refactor(workflows): consolidate and clean up GitHub workflows#144
Conversation
- Remove static.yml (redundant with gatsby.yml, was deploying entire repo) - Consolidate codeql.yml, devskim.yml, powershell.yml into security.yml - Update dotnet.yml to build/test both API client and rules compiler - Update CLAUDE.md to reflect workflow changes Reduces workflow count from 10 to 7 while improving coverage.
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
There was a problem hiding this comment.
Pull request overview
This PR consolidates GitHub Actions workflows to reduce complexity while maintaining comprehensive CI/CD coverage. It eliminates redundant workflows, combines related security scanning jobs, and extends .NET build coverage to include both the API client and rules compiler projects.
Key Changes
- Workflow consolidation: Merges three separate security workflows (CodeQL, DevSkim, PSScriptAnalyzer) into a single
security.ymlfile - Enhanced .NET testing: Updates
dotnet.ymlto build and test both the AdGuard API client and the rules compiler projects - Cleanup: Removes
static.ymlwhich was redundantly deploying the entire repository (superseded by the proper Gatsby deployment workflow)
Reviewed changes
Copilot reviewed 7 out of 8 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/static.yml |
Removed redundant workflow that deployed entire repo instead of built Gatsby site |
.github/workflows/security.yml |
New consolidated workflow combining CodeQL, DevSkim, and PSScriptAnalyzer with proper permissions and scheduling |
.github/workflows/codeql.yml |
Removed - functionality moved to security.yml |
.github/workflows/devskim.yml |
Removed - functionality moved to security.yml |
.github/workflows/powershell.yml |
Removed - functionality moved to security.yml |
.github/workflows/dotnet.yml |
Extended to build and test both API client and rules compiler projects with consistent patterns |
CLAUDE.md |
Updated CI/CD documentation to reflect new consolidated workflow structure |
Files not reviewed (1)
- src/rules-compiler-typescript/package-lock.json: Language not supported
| - `.github/workflows/dotnet.yml` - Builds/tests .NET projects (API client and rules compiler) with .NET 10 | ||
| - `.github/workflows/typescript.yml` - Node 20, tsc --noEmit, eslint for rules-compiler-typescript and website | ||
| - `.github/workflows/gatsby.yml` - Builds website and deploys to GitHub Pages | ||
| - `.github/workflows/powershell.yml` - PSScriptAnalyzer on PowerShell scripts | ||
| - `.github/workflows/codeql.yml` - CodeQL security scanning | ||
| - `.github/workflows/devskim.yml` - DevSkim security analysis | ||
| - `.github/workflows/claude.yml` - Claude AI integration | ||
| - `.github/workflows/claude-code-review.yml` - Automated code review | ||
| - `.github/workflows/security.yml` - Consolidated security scanning (CodeQL, DevSkim, PSScriptAnalyzer) | ||
| - `.github/workflows/release.yml` - Builds and publishes release binaries (.NET, Rust, Python) | ||
| - `.github/workflows/claude.yml` - Claude AI integration for @claude mentions | ||
| - `.github/workflows/claude-code-review.yml` - Automated PR code review |
There was a problem hiding this comment.
The workflow documentation has been updated correctly in CLAUDE.md, but similar outdated references exist in other documentation files that also need updating:
- README.md (lines 5, 85-89, 971-977) - Still references powershell.yml badge and lists codeql.yml, devskim.yml, powershell.yml as separate workflows
- .github/copilot-instructions.md (lines 277, 299, 362-366) - References the old individual workflow files
- custom-instructions/repo/.github/copilot-instructions.md (lines 277, 299, 362-366) - Same outdated references
- docs/LINEAR_DOCUMENTATION.md (lines 214-217) - Still lists all old workflows including static.yml
All these files should be updated to reflect the consolidation into security.yml and the removal of static.yml.
|
@jaypatrick I've opened a new pull request, #145, to work on those changes. Once the pull request is ready, I'll request review from you. |
Reduces workflow count from 10 to 7 while improving coverage.