change can use
+  # "needs: [workflow-conditions]" Which will yield the condition checks below.
+  # We want to "release" automatically if "version-file-changed" is true on push
+  # Or manually if workflow_dispatch and "version-tag-exists" is false.
   build:
     name: Go 🔷🐀🔷 Build 🧱
     needs: [test, workflow-conditions]
-    if: ${{ fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true }}
+    if: >-
+      ${{ (fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true && github.event_name == 'push') ||
+      (fromJSON(needs.workflow-conditions.outputs.version-tag-exists) == false && github.event_name == 'workflow_dispatch') }}
     runs-on: ubuntu-latest
     steps:
     - name: 🏁 Checkout

diff --git a/.github/workflows/java-build.yaml b/.github/workflows/java-build.yaml
@@ -5,6 +5,7 @@ on:
     - 'main'
     paths:
     - 'java/**'
+    - '!java/**.md'
     - '.github/workflows/java-*'
   workflow_dispatch:
 defaults:
@@ -23,6 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       version-file-changed: ${{ steps.version-file-check.outputs.version-file-changed }}
+      version-tag-exists: ${{ steps.version-tag-exists.outputs.version-tag-exists }}
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
@@ -33,19 +35,30 @@ jobs:
       run: |
         export VERSION_FILE="java/pom.xml"
         [ "$(git diff HEAD^1.. --name-only | grep -e "^$VERSION_FILE$")" == "$VERSION_FILE" ] && echo "::set-output name=version-file-changed::${{toJSON(true)}}" || echo "::set-output name=version-file-changed::${{toJSON(false)}}"
-    - name: Notify of conditions
+    - name: Notify on version-file-check
       run: echo "::Notice::version-file-changed is ${{ fromJSON(steps.version-file-check.outputs.version-file-changed) }}"
-  # Now any step that should only run on the version change can use "needs: [workflow-conditions]"
-  # Which will yield the condition check "if: ${{ fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true }}"
+    - name: Check if version specified in version file has not released.
+      id: version-tag-exists
+      run: |
+        git fetch --tags
+        export VER=$(mvn help:evaluate -Dexpression="project.version" -q -DforceStdout)
+        [ -z "$(git tag -l "java-v$VER")" ] && echo "::set-output name=version-tag-exists::${{toJSON(false)}}" || echo "::set-output name=version-tag-exists::${{toJSON(true)}}"
+    - name: Notify on version-tag-exists
+      run: echo "::Notice::version-tag-exists is ${{ fromJSON(steps.version-tag-exists.outputs.version-tag-exists) }}"
+  # Now any step that should only run on the version change can use
+  # "needs: [workflow-conditions]" Which will yield the condition checks below.
+  # We want to "release" automatically if "version-file-changed" is true on push
+  # Or manually if workflow_dispatch and "version-tag-exists" is false.
   build:
     name: Java ☕🦆🌞 Build 🧱
     needs: [test, workflow-conditions]
-    if: ${{ fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true }}
+    if: >-
+      ${{ (fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true && github.event_name == 'push') ||
+      (fromJSON(needs.workflow-conditions.outputs.version-tag-exists) == false && github.event_name == 'workflow_dispatch') }}
     runs-on: ubuntu-latest
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
-    # https://github.com/actions/setup-java
     - name: ☕🦆🌞 Set up Java
       uses: actions/setup-java@v3
       with:
@@ -119,7 +132,6 @@ jobs:
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
-    # https://github.com/actions/setup-java
     - name: ☕🦆🌞 Set up Java
       uses: actions/setup-java@v3
       with:

diff --git a/.github/workflows/java-test.yaml b/.github/workflows/java-test.yaml
@@ -5,12 +5,14 @@ on:
     - 'main'
     paths:
     - 'java/**'
+    - '!java/**.md'
     - '.github/workflows/java-*'
   pull_request:
     branches:
     - 'main'
     paths:
     - 'java/**'
+    - '!java/**.md'
     - '.github/workflows/java-*'
   workflow_call:
 defaults:
@@ -25,7 +27,6 @@ jobs:
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
-    # https://github.com/actions/setup-java
     - name: ☕🦆🌞 Set up Java
       uses: actions/setup-java@v3
       with:
@@ -52,7 +53,6 @@ jobs:
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
-    # https://github.com/actions/setup-java
     - name: ☕🦆🌞 Set up Java ${{ matrix.version }}
       uses: actions/setup-java@v3
       with:
@@ -68,7 +68,6 @@ jobs:
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
-    # https://github.com/actions/setup-java
     - name: ☕🦆🌞 Set up Java
       uses: actions/setup-java@v3
       with:

diff --git a/.github/workflows/julia-build.yaml b/.github/workflows/julia-build.yaml
@@ -5,6 +5,7 @@ on:
     - 'main'
     paths:
     - 'julia/**'
+    - '!julia/**.md'
     - '.github/workflows/julia-*'
   workflow_dispatch:
 defaults:
@@ -23,6 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       version-file-changed: ${{ steps.version-file-check.outputs.version-file-changed }}
+      version-tag-exists: ${{ steps.version-tag-exists.outputs.version-tag-exists }}
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
@@ -35,15 +37,26 @@ jobs:
       run: |
         export VERSION_FILE="julia/Project.toml"
         [ "$(git diff HEAD^1.. --name-only | grep -e "^$VERSION_FILE$")" == "$VERSION_FILE" ] && echo "::set-output name=version-file-changed::${{toJSON(true)}}" || echo "::set-output name=version-file-changed::${{toJSON(false)}}"
-    - name: Notify of conditions
+    - name: Notify on version-file-check
       run: echo "::Notice::version-file-changed is ${{ fromJSON(steps.version-file-check.outputs.version-file-changed) }}"
-  # Now any step that should only run on the version change can use "needs: [workflow-conditions]"
-  # Which will yield the condition check "if: ${{ fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true }}"
-  # It seems that the typical "build" step is not part of uploading a package in Julia.
+    - name: Check if version specified in version file has not released.
+      id: version-tag-exists
+      run: |
+        git fetch --tags
+        export VER=$(grep Project.toml -e "^version = " | cut -d \" -f 2)
+        [ -z "$(git tag -l "julia-v$VER")" ] && echo "::set-output name=version-tag-exists::${{toJSON(false)}}" || echo "::set-output name=version-tag-exists::${{toJSON(true)}}"
+    - name: Notify on version-tag-exists
+      run: echo "::Notice::version-tag-exists is ${{ fromJSON(steps.version-tag-exists.outputs.version-tag-exists) }}"
+  # Now any step that should only run on the version change can use
+  # "needs: [workflow-conditions]" Which will yield the condition checks below.
+  # We want to "release" automatically if "version-file-changed" is true on push
+  # Or manually if workflow_dispatch and "version-tag-exists" is false.
   release-and-register:
     name: Julia 🔴🟢🟣 Release 🚰 and Register 📦
     needs: [test, workflow-conditions]
-    if: ${{ fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true }}
+    if: >-
+      ${{ (fromJSON(needs.workflow-conditions.outputs.version-file-changed) == true && github.event_name == 'push') ||
+      (fromJSON(needs.workflow-conditions.outputs.version-tag-exists) == false && github.event_name == 'workflow_dispatch') }}
     runs-on: ubuntu-latest
     outputs:
       new_version: ${{ steps.release_step.outputs.new_version }}

diff --git a/.github/workflows/julia-test.yaml b/.github/workflows/julia-test.yaml
@@ -5,12 +5,14 @@ on:
     - 'main'
     paths:
     - 'julia/**'
+    - '!julia/**.md'
     - '.github/workflows/julia-*'
   pull_request:
     branches:
     - 'main'
     paths:
     - 'julia/**'
+    - '!julia/**.md'
     - '.github/workflows/julia-*'
   workflow_call:
 defaults:
@@ -25,7 +27,6 @@ jobs:
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
-    # https://github.com/julia-actions/setup-juliahttps://github.com/julia-actions/setup-julia
     - name: 🔴🟢🟣 Set up Julia
       uses: julia-actions/[email protected]
       with:
@@ -44,15 +45,13 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        # From versions in https://julialang-s3.julialang.org/bin/versions.json
-        # Does NOT support 1.0
+        # From versions in https://julialang-s3.julialang.org/bin/versions.json ; Does NOT support 1.0
         version: ['1', 'nightly', '1.6.0'] # '1.2.0' is the compat version, but 1.6 for @testset verbose
-        os: [ubuntu-latest] # , macOS-latest, windows-latest # < maybe
+        os: [ubuntu-latest, macOS-latest, windows-latest]
         arch: [x64]
     steps:
     - name: 🏁 Checkout
       uses: actions/checkout@v3
-    # https://github.com/julia-actions/setup-juliahttps://github.com/julia-actions/setup-julia
     - name: 🔴🟢🟣 Set up Julia ${{ matrix.version }}
       uses: julia-actions/[email protected]
       with:
@@ -69,22 +68,10 @@ jobs:
           ${{ runner.os }}-test-${{ env.cache-name }}-
           ${{ runner.os }}-test-
           ${{ runner.os }}-
-    # https://github.com/julia-actions/julia-runtest
     - name: 🦂 Test
       uses: julia-actions/[email protected]
       with:
         project: julia
-    # TODO: https://github.com/julia-actions/julia-processcoverage
-    # - name: 👓 Pre CodeCov; Generate coverage.
-    #   uses: julia-actions/julia-processcoverage@v1
-    #   with:
-    #     directories: julia/src
-    # - name: 👓 CodeCov
-    #   uses: codecov/codecov-action@v2
-    #   with:
-    #     file: lcov.info
-    #     name: Collatz-Julia-${{ matrix.version }}-${{ matrix.os }}
-    #     verbose: true
   docs:
     name: Julia 🔴🟢🟣 Docs 📄 Quick Test 🦂
     runs-on: ubuntu-latest