From 1c134d7b0a85ce3e9c8f41dee090197d5e1fe4fa Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 8 May 2026 13:39:16 -0400 Subject: [PATCH] Refresh workflows from ITensorPkgSkeleton v0.3.61 Regenerated GitHub workflows from the latest skeleton template. Adds CheckCompatBounds, CodeQL, and FormatCheckComment, and brings existing workflows in line with current ecosystem conventions (action versions, job names, permissions blocks). IntegrationTest.yml uses the multi-line JSON-array `pkgs:` form consumed by ITensorActions IntegrationTest@v2. --- .github/workflows/CheckCompatBounds.yml | 14 ++++++++ .github/workflows/CodeQL.yml | 16 +++++++++ .github/workflows/CompatHelper.yml | 5 +-- .github/workflows/Documentation.yml | 8 +++-- .github/workflows/FormatCheck.yml | 13 ++++---- .github/workflows/FormatCheckComment.yml | 16 +++++++++ .github/workflows/FormatPullRequest.yml | 6 ++-- .github/workflows/IntegrationTest.yml | 35 +++++++------------- .github/workflows/IntegrationTestRequest.yml | 14 +++++--- .github/workflows/Registrator.yml | 7 ++-- .github/workflows/TagBot.yml | 10 ++++-- .github/workflows/Tests.yml | 4 ++- .github/workflows/VersionCheck.yml | 12 +++++-- 13 files changed, 110 insertions(+), 50 deletions(-) create mode 100644 .github/workflows/CheckCompatBounds.yml create mode 100644 .github/workflows/CodeQL.yml create mode 100644 .github/workflows/FormatCheckComment.yml diff --git a/.github/workflows/CheckCompatBounds.yml b/.github/workflows/CheckCompatBounds.yml new file mode 100644 index 0000000..718a91f --- /dev/null +++ b/.github/workflows/CheckCompatBounds.yml @@ -0,0 +1,14 @@ +name: "CheckCompatBounds" +on: + pull_request: ~ +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: "${{ startsWith(github.ref, 'refs/pull/') }}" +permissions: + contents: "read" +jobs: + check-compat-bounds: + name: "CheckCompatBounds" + uses: "ITensor/ITensorActions/.github/workflows/CheckCompatBounds.yml@v2" + with: + localregistry: "https://github.com/ITensor/ITensorRegistry.git" diff --git a/.github/workflows/CodeQL.yml b/.github/workflows/CodeQL.yml new file mode 100644 index 0000000..5b70afd --- /dev/null +++ b/.github/workflows/CodeQL.yml @@ -0,0 +1,16 @@ +name: "CodeQL" +on: + pull_request: + branches: + - "main" +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: "${{ startsWith(github.ref, 'refs/pull/') }}" +permissions: + contents: "read" + security-events: "write" + actions: "read" +jobs: + codeql: + name: "CodeQL" + uses: "ITensor/ITensorActions/.github/workflows/CodeQL.yml@v2" diff --git a/.github/workflows/CompatHelper.yml b/.github/workflows/CompatHelper.yml index 70f2dc6..305496d 100644 --- a/.github/workflows/CompatHelper.yml +++ b/.github/workflows/CompatHelper.yml @@ -7,8 +7,9 @@ permissions: contents: "write" pull-requests: "write" jobs: - compat-helper: + compathelper: name: "CompatHelper" - uses: "ITensor/ITensorActions/.github/workflows/CompatHelper.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/CompatHelper.yml@v2" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" + secrets: "inherit" diff --git a/.github/workflows/Documentation.yml b/.github/workflows/Documentation.yml index c3b11ec..9c6dec4 100644 --- a/.github/workflows/Documentation.yml +++ b/.github/workflows/Documentation.yml @@ -3,17 +3,19 @@ on: push: branches: - "main" - tags: "*" + tags: ["v*"] pull_request: ~ schedule: - cron: "1 4 * * 4" concurrency: group: "${{ github.workflow }}-${{ github.ref }}" cancel-in-progress: "${{ github.ref_name != github.event.repository.default_branch || github.ref != 'refs/tags/v*' }}" +permissions: + contents: "write" jobs: - build-and-deploy-docs: + documentation: name: "Documentation" - uses: "ITensor/ITensorActions/.github/workflows/Documentation.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/Documentation.yml@v2" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" secrets: diff --git a/.github/workflows/FormatCheck.yml b/.github/workflows/FormatCheck.yml index 3c290ea..e1a1aaa 100644 --- a/.github/workflows/FormatCheck.yml +++ b/.github/workflows/FormatCheck.yml @@ -1,16 +1,17 @@ -name: "Format Check" +name: "FormatCheck" on: - pull_request_target: + pull_request: types: - "opened" - "synchronize" - "reopened" - "ready_for_review" +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: "${{ startsWith(github.ref, 'refs/pull/') }}" permissions: contents: "read" - actions: "write" - pull-requests: "write" jobs: format-check: - name: "Format Check" - uses: "ITensor/ITensorActions/.github/workflows/FormatCheck.yml@main" + name: "FormatCheck" + uses: "ITensor/ITensorActions/.github/workflows/FormatCheck.yml@v2" diff --git a/.github/workflows/FormatCheckComment.yml b/.github/workflows/FormatCheckComment.yml new file mode 100644 index 0000000..3aa4a15 --- /dev/null +++ b/.github/workflows/FormatCheckComment.yml @@ -0,0 +1,16 @@ +name: "FormatCheckComment" +on: + workflow_run: + workflows: + - "FormatCheck" + types: + - "completed" +permissions: + pull-requests: "write" + actions: "read" +jobs: + format-check-comment: + name: "FormatCheckComment" + if: "github.event.workflow_run.event == 'pull_request'" + uses: "ITensor/ITensorActions/.github/workflows/FormatCheckComment.yml@v2" + secrets: "inherit" diff --git a/.github/workflows/FormatPullRequest.yml b/.github/workflows/FormatPullRequest.yml index 5a8b627..b0c2b61 100644 --- a/.github/workflows/FormatPullRequest.yml +++ b/.github/workflows/FormatPullRequest.yml @@ -1,4 +1,4 @@ -name: "Format Pull Request" +name: "FormatPullRequest" on: schedule: - cron: "0 0 * * *" @@ -11,6 +11,6 @@ permissions: pull-requests: "write" jobs: format-pull-request: - name: "Format Pull Request" - uses: "ITensor/ITensorActions/.github/workflows/FormatPullRequest.yml@main" + name: "FormatPullRequest" + uses: "ITensor/ITensorActions/.github/workflows/FormatPullRequest.yml@v2" secrets: "inherit" diff --git a/.github/workflows/IntegrationTest.yml b/.github/workflows/IntegrationTest.yml index 310f563..a94b24d 100644 --- a/.github/workflows/IntegrationTest.yml +++ b/.github/workflows/IntegrationTest.yml @@ -4,38 +4,27 @@ on: branches: - "main" tags: "*" - paths: - - "Project.toml" - pull_request_target: + pull_request: types: - "opened" - "synchronize" - "reopened" - "ready_for_review" - "converted_to_draft" - paths: - - "Project.toml" +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: "${{ startsWith(github.ref, 'refs/pull/') }}" +permissions: + actions: "read" + contents: "read" jobs: integration-test: name: "IntegrationTest" - strategy: - fail-fast: false - matrix: - pkg: - - "ITensorTestPackageDependent" - uses: "ITensor/ITensorActions/.github/workflows/IntegrationTest.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/IntegrationTest.yml@v2" secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" - pkg: "${{ matrix.pkg }}" - integration-gate: - name: "IntegrationTest" - needs: "integration-test" - if: "${{ always() && needs.integration-test.result != 'skipped' }}" - runs-on: "ubuntu-latest" - steps: - - name: "Fail if any downstream integration test failed" - run: | - echo "integration-test.result = ${{ needs.integration-test.result }}" - test "${{ needs.integration-test.result }}" = "success" - + pkgs: | + [ + "ITensorTestPackageDependent" + ] diff --git a/.github/workflows/IntegrationTestRequest.yml b/.github/workflows/IntegrationTestRequest.yml index 6f58e45..7f7aee2 100644 --- a/.github/workflows/IntegrationTestRequest.yml +++ b/.github/workflows/IntegrationTestRequest.yml @@ -1,14 +1,20 @@ -name: "Integration Test Request" +name: "IntegrationTestRequest" on: issue_comment: types: - "created" +permissions: + actions: "read" + contents: "read" + checks: "write" + pull-requests: "write" jobs: - integrationrequest: + integration-test-request: + name: "IntegrationTestRequest" if: | github.event.issue.pull_request && contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.comment.author_association) - - uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@v2" + secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" diff --git a/.github/workflows/Registrator.yml b/.github/workflows/Registrator.yml index 97dc033..82d0a03 100644 --- a/.github/workflows/Registrator.yml +++ b/.github/workflows/Registrator.yml @@ -1,4 +1,4 @@ -name: "Register Package" +name: "Registrator" on: workflow_dispatch: ~ push: @@ -15,8 +15,9 @@ permissions: pull-requests: "write" issues: "write" jobs: - Register: - uses: "ITensor/ITensorActions/.github/workflows/Registrator.yml@main" + registrator: + name: "Registrator" + uses: "ITensor/ITensorActions/.github/workflows/Registrator.yml@v2" with: localregistry: "ITensor/ITensorRegistry" secrets: "inherit" diff --git a/.github/workflows/TagBot.yml b/.github/workflows/TagBot.yml index f535119..1dd7bed 100644 --- a/.github/workflows/TagBot.yml +++ b/.github/workflows/TagBot.yml @@ -4,8 +4,14 @@ on: types: - "created" workflow_dispatch: ~ +env: + REGISTRY_TAGBOT_ACTION: "JuliaRegistries/TagBot" +permissions: + contents: "write" + issues: "read" jobs: - TagBot: + tagbot: + name: "TagBot" if: "github.event_name == 'workflow_dispatch' || github.actor == 'JuliaTagBot'" - uses: "ITensor/ITensorActions/.github/workflows/TagBot.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/TagBot.yml@v2" secrets: "inherit" diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index 70f6c8d..7add6ef 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -19,6 +19,8 @@ on: concurrency: group: "${{ github.workflow }}-${{ github.ref }}" cancel-in-progress: "${{ startsWith(github.ref, 'refs/pull/') }}" +permissions: + contents: "read" jobs: tests: name: "Tests" @@ -32,7 +34,7 @@ jobs: - "ubuntu-latest" - "macOS-latest" - "windows-latest" - uses: "ITensor/ITensorActions/.github/workflows/Tests.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/Tests.yml@v2" with: group: "${{ matrix.group }}" julia-version: "${{ matrix.version }}" diff --git a/.github/workflows/VersionCheck.yml b/.github/workflows/VersionCheck.yml index bb0df88..437bd6b 100644 --- a/.github/workflows/VersionCheck.yml +++ b/.github/workflows/VersionCheck.yml @@ -1,9 +1,15 @@ -name: "Version Check" +name: "VersionCheck" on: pull_request: ~ +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: "${{ startsWith(github.ref, 'refs/pull/') }}" +permissions: + contents: "read" + pull-requests: "read" jobs: version-check: - name: "Version Check" - uses: "ITensor/ITensorActions/.github/workflows/VersionCheck.yml@main" + name: "VersionCheck" + uses: "ITensor/ITensorActions/.github/workflows/VersionCheck.yml@v2" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git"