From 4c5b92fadaeabfdc8bd3906d77fe740b25bf670e Mon Sep 17 00:00:00 2001
From: kumvijaya <kuvmijaya@gmail.com>
Date: Sat, 29 Jun 2024 22:50:49 +0530
Subject: [PATCH 1/3] T6533: added workflows for PR checks

---
 .github/PULL_REQUEST_TEMPLATE.md         | 60 ++++++++++++++++++++++++
 .github/workflows/add-pr-labels.yml      | 16 +++++++
 .github/workflows/auto-author-assign.yml | 14 ++++++
 .github/workflows/chceck-pr-message.yml  | 18 +++++++
 .github/workflows/check-pr-conflicts.yml | 14 ++++++
 .github/workflows/check-stale.yml        | 22 +++++++++
 .github/workflows/codeql.yml             | 22 +++++++++
 .github/workflows/lint-j2.yml            | 17 +++++++
 8 files changed, 183 insertions(+)
 create mode 100644 .github/PULL_REQUEST_TEMPLATE.md
 create mode 100644 .github/workflows/add-pr-labels.yml
 create mode 100644 .github/workflows/auto-author-assign.yml
 create mode 100644 .github/workflows/chceck-pr-message.yml
 create mode 100644 .github/workflows/check-pr-conflicts.yml
 create mode 100644 .github/workflows/check-stale.yml
 create mode 100644 .github/workflows/codeql.yml
 create mode 100644 .github/workflows/lint-j2.yml

diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 000000000..cd348ead7
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,60 @@
+<!-- All PR should follow this template to allow a clean and transparent review -->
+<!-- Text placed between these delimiters is considered a comment and is not rendered -->
+
+## Change Summary
+<!--- Provide a general summary of your changes in the Title above -->
+
+## Types of changes
+<!---
+What types of changes does your code introduce? Put an 'x' in all the boxes that apply.
+NOTE: Markdown requires no leading or trailing whitespace inside the [ ] for checking
+the box, please use [x]
+-->
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Code style update (formatting, renaming)
+- [ ] Refactoring (no functional changes)
+- [ ] Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
+- [ ] Other (please describe):
+
+## Related Task(s)
+<!-- optional: Link to related other tasks on Phabricator. -->
+<!-- * https://vyos.dev/Txxxx -->
+
+## Related PR(s)
+<!-- Link here any PRs in other repositories that are required by this PR -->
+
+## Component(s) name
+<!-- A rather incomplete list of components: ethernet, wireguard, bgp, mpls, ldp, l2tp, dhcp ... -->
+
+## Proposed changes
+<!--- Describe your changes in detail -->
+
+## How to test
+<!---
+Please describe in detail how you tested your changes. Include details of your testing
+environment, and the tests you ran. When pasting configs, logs, shell output, backtraces,
+and other large chunks of text, surround this text with triple backtics
+```
+like this
+```
+-->
+
+## Smoketest result
+<!-- Provide the output of the smoketest
+```
+$ /usr/libexec/vyos/tests/smoke/cli/test_xxx_feature.py
+test_01_simple_options (__main__.TestFeature.test_01_simple_options) ... ok
+```
+-->
+
+## Checklist:
+<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
+<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
+<!--- The entire development process is outlined here: https://docs.vyos.io/en/latest/contributing/development.html -->
+- [ ] I have read the [**CONTRIBUTING**](https://github.com/vyos/vyos-1x/blob/current/CONTRIBUTING.md) document
+- [ ] I have linked this PR to one or more Phabricator Task(s)
+- [ ] I have run the components [**SMOKETESTS**](https://github.com/vyos/vyos-1x/tree/current/smoketest/scripts/cli) if applicable
+- [ ] My commit headlines contain a valid Task id
+- [ ] My change requires a change to the documentation
+- [ ] I have updated the documentation accordingly
diff --git a/.github/workflows/add-pr-labels.yml b/.github/workflows/add-pr-labels.yml
new file mode 100644
index 000000000..8fb554086
--- /dev/null
+++ b/.github/workflows/add-pr-labels.yml
@@ -0,0 +1,16 @@
+name: Add pull request labels
+
+on:
+  pull_request_target:
+    branches:
+      - equuleus
+      - sagitta
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  add-pr-label:
+    uses: vyos/.github/.github/workflows/add-pr-labels.yml@current
+    secrets: inherit
diff --git a/.github/workflows/auto-author-assign.yml b/.github/workflows/auto-author-assign.yml
new file mode 100644
index 000000000..61612cce3
--- /dev/null
+++ b/.github/workflows/auto-author-assign.yml
@@ -0,0 +1,14 @@
+name: "PR Triage"
+on:
+  pull_request_target:
+    types: [opened, reopened, ready_for_review, locked]
+
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  assign-author:
+    uses: vyos/.github/.github/workflows/assign-author.yml@current
+    secrets: inherit
diff --git a/.github/workflows/chceck-pr-message.yml b/.github/workflows/chceck-pr-message.yml
new file mode 100644
index 000000000..4a2777e25
--- /dev/null
+++ b/.github/workflows/chceck-pr-message.yml
@@ -0,0 +1,18 @@
+---
+  name: Check pull request message format
+  
+  on:
+    pull_request_target:
+      branches:
+        - equuleus
+        - sagitta
+      types: [opened, synchronize, edited]
+  
+  permissions:
+    pull-requests: write
+    contents: read
+  
+  jobs:
+    check-pr-title:
+      uses: vyos/.github/.github/workflows/check-pr-message.yml@current
+      secrets: inherit
diff --git a/.github/workflows/check-pr-conflicts.yml b/.github/workflows/check-pr-conflicts.yml
new file mode 100644
index 000000000..5417fbb4a
--- /dev/null
+++ b/.github/workflows/check-pr-conflicts.yml
@@ -0,0 +1,14 @@
+name: "PR Conflicts checker"
+on:
+  pull_request_target:
+    types: [synchronize]
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  check-pr-conflict-call:
+    uses: vyos/.github/.github/workflows/check-pr-merge-conflict.yml@current
+    secrets: inherit
+
diff --git a/.github/workflows/check-stale.yml b/.github/workflows/check-stale.yml
new file mode 100644
index 000000000..5996e3846
--- /dev/null
+++ b/.github/workflows/check-stale.yml
@@ -0,0 +1,22 @@
+name: "Issue and PR stale management"
+on:
+  schedule:
+  - cron: "0 0 * * *"
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    if: github.repository == 'vyos/vyatta-cfg-system'
+    steps:
+      # Issue stale management
+    - uses: actions/stale@v6
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        days-before-stale: 90
+        days-before-close: -1
+        stale-issue-message: 'This issue is stale because it has been open 90 days with no activity. The issue will be reviewed by a maintainer and may be closed'
+        stale-issue-label: 'state: stale'
+        exempt-issue-labels: 'state: accepted, state: in-progress'
+        stale-pr-message: 'This PR is stale because it has been open 30 days with no activity. The PR will be reviewed by a maintainer and may be closed'
+        stale-pr-label: 'state: stale'
+        exempt-pr-labels: 'state: accepted, state: in-progress'
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 000000000..e1ecf95a9
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,22 @@
+name: "Perform CodeQL Analysis"
+
+on:
+  push:
+    branches: [ "sagitta", "equuleus"]
+  pull_request_target:
+    # The branches below must be a subset of the branches above
+    branches: [ "sagitta" ]
+  schedule:
+    - cron: '22 10 * * 0'
+
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+jobs:
+  codeql-analysis-call:
+    uses: vyos/.github/.github/workflows/codeql-analysis.yml@current
+    secrets: inherit
+    with:
+      languages: "['python']"
\ No newline at end of file
diff --git a/.github/workflows/lint-j2.yml b/.github/workflows/lint-j2.yml
new file mode 100644
index 000000000..643cef745
--- /dev/null
+++ b/.github/workflows/lint-j2.yml
@@ -0,0 +1,17 @@
+---
+  name: J2 Lint
+  
+  on:
+    pull_request_target:
+      branches:
+        - equuleus
+        - sagitta
+  
+  permissions:
+    pull-requests: write
+    contents: read
+  
+  jobs:
+    j2lint:
+      uses: vyos/.github/.github/workflows/lint-j2.yml@current
+      secrets: inherit
\ No newline at end of file

From 3e51f62abe6c8c3475d5fa90acdddea62b4decd1 Mon Sep 17 00:00:00 2001
From: kumvijaya <kuvmijaya@gmail.com>
Date: Sun, 30 Jun 2024 00:16:59 +0530
Subject: [PATCH 2/3] T6533: added workflows for PR checks

---
 .github/workflows/check-unused-imports.yml | 15 +++++++++++++++
 .github/workflows/sonarcloud.yml           | 21 +++++++++++++++++++++
 CODEOWNERS                                 |  1 +
 3 files changed, 37 insertions(+)
 create mode 100644 .github/workflows/check-unused-imports.yml
 create mode 100644 .github/workflows/sonarcloud.yml
 create mode 100644 CODEOWNERS

diff --git a/.github/workflows/check-unused-imports.yml b/.github/workflows/check-unused-imports.yml
new file mode 100644
index 000000000..703c8ff54
--- /dev/null
+++ b/.github/workflows/check-unused-imports.yml
@@ -0,0 +1,15 @@
+name: Check for unused imports using Pylint
+on:
+  pull_request_target:
+    branches:
+      - equuleus
+      - sagitta
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  check-unused-imports:
+    uses: vyos/.github/.github/workflows/check-unused-imports.yml@current
+    secrets: inherit
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
new file mode 100644
index 000000000..bfdca69cf
--- /dev/null
+++ b/.github/workflows/sonarcloud.yml
@@ -0,0 +1,21 @@
+name: Sonar Checks
+on:
+  push:
+    branches:
+        - equuleus
+        - sagitta
+  pull_request_target:
+    types: [opened, synchronize, reopened]
+jobs:
+  sonar-cloud:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/CODEOWNERS b/CODEOWNERS
new file mode 100644
index 000000000..191394298
--- /dev/null
+++ b/CODEOWNERS
@@ -0,0 +1 @@
+* @vyos/reviewers
\ No newline at end of file

From 64ee292d15db2ec6c73498854b257f3d72c10ace Mon Sep 17 00:00:00 2001
From: kumvijaya <kuvmijaya@gmail.com>
Date: Sun, 30 Jun 2024 13:19:11 +0530
Subject: [PATCH 3/3] T6533: added workflows for PR checks

---
 .github/workflows/add-pr-labels.yml        |  2 +-
 .github/workflows/auto-author-assign.yml   |  2 +-
 .github/workflows/chceck-pr-message.yml    |  2 +-
 .github/workflows/check-pr-conflicts.yml   |  2 +-
 .github/workflows/check-stale.yml          | 21 ++++++---------------
 .github/workflows/check-unused-imports.yml |  3 ++-
 .github/workflows/codeql.yml               |  2 +-
 .github/workflows/lint-j2.yml              |  2 +-
 8 files changed, 14 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/add-pr-labels.yml b/.github/workflows/add-pr-labels.yml
index 8fb554086..c53fb7a77 100644
--- a/.github/workflows/add-pr-labels.yml
+++ b/.github/workflows/add-pr-labels.yml
@@ -12,5 +12,5 @@ permissions:
 
 jobs:
   add-pr-label:
-    uses: vyos/.github/.github/workflows/add-pr-labels.yml@current
+    uses: vyos/.github/.github/workflows/add-pr-labels.yml@sagitta
     secrets: inherit
diff --git a/.github/workflows/auto-author-assign.yml b/.github/workflows/auto-author-assign.yml
index 61612cce3..f3980f50e 100644
--- a/.github/workflows/auto-author-assign.yml
+++ b/.github/workflows/auto-author-assign.yml
@@ -10,5 +10,5 @@ permissions:
 
 jobs:
   assign-author:
-    uses: vyos/.github/.github/workflows/assign-author.yml@current
+    uses: vyos/.github/.github/workflows/assign-author.yml@sagitta
     secrets: inherit
diff --git a/.github/workflows/chceck-pr-message.yml b/.github/workflows/chceck-pr-message.yml
index 4a2777e25..0770656b7 100644
--- a/.github/workflows/chceck-pr-message.yml
+++ b/.github/workflows/chceck-pr-message.yml
@@ -14,5 +14,5 @@
   
   jobs:
     check-pr-title:
-      uses: vyos/.github/.github/workflows/check-pr-message.yml@current
+      uses: vyos/.github/.github/workflows/check-pr-message.yml@sagitta
       secrets: inherit
diff --git a/.github/workflows/check-pr-conflicts.yml b/.github/workflows/check-pr-conflicts.yml
index 5417fbb4a..1f7b38bb7 100644
--- a/.github/workflows/check-pr-conflicts.yml
+++ b/.github/workflows/check-pr-conflicts.yml
@@ -9,6 +9,6 @@ permissions:
 
 jobs:
   check-pr-conflict-call:
-    uses: vyos/.github/.github/workflows/check-pr-merge-conflict.yml@current
+    uses: vyos/.github/.github/workflows/check-pr-merge-conflict.yml@sagitta
     secrets: inherit
 
diff --git a/.github/workflows/check-stale.yml b/.github/workflows/check-stale.yml
index 5996e3846..1cd4dec5d 100644
--- a/.github/workflows/check-stale.yml
+++ b/.github/workflows/check-stale.yml
@@ -3,20 +3,11 @@ on:
   schedule:
   - cron: "0 0 * * *"
 
+permissions:
+  pull-requests: write
+  contents: read
+
 jobs:
   stale:
-    runs-on: ubuntu-latest
-    if: github.repository == 'vyos/vyatta-cfg-system'
-    steps:
-      # Issue stale management
-    - uses: actions/stale@v6
-      with:
-        repo-token: ${{ secrets.GITHUB_TOKEN }}
-        days-before-stale: 90
-        days-before-close: -1
-        stale-issue-message: 'This issue is stale because it has been open 90 days with no activity. The issue will be reviewed by a maintainer and may be closed'
-        stale-issue-label: 'state: stale'
-        exempt-issue-labels: 'state: accepted, state: in-progress'
-        stale-pr-message: 'This PR is stale because it has been open 30 days with no activity. The PR will be reviewed by a maintainer and may be closed'
-        stale-pr-label: 'state: stale'
-        exempt-pr-labels: 'state: accepted, state: in-progress'
+    uses: vyos/.github/.github/workflows/check-stale.yml@sagitta
+    secrets: inherit
\ No newline at end of file
diff --git a/.github/workflows/check-unused-imports.yml b/.github/workflows/check-unused-imports.yml
index 703c8ff54..d7a5aab35 100644
--- a/.github/workflows/check-unused-imports.yml
+++ b/.github/workflows/check-unused-imports.yml
@@ -7,9 +7,10 @@ on:
   workflow_dispatch:
 
 permissions:
+  pull-requests: write
   contents: read
 
 jobs:
   check-unused-imports:
-    uses: vyos/.github/.github/workflows/check-unused-imports.yml@current
+    uses: vyos/.github/.github/workflows/check-unused-imports.yml@sagitta
     secrets: inherit
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index e1ecf95a9..30bd1b588 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -16,7 +16,7 @@ permissions:
 
 jobs:
   codeql-analysis-call:
-    uses: vyos/.github/.github/workflows/codeql-analysis.yml@current
+    uses: vyos/.github/.github/workflows/codeql-analysis.yml@sagitta
     secrets: inherit
     with:
       languages: "['python']"
\ No newline at end of file
diff --git a/.github/workflows/lint-j2.yml b/.github/workflows/lint-j2.yml
index 643cef745..2114f07d4 100644
--- a/.github/workflows/lint-j2.yml
+++ b/.github/workflows/lint-j2.yml
@@ -13,5 +13,5 @@
   
   jobs:
     j2lint:
-      uses: vyos/.github/.github/workflows/lint-j2.yml@current
+      uses: vyos/.github/.github/workflows/lint-j2.yml@sagitta
       secrets: inherit
\ No newline at end of file