Skip to content

Starter-up#3250

Open
tijuks wants to merge 1483 commits into
actions:updae_azure_python_cachefrom
tijuks:main
Open

Starter-up#3250
tijuks wants to merge 1483 commits into
actions:updae_azure_python_cachefrom
tijuks:main

Conversation

@tijuks
Copy link
Copy Markdown

@tijuks tijuks commented Mar 26, 2026
edited
Loading

Pre-requisites

  • Prior to submitting a new workflow, please apply to join the GitHub Technology Partner Program: partner.github.com/apply.

Please note that at this time we are only accepting new starter workflows for Code Scanning. Updates to existing starter workflows are fine.

Tasks

For all workflows, the workflow:

  • Should be contained in a .yml file with the language or platform as its filename, in lower, kebab-cased format (for example, docker-image.yml). Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET").
  • Should use sentence case for the names of workflows and steps (for example, "Run tests").
  • Should be named only by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build").
  • Should include comments in the workflow for any parts that are not obvious or could use clarification.
  • Should specify least privileged permissions for GITHUB_TOKEN so that the workflow runs successfully.

For CI workflows, the workflow:

  • Should be preserved under the ci directory.
  • Should include a matching ci/properties/*.properties.json file (for example, ci/properties/docker-publish.properties.json).
  • Should run on push to branches: [ $default-branch ] and pull_request to branches: [ $default-branch ].
  • Packaging workflows should run on release with types: [ created ].
  • Publishing workflows should have a filename that is the name of the language or platform, in lower case, followed by "-publish" (for example, docker-publish.yml).

For Code Scanning workflows, the workflow:

  • Should be preserved under the code-scanning directory.
  • Should include a matching code-scanning/properties/*.properties.json file (for example, code-scanning/properties/codeql.properties.json), with properties set as follows:
    • name: Name of the Code Scanning integration.
    • creator: Name of the organization/user producing the Code Scanning integration.
    • description: Short description of the Code Scanning integration.
    • categories: Array of languages supported by the Code Scanning integration.
    • iconName: Name of the SVG logo representing the Code Scanning integration. This SVG logo must be present in the icons directory.
  • Should run on push to branches: [ $default-branch, $protected-branches ] and pull_request to branches: [ $default-branch ]. We also recommend a schedule trigger of cron: $cron-weekly (for example, codeql.yml).

Some general notes:

  • This workflow must only use actions that are produced by GitHub, in the actions organization, or
  • This workflow must only use actions that are produced by the language or ecosystem that the workflow supports. These actions must be published to the GitHub Marketplace. We require that these actions be referenced using the full 40 character hash of the action's commit instead of a tag. Additionally, workflows must include the following comment at the top of the workflow file: 
    # This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
  • Automation and CI workflows should not send data to any 3rd party service except for the purposes of installing dependencies.
  • Automation and CI workflows cannot be dependent on a paid service or product.

JamesMGreene and others added 30 commits March 29, 2024 20:19
@JamesMGreene
Improve step name for Next.js build
e4837fa
@SOOS-GSteen @alexisabril
update soos dash action commit hash / sarif action version / logo (ac…
efd31e5 
…tions#2317)

* Update soos-dast-scan.yml

* Update soos-dast-scan.yml

* Update soos.svg

* Update code-scanning/soos-dast-scan.yml

Co-authored-by: Alexis Abril <[email protected]>

---------

Co-authored-by: Alexis Abril <[email protected]>
@cgarciagarcia @alexisabril
ci: use artisan command to run test, because this ci/laravel.yml does…
b53d05e 
… not work properly in laravel when uses Pest instead of PHPUnit (actions#2284)

Co-authored-by: Alexis Abril <[email protected]>
@issyl0
codeql: Clarify that hosted larger runners only exist on GHEC
31a3e00 
- Part of github/code-scanning#13748.
@issyl0
Merge pull request actions#2363 from actions/larger-runners-not-ghes
607f368 
codeql: Clarify that hosted larger runners only exist on GHEC
@jsoref
Checkout: Update all workflows to use Checkout V4
cd4b67d
@another-rex @alexisabril
Add OSV-Scanner code scanning workflow (actions#2350)
ca5bcdc 
* Add OSV-Scanner code scanning workflow

* Update code-scanning/osv-scanner.yml

Co-authored-by: Alexis Abril <[email protected]>

---------

Co-authored-by: Alexis Abril <[email protected]>
@marcogario @starcke
Update CodeQL workflow to use packages:read permission.
a3194f5 
Co-authored-by: Anders Starcke Henriksen <[email protected]>
@marcogario
Merge pull request actions#2372 from actions/codeql-packages-read
9963e8c 
Update CodeQL workflow to use packages:read permission.
@mponaws
Add starter-workflows for Policy Validator (actions#2375)
ac9c407 
* Add starter-workflows for Policy Validator

* Add starter-workflows for Policy Validator

* Add starter-workflows for Policy Validator, removed references to GitHub secrets & S3 to keep it simple
@tsusdere
remove pages for now
7e9ab60
@tsusdere
Update settings.json
29b0a3e
@DanRigby
Merge branch 'main' into bump-actions
8ff5c7e
@DanRigby
Merge pull request actions#2270 from jsoref/bump-actions
2435e57 
Checkout: Update all workflows to use Checkout V4
@dependabot
Bump actions/cache from 3 to 4
b81d5bf 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@jsoref
Setup-Java: Update all workflows to use Setup-Java V4
37d6de7 
Signed-off-by: Josh Soref <[email protected]>
@jsoref
Setup-Dotnet: Update all workflows to Setup-Dotnet V4
545832a
@jsoref
Artifacts: Update all workflows to use Artifacts V4
d51dfab 
Signed-off-by: Josh Soref <[email protected]>
@jsoref
Labeler: Update to v5
a072fdf
@jsoref
Setup-Node: Update all workflows to use Setup-Node V4
1830845 
* Switch default node version to 20
* Update version set to 18.x, 20.x, 22.x

Signed-off-by: Josh Soref <[email protected]>
@jsoref
fix(openshift): comment out dangling dependency
23a568e
@jamiemccarthy
Merge branch 'main' into jm-ci-rubyonrails
64be628
@jamiemccarthy
Reference ruby/setup-ruby with latest commit hash
e656ded 
As required in pull_request_template.md
@woodruffw
Merge branch 'main' into ww/trusted-publish
93f1d5f
@yoannchaudet
Update script/sync-ghes/settings.json
5902ad7
@yoannchaudet
Update script/sync-ghes/settings.json
d526113
@yoannchaudet
Update script/sync-ghes/settings.json
7d07997
@yoannchaudet
Merge branch 'main' into tsusdere-patch-1
15066a3
@yoannchaudet
Merge pull request actions#2376 from actions/tsusdere-patch-1
79af930 
Remove Pages starter workflows from the sync automation
@yoannchaudet
ici
2649624
mnkiefer and others added 30 commits April 10, 2026 13:44
@mnkiefer
Starter workflows as md for agentic
720f73b
@mnkiefer
Remove duplicate reporthing path
08b6dae
@mnkiefer
Normalize SVG icon names in workflow checks
202af9a
@mnkiefer
Reduce agentic catalog to top 11 workflows
5cf16ac
@mnkiefer
Remove unused lucide icons
0801d37
@mnkiefer
Add normalizeSvgIconName utility
0695b7e
@mnkiefer
Add warning for unnormalizable SVG icon names
f375b23
@mnkiefer
Add trailing newlines
ce2b91e
@mnkiefer
Name property on all workflows
d0d2974
@mnkiefer @salmanmkc
Update agentic/ci-doctor.md
d909740 
Co-authored-by: Salman Chishti <[email protected]>
@mnkiefer
Remove unused imports
6d4e51a
@mnkiefer @salmanmkc
Update README.md
954732e 
Co-authored-by: Salman Chishti <[email protected]>
@mnkiefer @salmanmkc
Update README.md
f165e91 
Co-authored-by: Salman Chishti <[email protected]>
@mnkiefer
Allow syncing .md starter workflows to GHES
08790b8
@mnkiefer
Added agentic starte- workflow codeowners
5f73980
@mnkiefer
Clean up workflows
98671d3
@ericsciple
Add actions-runtime as starter-workflows maintainers
d2d4cf5 
Actions Runtime maintains starter workflows. Add the team to the
repo-wide CODEOWNERS rule so Runtime members can satisfy the required
review on PRs like actions#3270.
@ericsciple
Merge pull request actions#3272 from actions/users/ericsciple/26-04-c…
b01591e 
…odeowners-runtime

Add actions-runtime as starter-workflows maintainers
@mnkiefer
Remove codeowners for agentic
8420994
@mnkiefer
Remove lucide & replace by octicons
61ba98d
@mnkiefer
Delete mapping.md
9be79b1
@mnkiefer
Revert icon text changes in README.md
dce6133
@mnkiefer
Remove agentic folder from sync-ghes settings
7e46a00
@mnkiefer
Removed .md support from sync-ghes script
cf036d0
@mnkiefer
Merge branch 'main' into mnkiefer/agentics-starter-workflows
13098f2
@mnkiefer
retrigger checks
3e555e4
@SrRyan
Merge pull request actions#3270 from mnkiefer/mnkiefer/agentics-start…
53d347c 
…er-workflows

Add "Agentic" starter workflows & metadata
@tijuks
Create terraform.yml
ecb1f3e 
Signed-off-by: tijuks   <[email protected]>
@tijuks
Merge pull request #1 from Global-Information-Systems/main
1d8b61d 
Create terraform.yml
@tijuks
Create azure-webapps-node.yml
04691ba
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

code-scanning Related to workflows that show on the Code Scanning setup page

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.