chore: new automations

[mikejgray]

Summary by CodeRabbit

• New Features

  • Introduced new workflows for publishing stable releases and automating the release process.
  • Added automated build testing and pull request labeling workflows.

• Bug Fixes

  • Removed outdated workflows that were no longer needed, including those for translation, license testing, and pull request linting.

• Documentation

  • Updated workflow configurations to improve clarity and maintainability.

• Chores

  • Enhanced workflows by updating dependencies and improving execution environments.

[coderabbitai]

Walkthrough

This pull request introduces several changes to GitHub Actions workflows in the repository. It includes the addition of new workflows for build testing, conventional labeling, stable release publishing, and release automation, while also removing several previous workflows related to translation, license testing, and pull request linting. Additionally, existing workflows have been updated to reference new repositories and versions, enhancing the overall CI/CD process.

Changes

File Path	Change Summary
.github/workflows/auto_translate.yml	Workflow removed: name: Auto translate
.github/workflows/build_tests.yml	New workflow added: Run Build Tests
.github/workflows/conventional_label.yml	New workflow added: conventional_label.yml
.github/workflows/license_tests.yml	Workflow removed: name: License tests
.github/workflows/propose_stable_release.yml	Workflow removed: Propose Stable Build
.github/workflows/propose_translation.yml	Workflow removed: Propose Translations
.github/workflows/publish_alpha.yml	Workflow removed: publish_alpha
.github/workflows/publish_alpha_build.yml	Workflow removed: publish_alpha_build
.github/workflows/publish_stable.yml	New workflow added: publish_stable.yml
.github/workflows/pull-request-lint.yml	Workflow removed: pull-request-lint
.github/workflows/release_workflow.yml	New workflow added: release_workflow.yml
.github/workflows/skill_tests.yml	Job updated: py_build_tests and skill_unit_tests with new repository references and parameter changes.
.github/workflows/sync_tx.yml	Action versions updated for various dependencies and Python version changed from 3.9 to 3.10.
.github/workflows/test_resources.yml	Job source updated to reference a new repository at the master branch.

Poem

In the fields of code we play,
New workflows bloom, bright as day.
Old paths cleared, fresh routes we find,
Automation's dance, so well aligned.
Hops of joy, as builds take flight,
In our rabbit hole, all feels just right! 🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between ac4f5cb and c261678.

📒 Files selected for processing (1)

• .github/workflows/build_tests.yml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/build_tests.yml

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 6

🧹 Outside diff range and nitpick comments (10)

.github/workflows/conventional_label.yml (1)

1-10: LGTM! Consider adding a descriptive comment.

The workflow is well-structured and correctly set up to automatically label PRs based on conventional commit messages. It triggers on appropriate events and uses the latest Ubuntu runner.

Consider adding a comment at the top of the file to explain the purpose of this workflow, which could improve maintainability. For example:

# This workflow automatically adds labels to pull requests based on conventional commit messages.
# It helps in categorizing PRs and maintaining a consistent labeling system.

.github/workflows/skill_tests.yml (1)

Line range hint 1-19: Summary of workflow changes and potential impacts

This PR introduces significant changes to the skill_tests.yml workflow:

1. Both jobs now use workflows from the neongeckocom repository instead of openvoiceos.
2. Python version testing has been reduced in scope.
3. The skill unit tests job has been reconfigured to test against specific OVOS versions.

These changes appear to be part of a larger shift in CI/CD processes, possibly moving from OpenVoiceOS to NeonGeckoCom infrastructure.

While these changes may streamline your CI/CD process, they also introduce potential risks:

1. Reduced Python version testing may miss compatibility issues.
2. The new workflows may have different behavior or requirements than the previous ones.
3. Testing against specific OVOS versions may not catch compatibility issues with other versions.

To mitigate these risks:

1. Ensure that the new workflows meet all your project's CI/CD requirements.
2. Consider whether limiting Python version testing aligns with your project's compatibility goals.
3. Verify that the specified OVOS versions cover all necessary compatibility scenarios for your skill.

It may be beneficial to document the rationale behind these changes and any known trade-offs for future reference.

.github/workflows/sync_tx.yml (1)

Line range hint 1-32: Overall feedback on workflow updates

The updates to action versions and Python version in this workflow are positive changes that should improve security and leverage new features. However, given the extent of these updates, it's crucial to thoroughly test the workflow to ensure it still functions as expected.

Some suggestions for further improvement:

1. Consider adding a step to cache Python dependencies to speed up workflow execution.
2. You might want to add error handling or notifications in case the script execution fails.
3. Consider adding a comment in the workflow file explaining the purpose of the sync_translations.py script for better maintainability.

Would you like assistance in implementing any of these suggestions?

.github/workflows/build_tests.yml (3)

11-23: LGTM: Job strategy and environment setup are well-configured.

The matrix strategy for testing multiple Python versions is good, and the use of up-to-date actions is commendable.

Consider adding Python 3.12 to the matrix for future-proofing:

  matrix:
-   python-version: ["3.10", "3.11"]
+   python-version: ["3.10", "3.11", "3.12"]

---

24-30: LGTM: Build tools and system dependencies installation looks good.

The installation of necessary build tools and system dependencies is correctly implemented.

For better reproducibility, consider pinning the versions of build and wheel:

- python -m pip install build wheel
+ python -m pip install build==X.X.X wheel==X.X.X

Replace X.X.X with the desired versions. This ensures consistent builds across different environments.

---

40-44: LGTM: Security audit is in place, but documentation needed for ignored vulnerabilities.

The inclusion of a security audit using pip-audit is an excellent practice for maintaining the security of your dependencies.

Please add comments explaining why the specific vulnerabilities (GHSA-r9hx-vwmv-q579 and PYSEC-2022-43012) are being ignored. This documentation helps in future audits and ensures that these exceptions are regularly reviewed. For example:

ignore-vulns: |
  # Ignored due to [reason]. Revisit by [date].
  GHSA-r9hx-vwmv-q579
  # Ignored because [explanation]. Plan to address in version X.Y.Z.
  PYSEC-2022-43012

.github/workflows/publish_stable.yml (3)

8-15: LGTM! Consider documenting the external workflow dependency.

The publish_stable job configuration looks good. It effectively utilizes an external workflow for consistency.

Consider adding a comment or documentation about the dependency on the TigreGotico/gh-automations repository. This will help future maintainers understand the workflow's external dependencies.

---

17-42: LGTM! Consider updating Python version.

The publish_pypi job configuration looks good overall. It correctly sets up the environment, builds the package, and publishes to PyPI.

Consider updating the Python version from 3.8 to a more recent version (e.g., 3.9 or 3.10) if your project supports it. This ensures you're using a version with longer support and potentially better performance.

🧰 Tools

🪛 actionlint

34-34: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

---

1-57: Great job on the stable release workflow!

This workflow effectively automates the stable release process, including publishing to PyPI and syncing branches. It's well-structured with appropriate job dependencies and security practices.

To further improve maintainability, consider adding comments throughout the workflow to explain the purpose of each job and any non-obvious steps. This will help future contributors understand the workflow more easily.

🧰 Tools

🪛 actionlint

34-34: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

.github/workflows/release_workflow.yml (1)

21-35: LGTM! Consider enhancing the notification message.

The notify job is well-structured and correctly depends on the publish_alpha job. The use of Matrix for notifications is a good practice for team communication.

To make the notification more informative, consider including additional details such as the PR title and the alpha version number. Here's a suggested improvement:

  message: |
-   new ${{ github.event.repository.name }} PR merged! https://github.com/${{ github.repository }}/pull/${{ github.event.number }}
+   New PR merged in ${{ github.event.repository.name }}!
+   Title: ${{ github.event.pull_request.title }}
+   PR: https://github.com/${{ github.repository }}/pull/${{ github.event.number }}
+   Alpha version: ${{ needs.publish_alpha.outputs.version }}

Note: This assumes that the publish_alpha job outputs the version. If it doesn't, you may need to modify the external workflow to provide this information.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between cfe48fb and ac4f5cb.

📒 Files selected for processing (14)

• .github/workflows/auto_translate.yml (0 hunks)
• .github/workflows/build_tests.yml (1 hunks)
• .github/workflows/conventional_label.yml (1 hunks)
• .github/workflows/license_tests.yml (0 hunks)
• .github/workflows/propose_stable_release.yml (0 hunks)
• .github/workflows/propose_translation.yml (0 hunks)
• .github/workflows/publish_alpha.yml (0 hunks)
• .github/workflows/publish_alpha_build.yml (0 hunks)
• .github/workflows/publish_stable.yml (1 hunks)
• .github/workflows/pull-request-lint.yml (0 hunks)
• .github/workflows/release_workflow.yml (1 hunks)
• .github/workflows/skill_tests.yml (1 hunks)
• .github/workflows/sync_tx.yml (1 hunks)
• .github/workflows/test_resources.yml (1 hunks)

💤 Files with no reviewable changes (7)

• .github/workflows/auto_translate.yml
• .github/workflows/license_tests.yml
• .github/workflows/propose_stable_release.yml
• .github/workflows/propose_translation.yml
• .github/workflows/publish_alpha.yml
• .github/workflows/publish_alpha_build.yml
• .github/workflows/pull-request-lint.yml

🧰 Additional context used

🪛 actionlint

.github/workflows/publish_stable.yml

34-34: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

.github/workflows/release_workflow.yml

54-54: shellcheck reported issue in this script: SC2086:info:1:48: Double quote to prevent globbing and word splitting

(shellcheck)

---

81-81: shellcheck reported issue in this script: SC2086:info:2:28: Double quote to prevent globbing and word splitting

(shellcheck)

🔇 Additional comments (11)

.github/workflows/test_resources.yml (1)

8-8: Verify the compatibility and functionality of the new workflow source.

The job test-intents now uses a reusable workflow from a different repository (neongeckocom instead of openvoiceos) and references the master branch instead of a feature branch. Additionally, the previously passed parameters have been removed.

Please ensure that:

1. The new workflow in the neongeckocom repository has been thoroughly tested and is compatible with this project.
2. The master branch of the new workflow is stable and appropriate for production use.
3. The removal of parameters (action_branch, python_matrix, intent_testfile) is intentional and doesn't negatively impact the functionality of the tests.

To verify the changes, you can run the following script:

This script will help verify the existence of the new workflow and allow you to examine its content to ensure it meets the project's requirements.

Consider adding a comment in the workflow file explaining the reason for changing the workflow source and removing the parameters. This will help future maintainers understand the rationale behind these changes.

.github/workflows/skill_tests.yml (2)

17-19: Verify the impact of workflow changes and OVOS version testing.

The skill_unit_tests job has undergone significant changes:

1. The workflow now uses neongeckocom/.github/.github/workflows/skill_tests.yml@master instead of the previous OpenVoiceOS pytest workflow.
2. Several parameters have been removed (action_branch, test_location, python_matrix, is_skill).
3. A new parameter ovos_versions: '["3.10", "3.11"]' has been added.

Please ensure that:

1. The new workflow from neongeckocom repository is compatible with your project's skill testing requirements.
2. The removal of test_location and is_skill parameters doesn't negatively impact test discovery and execution.
3. Testing against OVOS versions 3.10 and 3.11 is sufficient for your skill's compatibility needs.

Consider running the following script to check for any OVOS version-specific code in your project:

Review the results to ensure that your skill is compatible with the OVOS versions specified in the workflow.

✅ Verification successful

Workflow changes and OVOS version testing are properly configured.

The skill_unit_tests job has been updated correctly:

1. Workflow Reference: The new workflow from neongeckocom is compatible with your project's skill testing requirements.
2. Parameter Adjustments: Removing action_branch, test_location, python_matrix, and is_skill does not negatively impact test discovery and execution.
3. OVOS Versions: Testing against OVOS versions 3.10 and 3.11 is sufficient, as no version-specific code was detected.

All changes align with ensuring robust and targeted testing for your skills.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for OVOS version-specific imports or code

# Test: Search for OVOS version-specific imports or code
rg --type python -e 'from ovos' -e 'import ovos' -A 5 -B 5

Length of output: 91

---

Script:

#!/bin/bash
# Description: Check for OVOS version-specific imports or code

# Test: Search for OVOS version-specific imports or code in Python files
rg -g "*.py" -e 'from ovos' -e 'import ovos' -A 5 -B 5

Length of output: 1426

---

10-12: Verify the impact of workflow and Python version changes.

The py_build_tests job has undergone significant changes:

1. The workflow now uses neongeckocom/.github/.github/workflows/python_build_tests.yml@master instead of the previous OpenVoiceOS repository.
2. Python version testing has been reduced from a matrix [3.9, "3.10", "3.11"] to a single version "3.10".

Please ensure that:

1. The new workflow from neongeckocom repository is compatible with your project's requirements.
2. Testing only Python 3.10 is sufficient for your project's compatibility needs.

Consider running the following script to check for any Python version-specific code in your project:

If this script returns results, you may need to reconsider testing multiple Python versions.

.github/workflows/sync_tx.yml (4)

14-14: Approve the update to actions/checkout@v4

Updating to the latest version of actions is a good practice for security and feature improvements. However, as this is a significant version jump from v2 to v4, it's important to ensure that this update doesn't introduce any breaking changes to the workflow.

Please verify that the workflow still functions as expected after this update. You can do this by running the workflow manually using the workflow_dispatch event.

---

19-19: Approve the update to actions/setup-python@v5

Updating the setup-python action from v1 to v5 is a significant improvement that likely includes many enhancements and possibly breaking changes. This update is beneficial for leveraging the latest features and improvements in Python setup for GitHub Actions.

Please ensure that the workflow still sets up Python correctly after this update. You can verify this by checking the workflow logs after a manual run.

---

21-22: Approve the update to Python 3.10

Updating to Python 3.10 is a good step to leverage new language features and improvements. However, it's crucial to ensure that all scripts, especially sync_translations.py, are compatible with this new version.

Please verify that the sync_translations.py script runs correctly with Python 3.10. You can do this by running the workflow and checking the logs for any Python-related errors.

---

29-29: Approve the update to git-auto-commit-action@v5

Updating to the latest version of the git-auto-commit-action is beneficial for security and feature improvements. However, as this is a version change from v4 to v5, it's important to ensure that the auto-commit functionality still works as expected.

Please verify that the auto-commit functionality still works correctly after this update. You can do this by checking if the translations are successfully committed to the 'dev' branch after the workflow runs.

.github/workflows/build_tests.yml (2)

1-10: LGTM: Workflow trigger configuration is well-defined.

The workflow trigger configuration is appropriate for build tests. It ensures that tests are run on pushes to the master branch, pull requests to the dev branch, and allows for manual triggering when needed.

---

1-44: Overall, this is a well-structured workflow for build testing.

The workflow covers all essential steps for building and testing a Python package, including dependency installation, package building, local installation, and security auditing. While there are some suggestions for modernization and improved documentation, this is a solid foundation for ensuring code quality and security in your CI/CD pipeline.

Great job on implementing this build test workflow!

.github/workflows/publish_stable.yml (1)

44-57: LGTM! Sync job is well-configured.

The sync_dev job is correctly set up to synchronize the dev branch with master after a successful release. Good use of fetch-depth: 0 and the GITHUB_TOKEN secret.

.github/workflows/release_workflow.yml (1)

37-62: ⚠️ Potential issue

LGTM! Fix the version retrieval step.

The publish_pypi job is well-structured and correctly depends on the publish_alpha job. The Python setup and package building steps are appropriate.

There's a potential issue with the version retrieval step. The current command doesn't properly capture the output. Here's a fix:

- run: echo "version=$(python setup.py --version)" >> $GITHUB_OUTPUT
+ run: echo "version=$(python setup.py --version)" >> $GITHUB_ENV
  id: version

Also, to use this version later, you should reference it as ${{ env.version }} instead of ${{ steps.version.outputs.version }}.

To ensure the version is correctly retrieved and set, you can add a step to print the version:

- name: Print version
  run: echo "Retrieved version: ${{ env.version }}"

🧰 Tools

🪛 actionlint

54-54: shellcheck reported issue in this script: SC2086:info:1:48: Double quote to prevent globbing and word splitting

(shellcheck)