diff --git a/.github/labels.yml b/.github/labels.yml index 7c8d4b1..204a016 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -1,12 +1,12 @@ +- name: "automated-sync" + description: "Automated sync PR, e.g. from a fork or external repo" + color: 006b75 - name: "automerge" description: "Label to automatically merge pull requests that meet all required conditions" color: FEF2C0 - name: "automerge-enabled" description: "Detected automerge PR and enabled automerge" color: 006b75 -- name: "automated-sync" - description: "Automated sync PR, e.g. from a fork or external repo" - color: 006b75 - name: "bug-P1" description: "Highest rated bug or issue, affects all" color: b23128 @@ -37,6 +37,9 @@ - name: "documentation" description: "Improvements or additions to documentation" color: 0075ca +- name: "epic" + description: "Large feature or initiative spanning multiple tasks" + color: 002f6c - name: "feature" description: "Any new significant addition" color: 0e8a16 @@ -91,9 +94,15 @@ - name: "stale" description: "Old, unused, stale" color: c2e0c6 +- name: "task" + description: "Actionable task or work item" + color: 0288d1 - name: "test" description: "Unit tests, mocking, integration testing" color: c2e0c6 +- name: "tested" + description: "Successfully tested and ready for review" + color: 4fc3f7 - name: "ui-ux" description: "Anything GUI related" color: fbca04 diff --git a/.github/workflows/auto-merge-on-approval.yml b/.github/workflows/auto-merge-on-approval.yml index 7643936..2e1c48f 100644 --- a/.github/workflows/auto-merge-on-approval.yml +++ b/.github/workflows/auto-merge-on-approval.yml @@ -100,6 +100,7 @@ jobs: id: config env: ENV_JSON: ${{ needs.load-env.outputs.env-json }} + GH_PAT_TOKEN: ${{ secrets.GH_PAT_TOKEN }} run: | echo "📋 Extracting auto-merge configuration from environment..." @@ -156,7 +157,7 @@ jobs: echo " 🏷️ Labels to add: $LABELS_TO_ADD" echo " 🤖 Skip bot PRs: $SKIP_BOT_PRS" - if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "${{ secrets.GH_PAT_TOKEN }}" ]]; then + if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "$GH_PAT_TOKEN" ]]; then echo " 🔑 Token: Personal Access Token (PAT)" else echo " 🔑 Token: Default GITHUB_TOKEN" diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml index dadb5f5..87f6846 100644 --- a/.github/workflows/dependabot-auto-merge.yml +++ b/.github/workflows/dependabot-auto-merge.yml @@ -101,6 +101,7 @@ jobs: id: config env: ENV_JSON: ${{ needs.load-env.outputs.env-json }} + GH_PAT_TOKEN: ${{ secrets.GH_PAT_TOKEN }} run: | echo "📋 Extracting Dependabot configuration from environment..." @@ -145,7 +146,7 @@ jobs: echo " 🏷️ Manual review label: $MANUAL_REVIEW_LABEL" echo " 🏷️ Auto-merge labels: $AUTO_MERGE_LABELS" - if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "${{ secrets.GH_PAT_TOKEN }}" ]]; then + if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "$GH_PAT_TOKEN" ]]; then echo " 🔑 Token: Personal Access Token (PAT)" else echo " 🔑 Token: Default GITHUB_TOKEN" diff --git a/.github/workflows/fortress-code-quality.yml b/.github/workflows/fortress-code-quality.yml index cd38461..0762bcb 100644 --- a/.github/workflows/fortress-code-quality.yml +++ b/.github/workflows/fortress-code-quality.yml @@ -127,12 +127,22 @@ jobs: fi # Get all packages and vet them one at a time - PACKAGES=$(go list ./... 2>/dev/null | grep -v /vendor/) - TOTAL=$(echo "$PACKAGES" | wc -l | xargs) + # Capture go list output and check for errors + if ! PACKAGES=$(go list ./... 2>&1 | grep -v /vendor/); then + echo "❌ go list command failed" + exit 1 + fi + + TOTAL=$(echo "$PACKAGES" | grep -c . || echo 0) CURRENT=0 echo "📦 Found $TOTAL packages to vet" + if [ "$TOTAL" -eq 0 ]; then + echo "⚠️ No packages found to vet" + exit 1 + fi + for pkg in $PACKAGES; do CURRENT=$((CURRENT + 1)) echo "[$CURRENT/$TOTAL] Vetting $pkg..." diff --git a/.github/workflows/stale-check.yml b/.github/workflows/stale-check.yml index 0293936..1f34cf8 100644 --- a/.github/workflows/stale-check.yml +++ b/.github/workflows/stale-check.yml @@ -84,10 +84,11 @@ jobs: - name: 🔑 Log token configuration env: ENV_JSON: ${{ needs.load-env.outputs.env-json }} + GH_PAT_TOKEN: ${{ secrets.GH_PAT_TOKEN }} run: | PREFERRED_TOKEN=$(echo "$ENV_JSON" | jq -r '.PREFERRED_GITHUB_TOKEN') - if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "${{ secrets.GH_PAT_TOKEN }}" ]]; then + if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "$GH_PAT_TOKEN" ]]; then echo "✅ Using Personal Access Token (PAT) for stale check operations" else echo "✅ Using default GITHUB_TOKEN for stale check operations" @@ -153,6 +154,7 @@ jobs: uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 env: ENV_JSON: ${{ needs.load-env.outputs.env-json }} + GH_PAT_TOKEN: ${{ secrets.GH_PAT_TOKEN }} with: github-token: ${{ secrets.GH_PAT_TOKEN != '' && secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} script: | @@ -164,7 +166,7 @@ jobs: const daysBeforeClose = parseInt('${{ steps.config.outputs.days-before-close }}'); const envJson = JSON.parse(process.env.ENV_JSON); const preferredToken = envJson.PREFERRED_GITHUB_TOKEN; - const isUsingPAT = preferredToken === 'GH_PAT_TOKEN' && '${{ secrets.GH_PAT_TOKEN }}' !== ''; + const isUsingPAT = preferredToken === 'GH_PAT_TOKEN' && process.env.GH_PAT_TOKEN !== ''; console.log('📋 === Processing Issues ==='); console.log(`🏷️ Exempt labels: ${exemptLabels.join(', ')}`); @@ -536,12 +538,13 @@ jobs: - name: 📊 Generate workflow summary env: ENV_JSON: ${{ needs.load-env.outputs.env-json }} + GH_PAT_TOKEN: ${{ secrets.GH_PAT_TOKEN }} run: | echo "🚀 Generating workflow summary..." # Determine which token was used PREFERRED_TOKEN=$(echo "$ENV_JSON" | jq -r '.PREFERRED_GITHUB_TOKEN') - if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "${{ secrets.GH_PAT_TOKEN }}" ]]; then + if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "$GH_PAT_TOKEN" ]]; then TOKEN_TYPE="🔑 Personal Access Token (PAT)" else TOKEN_TYPE="🔑 Default GITHUB_TOKEN" diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index cd4c583..61a5f49 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -110,10 +110,11 @@ jobs: - name: 🔑 Log token configuration env: ENV_JSON: ${{ needs.load-env.outputs.env-json }} + GH_PAT_TOKEN: ${{ secrets.GH_PAT_TOKEN }} run: | PREFERRED_TOKEN=$(echo "$ENV_JSON" | jq -r '.PREFERRED_GITHUB_TOKEN') - if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "${{ secrets.GH_PAT_TOKEN }}" ]]; then + if [[ "$PREFERRED_TOKEN" == "GH_PAT_TOKEN" && -n "$GH_PAT_TOKEN" ]]; then echo "✅ Using Personal Access Token (PAT) for label operations" else echo "✅ Using default GITHUB_TOKEN for label operations" @@ -211,6 +212,7 @@ jobs: uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 env: ENV_JSON: ${{ needs.load-env.outputs.env-json }} + GH_PAT_TOKEN: ${{ secrets.GH_PAT_TOKEN }} with: github-token: ${{ secrets.GH_PAT_TOKEN != '' && secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} script: | @@ -220,7 +222,7 @@ jobs: const labelsCount = '${{ steps.parse_labels.outputs.labels_count }}'; const envJson = JSON.parse(process.env.ENV_JSON); const preferredToken = envJson.PREFERRED_GITHUB_TOKEN; - const isUsingPAT = preferredToken === 'GH_PAT_TOKEN' && '${{ secrets.GH_PAT_TOKEN }}' !== ''; + const isUsingPAT = preferredToken === 'GH_PAT_TOKEN' && process.env.GH_PAT_TOKEN !== ''; console.log('🏷️ === Label Sync Configuration ==='); console.log(`📊 Labels count: ${labelsCount}`);