added compliance workflows

sachin-panayil · sachin-panayil · commit 9d6b0845b286 · 2025-02-11T16:19:22.000-05:00
Signed-off-by: Sachin Panayil &lt;sachinpanayil01@gmail.com&gt;
diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
diff --git a/.github/workflows/repoHygieneCheck.yml b/.github/workflows/repoHygieneCheck.yml
@@ -0,0 +1,70 @@
+name: "Repository Hygiene Check"
+on:
+  push:
+    branches:
+      - 'main'
+  workflow_dispatch:
+
+jobs:
+  check-first-run:
+    name: Check For First Run
+    runs-on: ubuntu-latest
+    outputs:
+      should_run: ${{ steps.check.outputs.should_run }}
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+      - id: check
+        run: |
+          # If manually triggered, always run
+
+          if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
+            echo "should_run=true" >> $GITHUB_OUTPUT
+            exit 0
+
+          fi
+          
+          # Check if initialization label exists
+
+          has_label=$(gh label list --json name | jq '.[] | select(.name=="repolinter-initialized")')
+
+          if [[ -z "$has_label" ]]; then
+            # First time - create label and allow run
+            gh label create repolinter-initialized --description "Marks repo as having run initial repolinter check"
+            echo "should_run=true" >> $GITHUB_OUTPUT
+          else
+            echo "should_run=false" >> $GITHUB_OUTPUT
+
+          fi
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  resolve-repolinter-json:
+    name: Get Repolinter Config
+    needs: check-first-run
+    if: needs.check-first-run.outputs.should_run == 'true'
+    uses: DSACMS/repo-scaffolder/.github/workflows/extendJSONFile.yml@main
+    with: 
+      url_to_json: 'https://raw.githubusercontent.com/DSACMS/repo-scaffolder/main/tier3/%7B%7Bcookiecutter.project_slug%7D%7D/repolinter.json'
+  
+  repolinter-checks:
+    name: Tier 3 Checks
+    needs: [check-first-run, resolve-repolinter-json]
+    if: needs.check-first-run.outputs.should_run == 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    env:
+      RAW_JSON: ${{ needs.resolve-repolinter-json.outputs.raw-json }}
+    steps:
+      - uses: actions/checkout@v4
+      - run: echo $RAW_JSON > repolinter.json
+      - uses: DSACMS/repolinter-action@main
+        with:
+          config_file: 'repolinter.json'
+          output_type: 'pull-request'
+          pull_request_labels: 'repolinter-initialized, cms-oss, cms-gov'
+          token: ${{ secrets.REPOLINTER_AUTO_TOKEN }}
diff --git a/.github/workflows/updateCodeJSON.yml b/.github/workflows/updateCodeJSON.yml
@@ -0,0 +1,34 @@
+name: Update Code.json
+on:
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  update-code-json:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.22'
+      
+      - name: Install SCC
+        run: go install github.com/boyter/scc/v3@latest
+      
+      - name: Update code.json
+        uses: DSACMS/automated-codejson-generator@main
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/index.json b/index.json
@@ -0,0 +1,194 @@
+{
+  "agency": "CMS",
+  "version": "1.0.0",
+  "measurementType": {
+    "method": "projects"
+  },
+  "releases": [
+    {
+      "organization": "Centers for Medicare & Medicaid Services",
+      "name": "codejson-index-generator",
+      "description": {
+        "en": {
+          "shortDescription": "Script to create an indexed code.json for agencies.",
+          "longDescription": "The GitHub Code.json Index Generator is a Python-based tool that helps federal agencies compile and maintain their code.json files for code.gov compliance. It automatically scans specified GitHub organizations, finds repositories containing code.json files, and combines them into a single indexed file."
+        }
+      },
+      "status": "production",
+      "permissions": {
+        "licenses": [
+          {
+            "URL": "LICENSE",
+            "name": "CC0-1.0"
+          }
+        ],
+        "usageType": "openSource"
+      },
+      "repositoryURL": "https://github.com/DSACMS/codejson-index-generator",
+      "vcs": "git",
+      "laborHours": 1181.19,
+      "platforms": [
+        "mac"
+      ],
+      "categories": [
+        "compliance-management",
+        "data-collection"
+      ],
+      "softwareType": "standalone/desktop",
+      "languages": [
+        "python"
+      ],
+      "maintenance": "internal",
+      "date": {
+        "created": "2025-01-07T16:26:42-05:00",
+        "lastModified": "2025-01-08T22:28:21+0000",
+        "metadataLastUpdated": "2025-01-08T22:28:21+0000"
+      },
+      "tags": [
+        "codejson",
+        "index",
+        "generator",
+        "tools"
+      ],
+      "contact": {
+        "email": "opensource@cms.hhs.gov",
+        "name": "CMS Open Source Program Office"
+      },
+      "localisation": "false",
+      "repoType": "Tools",
+      "userInput": "Yes",
+      "fismaLevel": "Low",
+      "group": "DSAC",
+      "subsetInHealthcare": "Operational",
+      "userType": "Government",
+      "repositoryHost": "Github.com",
+      "maturityModelTier": "1"
+    },
+    {
+      "organization": "Centers for Medicare & Medicaid Services",
+      "name": "repodive-tools",
+      "description": {
+        "en": {
+          "shortDescription": "Scripts and tools to gather information about git repositories.",
+          "longDescription": "This repository is a collection of scripts and tools for a given repodiving effort. Repodiving in this context means going through a git repository and gathering relevant information for a specific purpose."
+        }
+      },
+      "status": "production",
+      "permissions": {
+        "licenses": [
+          {
+            "URL": "LICENSE",
+            "name": "CC0-1.0"
+          }
+        ]
+      },
+      "repositoryURL": "https://github.com/DSACMS/repodive-tools",
+      "vcs": "git",
+      "laborHours": null,
+      "platforms": [
+        "mac"
+      ],
+      "categories": [
+        "data-collection,data-analytics"
+      ],
+      "softwareType": "standalone/backend",
+      "languages": [
+        "bash,python"
+      ],
+      "maintenance": "internal",
+      "date": {
+        "created": "2024-07-30T11:54:17-05:00",
+        "lastModified": "2024-10-22T22:00:58+0000",
+        "metadataLastUpdated": "2024-10-22T22:00:58+0000"
+      },
+      "tags": [
+        "git,repository,scripts,repodiving"
+      ],
+      "contact": {
+        "email": "opensource@cms.hhs.gov",
+        "name": "CMS Open Source Program Office"
+      },
+      "localisation": "false",
+      "repoType": "Tools",
+      "userInput": "Yes",
+      "fismaLevel": "Low",
+      "group": "DSAC",
+      "subsetInHealthcare": "Operational",
+      "userType": "Government",
+      "repositoryHost": "Github.com",
+      "maturityModelTier": "1"
+    },
+    {
+      "organization": "DSACMS",
+      "name": "dedupliFHIR",
+      "projectType": "Tools",
+      "userInput": "Yes",
+      "fismaLevel": "Moderate",
+      "group": "CMS/OA/DSAC",
+      "subsetInHealthcare": "Operational",
+      "userType": "Providers",
+      "repositoryHost": "Github.com",
+      "maturityModelTier": "3"
+    },
+    {
+      "organization": "DSACMS",
+      "name": "metrics",
+      "projectType": "Website",
+      "userInput": "No",
+      "fismaLevel": "Low",
+      "group": "CMS/OA/DSAC",
+      "subsetInHealthcare": "Operational",
+      "userType": "Government",
+      "repositoryHost": "Github.com",
+      "maturityModelTier": "3"
+    },
+    {
+      "organization": "DSACMS",
+      "name": "mural-ollama",
+      "project_type": "Apps",
+      "user_input": "Yes",
+      "project_fisma_level": "Moderate",
+      "group": "CMS/OA/DSAC",
+      "subset_in_healthcare": "Operational",
+      "user_type": "Government",
+      "repository_host": "Github.com",
+      "maturity_model_tier": "1"
+    },
+    {
+      "organization": "DSACMS",
+      "name": "open",
+      "projectType": "Website",
+      "userInput": "No",
+      "fismaLevel": "Low",
+      "group": "CMS/OA/DSAC",
+      "subsetInHealthcare": "Operational",
+      "userType": "Government",
+      "repositoryHost": "Github.com",
+      "maturityModelTier": "2"
+    },
+    {
+      "organization": "DSACMS",
+      "name": "repo-scaffolder",
+      "projectType": "Tools",
+      "userInput": "No",
+      "fismaLevel": "Low",
+      "group": "CMS/OA/DSAC",
+      "subsetInHealthcare": "Operational",
+      "userType": "Government",
+      "repositoryHost": "Github.com",
+      "maturityModelTier": "3"
+    },
+    {
+      "organization": "DSACMS",
+      "name": "reverse-scorecard-generation",
+      "project_type": "Tools",
+      "user_input": "Yes",
+      "project_fisma_level": "Moderate",
+      "group": "CMS/OA/DSAC",
+      "subset_in_healthcare": "Operational",
+      "user_type": "Government",
+      "repository_host": "Github.com",
+      "maturity_model_tier": "1"
+    }
+  ]
+}
