Skip to content

ci: add github workflows and metadata automation#16

Merged
l50 merged 5 commits into
mainfrom
feat/gha
Mar 30, 2026
Merged

ci: add github workflows and metadata automation#16
l50 merged 5 commits into
mainfrom
feat/gha

Conversation

@l50
Copy link
Copy Markdown
Contributor

@l50 l50 commented Mar 30, 2026

Key Changes:

  • Introduced GitHub Actions workflows for label automation, pre-commit checks,
    and Renovate dependency management
  • Added configuration for automated label assignment and label definitions
  • Implemented Renovate configuration for automated dependency updates

Added:

  • Automated labeling system:
    • Added .github/labeler.yaml to define label rules based on file paths and
      areas of the codebase
    • Added .github/labels.yaml to define and describe all labels used in the
      repository, including color and usage context
    • Added .github/workflows/meta-labeler.yaml to run labeler on PRs using a
      GitHub App token for secure automation
    • Added .github/workflows/meta-sync-labels.yaml to synchronize repository
      labels with the definitions in labels.yaml, ensuring consistency
  • Pre-commit integration:
    • Added .github/workflows/pre-commit.yaml to run and update pre-commit
      hooks automatically on PRs, merges, scheduled, and manual triggers
      • Sets up Python, Go, Ansible, and Task environments for linting and checks
  • Renovate configuration:
    • Added .github/renovate.json5 for Renovate bot settings, including
      grouping, automerge, and custom managers for workflow versions
    • Added .github/workflows/renovate.yaml to manage Renovate runs on schedule,
      push, or manual dispatch with full GitHub App token integration

Changed:

  • No existing files were modified; all additions introduce new functionality

Removed:

  • No files or functionality were removed in this update

l50 added 5 commits March 30, 2026 13:23
@l50
ci: add label automation, label sync, pre-commit, and renovate workflows
9be9a20 
**Added:**

- Introduced `.github/labeler.yaml` to map file patterns to area and lab labels for PRs
- Defined `.github/labels.yaml` to specify custom labels, colors, and descriptions for
  automated labeling and organization
- Added `.github/renovate.json5` to configure Renovate bot, including custom package rules,
  automerge settings, and custom managers for Python/Go/Task versions
- Created `meta-labeler.yaml` workflow to apply labels to pull requests automatically using
  GitHub App authentication and the labeler action
- Created `meta-sync-labels.yaml` workflow to synchronize repository labels based on
  `.github/labels.yaml` using EndBug/label-sync and GitHub App tokens
- Added `pre-commit.yaml` workflow to install dependencies, run pre-commit hooks, and
  ensure code quality on PRs, pushes, and scheduled runs
- Added `renovate.yaml` workflow to run Renovate bot on schedule, push, or manual trigger,
  managing dependency updates using GitHub App credentials

**Changed:**

- Established automation for label management, dependency updates, and code linting to
  improve repository maintainability and workflow consistency
@l50
style: fix typos and formatting in configs, scripts, and documentation
3509c8d 
**Changed:**

- Updated `.pre-commit-config.yaml` to exclude additional JavaScript files from
  codespell checks, reducing false positives on minified and third-party scripts.
- Fixed multiple spelling mistakes ("controler" to "controller") in AD inventory
  files for GOAD and GOAD-variant-1, improving clarity and correctness.
- Corrected typo in a comment ("targetting" to "targeting") in
  `ADCSTemplate.psm1` PowerShell module.
- Fixed variable spacing inconsistency (`security_vars :` to `security_vars:`)
  in WS01 Ansible extension for better YAML style.
- Corrected typos in `globalsettings.ini` comments ("Uncoment" to "Uncomment",
  "usefull" to "useful", "datas" to "data").
- Fixed multiple spelling errors in Azure provider (`retreiving` to
  `retrieving`, `stoping` to `stopping`) for clearer logging.
- Normalized line endings and indentation in Exchange Ansible role defaults,
  meta, and task files for consistent YAML formatting.
- Updated file permissions of several PowerShell scripts to be executable
  (`100644` to `100755`) for better compatibility with automation tools.
@l50
build: specify python3 for ansible-lint pre-commit hook
ebee23d 
Changed:
- Set language_version to python3 for the ansible-lint pre-commit hook to
  ensure compatibility and consistent linting environment
@l50
chore: add editorconfig and fix pre-commit hook failures
f1faf16 
- Add .editorconfig to enforce consistent shell script formatting (fixes shfmt in CI)
- Install ansible/requirements.yml collections in CI workflow (fixes ansible-lint)
- Fix shellcheck SC2015 in run-playbook-with-retry.sh
- Fix shellcheck SC2002 in generate-instance-mapping.sh
- Suppress shellcheck SC2317 in check.sh (library functions called indirectly)
@l50
refactor: update ansible modules to use FQCNs for community collections
ba34662 
**Changed:**

- Migrated Ansible Windows modules to use fully qualified collection names
  (FQCN) for community.windows and chocolatey.chocolatey modules across all
  relevant role tasks to improve clarity and compatibility with recent Ansible
  versions
- Updated shellcheck directive in `validate-goad-vulns.sh` to additionally
  disable SC2317 for more accurate linting
- Excluded `.claude/` directory from ansible-lint checks for consistency with
  other tooling exclusions
@l50 l50 merged commit 638b809 into main Mar 30, 2026
1 check passed
@l50 l50 deleted the feat/gha branch March 30, 2026 21:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@l50