From 3f5874bc814e563eaaf97e1a1db44a932cecff5c Mon Sep 17 00:00:00 2001 From: NoobNoob06 Date: Fri, 20 Sep 2024 11:28:28 -0400 Subject: [PATCH 1/9] Added definition of terms on the metrics website. --- docs/MetricsGlossary.md | 60 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 docs/MetricsGlossary.md diff --git a/docs/MetricsGlossary.md b/docs/MetricsGlossary.md new file mode 100644 index 0000000000..429a57d75a --- /dev/null +++ b/docs/MetricsGlossary.md @@ -0,0 +1,60 @@ +# Terms on the Metrics Website + +## Organization +An organization is a team of collaborators and contributors, along with project repositories. An organizational account allows people to become members and collaborate on the repositories it contains. Members can assume different roles with varying responsibilities and abilities. + +### OSPO +**Open Source Program Office**. A department or team within an organization that manages and oversees open source software initiatives, including contributions, compliance, and community engagement. + +### DSAC +**Digital Services at CMS**. The digital services and initiatives managed by the Centers for Medicare & Medicaid Services (CMS) to enhance their digital platforms and services. + +## Repository +Also known as “repo,” a repository is the most basic element of GitHub. It's easiest to imagine as a project's folder. A repository contains all of the project files (including documentation) and stores each file's revision history. Repositories can have multiple collaborators and can be either public or private. + +## Metrics +Measurable data points that help visualize and analyze contributions and interactions within GitHub Repositories (projects). Metrics can provide insights into the activity, health, and engagement of a repository. + +## Issues +Issues are a way to track tasks, enhancements, bugs, and discussions or feedback in a repository. Analyzing the number of open vs. closed issues helps gauge project progress and team workload. + +## Commits +Commits are individual changes made to the codebase. Each commit includes a unique ID, a message describing the change, and a timestamp. Tracking commits helps understand how frequently changes are made and how active development is. + +## Pull Requests (PRs) +Pull requests are a way to propose changes to a codebase. When a developer wants to merge their changes from a branch into another (typically the main branch), they create a PR. This facilitates code review and discussion before the changes are merged. Metrics like the number of open vs. closed PRs, average time to merge, and comments can reveal the efficiency of the review process and team collaboration. + +## Forks +Forks are copies of a repository that allow users to freely experiment with changes without affecting the original project. They are commonly used for developing features or fixes that can later be submitted back to the original repository via pull requests. A high number of forks can indicate community interest and the potential for external contributions, showcasing the project's relevance and usability. + +## Stars +Stars are a way for users to show appreciation for a repository. A star can be thought of as a "like" or "bookmark," indicating that a user finds the project interesting or useful. The number of stars can be a metric for a project's popularity or perceived value. + +## Watchers +Watchers are users who subscribe to updates for a repository. They receive notifications about discussions, issues, and commits. The number of watchers can indicate how many people are actively interested in the project's progress. + +## Diff +Diff refers to the difference in metrics such as issues, commits, or PRs between this week and last week. It highlights changes in contributions or activity over time. + +## %diff +%diff represents the percentage change in a given metric (like issues, commits, or PRs) compared to the previous week. It provides a quick view of growth or decline, helping teams assess their activity levels and project health over time. + + +# Terms In the Metrics Repository + +## Feature Branch +A feature branch is a separate branch in a version control system (like Git) used to develop a new feature or make changes to the project. It allows developers to work on features independently of the main codebase and merge changes back once the feature is complete. + +## Hotfix +A quick and immediate fix applied to a live production environment to address a critical issue or bug. Hotfixes are usually implemented outside the regular release cycle to minimize downtime and resolve urgent problems. + +## PEP8 +**Python Enhancement Proposal 8**. A style guide for Python code that outlines conventions for writing clean and readable Python code. It includes recommendations on formatting, naming conventions, and code structure. + +## Linting +The process of running a program (a linter) that analyzes source code to identify potential errors, stylistic issues, and code quality problems. Linting helps maintain code quality and consistency across a project. + +## Eleventy +A simple and flexible static site generator. It allows developers to build static websites using various template languages and provides tools for customizing and optimizing static site builds. + + From 72edbe88745c4fc354abde8ca26f80251621aee9 Mon Sep 17 00:00:00 2001 From: NoobNoob06 Date: Fri, 20 Sep 2024 14:57:16 -0400 Subject: [PATCH 2/9] Added description of organizations --- docs/MetricsGlossary.md | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/docs/MetricsGlossary.md b/docs/MetricsGlossary.md index 429a57d75a..a9dc7debea 100644 --- a/docs/MetricsGlossary.md +++ b/docs/MetricsGlossary.md @@ -3,12 +3,18 @@ ## Organization An organization is a team of collaborators and contributors, along with project repositories. An organizational account allows people to become members and collaborate on the repositories it contains. Members can assume different roles with varying responsibilities and abilities. -### OSPO -**Open Source Program Office**. A department or team within an organization that manages and oversees open source software initiatives, including contributions, compliance, and community engagement. - -### DSAC +### DSACMS **Digital Services at CMS**. The digital services and initiatives managed by the Centers for Medicare & Medicaid Services (CMS) to enhance their digital platforms and services. +### CMS-Enterprise +Repositories related to the operations of the Centers for Medicare and Medicaid Services. + +### CMSgov +Open Source repositories released by the Centers for Medicare and Medicaid Services. + +### Enterprise-CMCS +Center for Medicaid & CHIP Services. + ## Repository Also known as “repo,” a repository is the most basic element of GitHub. It's easiest to imagine as a project's folder. A repository contains all of the project files (including documentation) and stores each file's revision history. Repositories can have multiple collaborators and can be either public or private. @@ -42,6 +48,9 @@ Diff refers to the difference in metrics such as issues, commits, or PRs between # Terms In the Metrics Repository +## OSPO +**Open Source Program Office**. A department or team within an organization that manages and oversees open source software initiatives, including contributions, compliance, and community engagement. + ## Feature Branch A feature branch is a separate branch in a version control system (like Git) used to develop a new feature or make changes to the project. It allows developers to work on features independently of the main codebase and merge changes back once the feature is complete. From 735afc26151fc70c23f45e955cc51e83faa8eec6 Mon Sep 17 00:00:00 2001 From: NoobNoob06 Date: Fri, 20 Sep 2024 15:18:34 -0400 Subject: [PATCH 3/9] Added a definition for 'followers' and fixed some typos --- docs/MetricsGlossary.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docs/MetricsGlossary.md b/docs/MetricsGlossary.md index a9dc7debea..240f7317b0 100644 --- a/docs/MetricsGlossary.md +++ b/docs/MetricsGlossary.md @@ -39,11 +39,14 @@ Stars are a way for users to show appreciation for a repository. A star can be t ## Watchers Watchers are users who subscribe to updates for a repository. They receive notifications about discussions, issues, and commits. The number of watchers can indicate how many people are actively interested in the project's progress. +## Followers +Watchers are users who subscribe to updates for an organization's public activity(new repositories, discussions...). + ## Diff Diff refers to the difference in metrics such as issues, commits, or PRs between this week and last week. It highlights changes in contributions or activity over time. -## %diff -%diff represents the percentage change in a given metric (like issues, commits, or PRs) compared to the previous week. It provides a quick view of growth or decline, helping teams assess their activity levels and project health over time. +## % Diff +% Diff represents the percentage change in a given metric (like issues, commits, or PRs) compared to the previous week. It provides a quick view of growth or decline, helping teams assess their activity levels and project health over time. # Terms In the Metrics Repository From 4c9cd36a49fd0cdec2ff49d6c1d1d67c2c12c68f Mon Sep 17 00:00:00 2001 From: Isaac Milarsky Date: Thu, 3 Oct 2024 10:37:56 -0500 Subject: [PATCH 4/9] aggregate all of the workflows that update the repository into one pipeline Signed-off-by: Isaac Milarsky --- .github/workflows/cicd.yml | 8 ++- .github/workflows/scorecard_internal.yml | 39 ------------- .github/workflows/update_cocomo_stats.yml | 37 ------------ .github/workflows/update_data.yml | 69 +++++++++++++++++++++-- 4 files changed, 71 insertions(+), 82 deletions(-) delete mode 100644 .github/workflows/scorecard_internal.yml delete mode 100644 .github/workflows/update_cocomo_stats.yml diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 77e0338f35..68a8eb56d7 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -2,8 +2,8 @@ name: CICD on: schedule: - # Run Mondays at 5:15 am - - cron: "15 5 * * 0" + # Run Mondays at 7:15 am + - cron: "15 7 * * 0" workflow_dispatch: permissions: @@ -16,6 +16,10 @@ concurrency: cancel-in-progress: false jobs: + update-metrics: + name: Update Metrics + uses: ./.github/workflows/update_data.yml + update-reports-and-graphs: permissions: write-all name: update reports and graphs diff --git a/.github/workflows/scorecard_internal.yml b/.github/workflows/scorecard_internal.yml deleted file mode 100644 index 49aea39828..0000000000 --- a/.github/workflows/scorecard_internal.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Generate OSSF Scorecard Report for Internal Repositories - -on: - workflow_dispatch: {} - schedule: - # Weekly on Saturdays. - - cron: "30 1 * * 6" - -jobs: - update: - strategy: - matrix: - orgs: ["DSACMS", "Enterprise-CMCS", "CMS-Enterprise", "CMSgov"] - max-parallel: 1 - permissions: write-all - name: update - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - - name: Install OSSF CLI - run: docker pull gcr.io/openssf/scorecard:stable - - name: Run OSSF Scorecard Report script - run: ./scripts/scorecard_internal.sh ${{ matrix.orgs }} - env: - GITHUB_TOKEN: ${{ secrets.METRICS_GITHUB_TOKEN }} - - name: Commit changes - run: | - git config user.name 'GitHub Actions' - git config user.email 'actions@users.noreply.github.com' - git pull - git add -A - timestamp=$(date -u) - git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 - - name: Push to ${{ github.ref_name }} - uses: CasperWA/push-protected@v2 - with: - token: ${{ secrets.METRICS_GITHUB_TOKEN }} - branch: ${{ github.ref_name }} diff --git a/.github/workflows/update_cocomo_stats.yml b/.github/workflows/update_cocomo_stats.yml deleted file mode 100644 index 7e7701a5a1..0000000000 --- a/.github/workflows/update_cocomo_stats.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: Update COCOMO stats - -on: - workflow_dispatch: {} - schedule: - # Run Mondays at 2:15 am - - cron: "15 2 * * 0" - -jobs: - update: - strategy: - matrix: - orgs: ["DSACMS", "Enterprise-CMCS", "CMS-Enterprise", "CMSgov"] - max-parallel: 1 - permissions: write-all - name: update - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - - name: Install scc - run: go install github.com/boyter/scc/v3@latest - - name: Run COCOMO script - run: ./scripts/scc_cocomo.sh ${{ matrix.orgs }} - - name: Commit changes - run: | - git config user.name 'GitHub Actions' - git config user.email 'actions@users.noreply.github.com' - git pull - git add -A - timestamp=$(date -u) - git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 - - name: Push to ${{ github.ref_name }} - uses: CasperWA/push-protected@v2 - with: - token: ${{ secrets.METRICS_GITHUB_TOKEN }} - branch: ${{ github.ref_name }} diff --git a/.github/workflows/update_data.yml b/.github/workflows/update_data.yml index ce68f49c0b..4bb01f39cb 100644 --- a/.github/workflows/update_data.yml +++ b/.github/workflows/update_data.yml @@ -1,10 +1,11 @@ name: Update data on: - workflow_dispatch: {} - schedule: - # Run Mondays at 2:15 am - - cron: "15 2 * * 0" + workflow_dispatch: + workflow_call: + + + jobs: update: @@ -45,3 +46,63 @@ jobs: with: token: ${{ secrets.METRICS_GITHUB_TOKEN }} branch: ${{ github.ref_name }} + cocomo: + strategy: + matrix: + orgs: ["DSACMS", "Enterprise-CMCS", "CMS-Enterprise", "CMSgov"] + max-parallel: 1 + permissions: write-all + name: cocomo + runs-on: ubuntu-latest + needs: update + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + - name: Install scc + run: go install github.com/boyter/scc/v3@latest + - name: Run COCOMO script + run: ./scripts/scc_cocomo.sh ${{ matrix.orgs }} + - name: Commit changes + run: | + git config user.name 'GitHub Actions' + git config user.email 'actions@users.noreply.github.com' + git pull + git add -A + timestamp=$(date -u) + git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 + - name: Push to ${{ github.ref_name }} + uses: CasperWA/push-protected@v2 + with: + token: ${{ secrets.METRICS_GITHUB_TOKEN }} + branch: ${{ github.ref_name }} + scorecard: + strategy: + matrix: + orgs: ["DSACMS", "Enterprise-CMCS", "CMS-Enterprise", "CMSgov"] + max-parallel: 1 + permissions: write-all + name: scorecard + runs-on: ubuntu-latest + needs: cocomo + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + - name: Install OSSF CLI + run: docker pull gcr.io/openssf/scorecard:stable + - name: Run OSSF Scorecard Report script + run: ./scripts/scorecard_internal.sh ${{ matrix.orgs }} + env: + GITHUB_TOKEN: ${{ secrets.METRICS_GITHUB_TOKEN }} + - name: Commit changes + run: | + git config user.name 'GitHub Actions' + git config user.email 'actions@users.noreply.github.com' + git pull + git add -A + timestamp=$(date -u) + git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 + - name: Push to ${{ github.ref_name }} + uses: CasperWA/push-protected@v2 + with: + token: ${{ secrets.METRICS_GITHUB_TOKEN }} + branch: ${{ github.ref_name }} From c270c6965570fa8d668e37fded462411dac2bf0f Mon Sep 17 00:00:00 2001 From: Isaac Milarsky Date: Thu, 3 Oct 2024 10:39:09 -0500 Subject: [PATCH 5/9] aggregate all of the workflows that update the repository into one pipeline Signed-off-by: Isaac Milarsky --- .github/workflows/cicd.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 68a8eb56d7..74a98b5cc6 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -24,6 +24,7 @@ jobs: permissions: write-all name: update reports and graphs runs-on: ubuntu-latest + needs: update-metrics steps: - uses: actions/checkout@v4 # update stats From 1c898fc80ae04b23a863ad2d268c0db88d7ea85f Mon Sep 17 00:00:00 2001 From: Isaac Milarsky Date: Thu, 3 Oct 2024 10:40:01 -0500 Subject: [PATCH 6/9] disable the contributors auto action for now Signed-off-by: Isaac Milarsky --- .github/workflows/contributors.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml index 473999513b..6f38c214cd 100644 --- a/.github/workflows/contributors.yml +++ b/.github/workflows/contributors.yml @@ -1,7 +1,4 @@ on: - push: - branches: - - main workflow_dispatch: jobs: From bef74fe73218e70c3ed57d05e0e18e82e57b8f04 Mon Sep 17 00:00:00 2001 From: Isaac Milarsky Date: Thu, 3 Oct 2024 10:44:54 -0500 Subject: [PATCH 7/9] permissions issue Signed-off-by: Isaac Milarsky --- .github/workflows/update_data.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update_data.yml b/.github/workflows/update_data.yml index 4bb01f39cb..a24124daee 100644 --- a/.github/workflows/update_data.yml +++ b/.github/workflows/update_data.yml @@ -4,7 +4,10 @@ on: workflow_dispatch: workflow_call: - +permissions: + contents: read + pages: write + id-token: write jobs: From cc91da6fbe54c14b38e08529ae76c7114c50c3fe Mon Sep 17 00:00:00 2001 From: Isaac Milarsky Date: Thu, 3 Oct 2024 10:56:24 -0500 Subject: [PATCH 8/9] permissions issue Signed-off-by: Isaac Milarsky --- .github/workflows/update_data.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/update_data.yml b/.github/workflows/update_data.yml index a24124daee..af34faefe9 100644 --- a/.github/workflows/update_data.yml +++ b/.github/workflows/update_data.yml @@ -4,10 +4,7 @@ on: workflow_dispatch: workflow_call: -permissions: - contents: read - pages: write - id-token: write +permissions: read-all jobs: From d192b42cebf943da8172097543003038d70b1a10 Mon Sep 17 00:00:00 2001 From: Isaac Milarsky Date: Thu, 3 Oct 2024 11:01:03 -0500 Subject: [PATCH 9/9] try one file Signed-off-by: Isaac Milarsky --- .github/workflows/cicd.yml | 104 ++++++++++++++++++++++++++-- .github/workflows/update_data.yml | 108 ------------------------------ 2 files changed, 99 insertions(+), 113 deletions(-) delete mode 100644 .github/workflows/update_data.yml diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 74a98b5cc6..b03547e6e2 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -16,15 +16,109 @@ concurrency: cancel-in-progress: false jobs: - update-metrics: - name: Update Metrics - uses: ./.github/workflows/update_data.yml - + update: + strategy: + matrix: + orgs: ["DSACMS","Enterprise-CMCS","CMS-Enterprise","CMSgov"] + max-parallel: 1 + permissions: write-all + name: update + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + # update stats + - uses: actions/setup-python@v5 + with: + python-version: '3.9' + - name: cache pip + uses: actions/cache@v4 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }} + restore-keys: | + ${{ runner.os }}-pip- + - run: pip install -r requirements.txt + - run: git pull && ./update.sh ${{ matrix.orgs }} + env: + GITHUB_TOKEN: ${{ secrets.METRICS_GITHUB_TOKEN }} + AUGUR_HOST: ${{ vars.AUGUR_HOST }} + - run: | + git config user.name 'GitHub Actions' + git config user.email 'actions@users.noreply.github.com' + git pull + git add -A + timestamp=$(date -u) + git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 + - name: Push to ${{ github.ref_name }} + uses: CasperWA/push-protected@v2 + with: + token: ${{ secrets.METRICS_GITHUB_TOKEN }} + branch: ${{ github.ref_name }} + cocomo: + strategy: + matrix: + orgs: ["DSACMS", "Enterprise-CMCS", "CMS-Enterprise", "CMSgov"] + max-parallel: 1 + permissions: write-all + name: cocomo + runs-on: ubuntu-latest + needs: update + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + - name: Install scc + run: go install github.com/boyter/scc/v3@latest + - name: Run COCOMO script + run: ./scripts/scc_cocomo.sh ${{ matrix.orgs }} + - name: Commit changes + run: | + git config user.name 'GitHub Actions' + git config user.email 'actions@users.noreply.github.com' + git pull + git add -A + timestamp=$(date -u) + git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 + - name: Push to ${{ github.ref_name }} + uses: CasperWA/push-protected@v2 + with: + token: ${{ secrets.METRICS_GITHUB_TOKEN }} + branch: ${{ github.ref_name }} + scorecard: + strategy: + matrix: + orgs: ["DSACMS", "Enterprise-CMCS", "CMS-Enterprise", "CMSgov"] + max-parallel: 1 + permissions: write-all + name: scorecard + runs-on: ubuntu-latest + needs: cocomo + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + - name: Install OSSF CLI + run: docker pull gcr.io/openssf/scorecard:stable + - name: Run OSSF Scorecard Report script + run: ./scripts/scorecard_internal.sh ${{ matrix.orgs }} + env: + GITHUB_TOKEN: ${{ secrets.METRICS_GITHUB_TOKEN }} + - name: Commit changes + run: | + git config user.name 'GitHub Actions' + git config user.email 'actions@users.noreply.github.com' + git pull + git add -A + timestamp=$(date -u) + git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 + - name: Push to ${{ github.ref_name }} + uses: CasperWA/push-protected@v2 + with: + token: ${{ secrets.METRICS_GITHUB_TOKEN }} + branch: ${{ github.ref_name }} update-reports-and-graphs: permissions: write-all name: update reports and graphs runs-on: ubuntu-latest - needs: update-metrics + needs: scorecard steps: - uses: actions/checkout@v4 # update stats diff --git a/.github/workflows/update_data.yml b/.github/workflows/update_data.yml deleted file mode 100644 index af34faefe9..0000000000 --- a/.github/workflows/update_data.yml +++ /dev/null @@ -1,108 +0,0 @@ -name: Update data - -on: - workflow_dispatch: - workflow_call: - -permissions: read-all - - -jobs: - update: - strategy: - matrix: - orgs: ["DSACMS","Enterprise-CMCS","CMS-Enterprise","CMSgov"] - max-parallel: 1 - permissions: write-all - name: update - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # update stats - - uses: actions/setup-python@v5 - with: - python-version: '3.9' - - name: cache pip - uses: actions/cache@v4 - with: - path: ~/.cache/pip - key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }} - restore-keys: | - ${{ runner.os }}-pip- - - run: pip install -r requirements.txt - - run: git pull && ./update.sh ${{ matrix.orgs }} - env: - GITHUB_TOKEN: ${{ secrets.METRICS_GITHUB_TOKEN }} - AUGUR_HOST: ${{ vars.AUGUR_HOST }} - - run: | - git config user.name 'GitHub Actions' - git config user.email 'actions@users.noreply.github.com' - git pull - git add -A - timestamp=$(date -u) - git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 - - name: Push to ${{ github.ref_name }} - uses: CasperWA/push-protected@v2 - with: - token: ${{ secrets.METRICS_GITHUB_TOKEN }} - branch: ${{ github.ref_name }} - cocomo: - strategy: - matrix: - orgs: ["DSACMS", "Enterprise-CMCS", "CMS-Enterprise", "CMSgov"] - max-parallel: 1 - permissions: write-all - name: cocomo - runs-on: ubuntu-latest - needs: update - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - - name: Install scc - run: go install github.com/boyter/scc/v3@latest - - name: Run COCOMO script - run: ./scripts/scc_cocomo.sh ${{ matrix.orgs }} - - name: Commit changes - run: | - git config user.name 'GitHub Actions' - git config user.email 'actions@users.noreply.github.com' - git pull - git add -A - timestamp=$(date -u) - git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 - - name: Push to ${{ github.ref_name }} - uses: CasperWA/push-protected@v2 - with: - token: ${{ secrets.METRICS_GITHUB_TOKEN }} - branch: ${{ github.ref_name }} - scorecard: - strategy: - matrix: - orgs: ["DSACMS", "Enterprise-CMCS", "CMS-Enterprise", "CMSgov"] - max-parallel: 1 - permissions: write-all - name: scorecard - runs-on: ubuntu-latest - needs: cocomo - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - - name: Install OSSF CLI - run: docker pull gcr.io/openssf/scorecard:stable - - name: Run OSSF Scorecard Report script - run: ./scripts/scorecard_internal.sh ${{ matrix.orgs }} - env: - GITHUB_TOKEN: ${{ secrets.METRICS_GITHUB_TOKEN }} - - name: Commit changes - run: | - git config user.name 'GitHub Actions' - git config user.email 'actions@users.noreply.github.com' - git pull - git add -A - timestamp=$(date -u) - git commit -m "update ${{ matrix.orgs }} data: ${timestamp}" || exit 0 - - name: Push to ${{ github.ref_name }} - uses: CasperWA/push-protected@v2 - with: - token: ${{ secrets.METRICS_GITHUB_TOKEN }} - branch: ${{ github.ref_name }}