Skip to content

ci: migrate to reusable workflows#42

Open
pkking wants to merge 4 commits into
masterfrom
ci/migrate-to-reusable-workflows
Open

ci: migrate to reusable workflows#42
pkking wants to merge 4 commits into
masterfrom
ci/migrate-to-reusable-workflows

Conversation

@pkking

@pkking pkking commented May 17, 2026

Copy link
Copy Markdown

Summary

Migrate from individual workflow definitions to organization reusable workflows to improve code quality, documentation quality, and test coverage.

Changes

New Workflow Files (6 files - public repo, no gitleaks/sast)

Workflow Purpose Runner
build-and-coverage.yml Go build + full/incremental coverage ubuntu-latest
trivy-vulnerability.yml Vulnerability scanning ubuntu-latest
trivy-license.yml License scanning ubuntu-latest
check-branch-naming.yml Branch naming validation (PR only) ubuntu-latest
check-label.yml PR label validation (PR only) ubuntu-latest
document-gate.yml Documentation gate (PR only) ubuntu-latest

Configuration

  • Go version: 1.20 (from go.mod)
  • Coverage thresholds: 10% full, 80% incremental (organization standard)
  • All workflows use SHA-pinned actions for supply chain security

Resolves https://github.com/opensourceways/backlog/issues/367

Related

  • Reusable workflows: opensourceways/agent-development-specification#9
  • Workflow documentation: .github/workflows/README.md in agent-development-specification

Migrate from individual workflow definitions to organization reusable workflows:
- build-and-coverage: go-reusable.yml (build + coverage with incremental analysis)
- sast: sast-reusable.yml (static analysis)
- gitleaks: gitleaks-reusable.yml (secret scanning)
- trivy-vulnerability: trivy-vulnerability-reusable.yml (vulnerability + secret scan)
- trivy-license: trivy-license-reusable.yml (license scanning)
- check-branch-naming: branch naming validation (PR only)
- check-label: PR label validation (PR only)
- document-gate: documentation gate (PR only)

Related: opensourceways/agent-development-specification#9
@gemini-code-assist

Copy link
Copy Markdown

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@opensourceways-bot

Copy link
Copy Markdown

Welcome To opensourceways Community

Hey @pkking , thanks for your contribution to the community.

Bot Usage Manual

I'm the Bot here serving you. You can find the instructions on how to interact with me at Here . That means you can comment below every pull request or issue to trigger Bot Commands.

Contact Guide

If you have any questions, please contact the SIG: infratructure ,
and any of the maintainers: @GeorgeCao-hw, @TangJia025, @pkking, @zhongjun2 ,
and any of the committers: @ibfru .

@opensourceways-bot

Copy link
Copy Markdown

CLA Signature Pass

pkking, thanks for your pull request. All authors of the commits have signed the CLA. 👍

@opensourceways-bot

Copy link
Copy Markdown

Linking Issue Notice

@pkking , the pull request must be linked to at least one issue.
If an issue has already been linked, but the needs-issue label remains, you can remove the label by commenting /check-issue .

@opensourceways-bot

Copy link
Copy Markdown

CLA Signature Pass

pkking, thanks for your pull request. All authors of the commits have signed the CLA. 👍

@opensourceways-bot

Copy link
Copy Markdown

CLA Signature Pass

pkking, thanks for your pull request. All authors of the commits have signed the CLA. 👍

@opensourceways-bot

Copy link
Copy Markdown
检查项 状态
敏感信息扫描
安全编码扫描
漏洞扫描
Check代码检查
开源license合规扫描
UT测试覆盖率
开发阶段设计文档检查
流水线链接 点击跳转查看日志

@opensourceways-bot

Copy link
Copy Markdown

CLA Signature Pass

pkking, thanks for your pull request. All authors of the commits have signed the CLA. 👍

@opensourceways-bot

Copy link
Copy Markdown
检查项 状态
敏感信息扫描
安全编码扫描
漏洞扫描
Check代码检查
开源license合规扫描
UT测试覆盖率
开发阶段设计文档检查
流水线链接 点击跳转查看日志

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants