From f39370f0fdb2cdfd3513c4c16a3aedf01870150d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Hensgen?= <24550538+sebhmg@users.noreply.github.com> Date: Fri, 17 Apr 2026 12:26:48 -0400 Subject: [PATCH 1/3] [DEVOPS-1066] use CI-tools @v3 --- .github/workflows/issue_to_jira.yml | 2 +- .github/workflows/pr_add_jira_summary.yml | 2 +- .github/workflows/python_analysis.yml | 4 ++-- .github/workflows/python_deploy_dev.yml | 4 ++-- .github/workflows/python_deploy_prod.yml | 4 ++-- .github/workflows/security_scan.yml | 4 ++-- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/issue_to_jira.yml b/.github/workflows/issue_to_jira.yml index fabc728..b67cfaa 100644 --- a/.github/workflows/issue_to_jira.yml +++ b/.github/workflows/issue_to_jira.yml @@ -8,7 +8,7 @@ permissions: {} jobs: call-workflow-create-jira-issue: - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-jira-issue_to_jira.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-jira-issue_to_jira.yml@v3 permissions: contents: read issues: write diff --git a/.github/workflows/pr_add_jira_summary.yml b/.github/workflows/pr_add_jira_summary.yml index 2427315..0e85698 100644 --- a/.github/workflows/pr_add_jira_summary.yml +++ b/.github/workflows/pr_add_jira_summary.yml @@ -8,7 +8,7 @@ permissions: {} jobs: call-workflow-add-jira-issue-summary: - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-jira-pr_add_jira_summary.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-jira-pr_add_jira_summary.yml@v3 permissions: contents: read pull-requests: write diff --git a/.github/workflows/python_analysis.yml b/.github/workflows/python_analysis.yml index c67d604..246522d 100644 --- a/.github/workflows/python_analysis.yml +++ b/.github/workflows/python_analysis.yml @@ -26,7 +26,7 @@ concurrency: jobs: call-workflow-static-analysis: name: Static analysis - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-static_analysis.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-static_analysis.yml@v3 permissions: contents: read pull-requests: read @@ -36,7 +36,7 @@ jobs: python-version: '3.12' call-workflow-pytest: name: Pytest - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-pytest.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-pytest.yml@v3 permissions: contents: read pull-requests: read diff --git a/.github/workflows/python_deploy_dev.yml b/.github/workflows/python_deploy_dev.yml index 750c1d2..059cceb 100644 --- a/.github/workflows/python_deploy_dev.yml +++ b/.github/workflows/python_deploy_dev.yml @@ -14,7 +14,7 @@ concurrency: jobs: call-workflow-conda-publish: name: Publish development conda package on JFrog Artifactory - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-publish_rattler_package.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-publish_rattler_package.yml@v3 permissions: contents: write with: @@ -28,7 +28,7 @@ jobs: JFROG_ARTIFACTORY_TOKEN: ${{ secrets.JFROG_ARTIFACTORY_TOKEN }} call-workflow-pypi-publish: name: Publish development pypi package (JFrog Artifactory, TestPyPI) - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-publish_pypi_package.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-publish_pypi_package.yml@v3 permissions: contents: write with: diff --git a/.github/workflows/python_deploy_prod.yml b/.github/workflows/python_deploy_prod.yml index 229d920..2155987 100644 --- a/.github/workflows/python_deploy_prod.yml +++ b/.github/workflows/python_deploy_prod.yml @@ -29,7 +29,7 @@ jobs: call-workflow-conda-release: name: Publish production Conda package on JFrog Artifactory if: ${{ github.event_name == 'release' || github.event.inputs.publish-conda == 'true' }} - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-release_conda_assets.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-release_conda_assets.yml@v3 permissions: contents: write with: @@ -41,7 +41,7 @@ jobs: call-workflow-pypi-release: name: Publish production PyPI package (JFrog Artifactory, PyPI) if: ${{ github.event_name == 'release' || github.event.inputs.publish-pypi == 'true' }} - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-release_pypi_assets.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-python-release_pypi_assets.yml@v3 permissions: contents: write with: diff --git a/.github/workflows/security_scan.yml b/.github/workflows/security_scan.yml index 0060b34..6fe1dce 100644 --- a/.github/workflows/security_scan.yml +++ b/.github/workflows/security_scan.yml @@ -31,7 +31,7 @@ jobs: security-events: write contents: read actions: read - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-advanced-security.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-advanced-security.yml@v3 call-workflow-zizmor-advanced-security: name: Zizmor analysis (annotate) @@ -40,4 +40,4 @@ jobs: checks: write contents: read actions: read - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-annotate.yml@v2 + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-annotate.yml@v3 From de06825839b45053b3acbb2261e3f1ab50f8eeca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Hensgen?= <24550538+sebhmg@users.noreply.github.com> Date: Fri, 17 Apr 2026 12:46:41 -0400 Subject: [PATCH 2/3] [DEVOPS-1066] use new pr_jira_actions workflow --- ...pr_add_jira_summary.yml => pr_jira_actions.yml} | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) rename .github/workflows/{pr_add_jira_summary.yml => pr_jira_actions.yml} (70%) diff --git a/.github/workflows/pr_add_jira_summary.yml b/.github/workflows/pr_jira_actions.yml similarity index 70% rename from .github/workflows/pr_add_jira_summary.yml rename to .github/workflows/pr_jira_actions.yml index 0e85698..4fa28f8 100644 --- a/.github/workflows/pr_add_jira_summary.yml +++ b/.github/workflows/pr_jira_actions.yml @@ -1,18 +1,16 @@ -name: Add JIRA issue summary +name: JIRA actions on: pull_request: - types: [opened] - -permissions: {} + types: [opened, synchronize, reopened, ready_for_review] jobs: - call-workflow-add-jira-issue-summary: - uses: MiraGeoscience/CI-tools/.github/workflows/reusable-jira-pr_add_jira_summary.yml@v3 + call-workflow-pr_jira_actions: + uses: MiraGeoscience/CI-tools/.github/workflows/reusable-jira-pr_actions.yml@v3 permissions: contents: read pull-requests: write secrets: - JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} - JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} + JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} + JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} From 8136d4774345471fb51cfbacdec77cee6d75f6d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Hensgen?= <24550538+sebhmg@users.noreply.github.com> Date: Fri, 17 Apr 2026 12:46:59 -0400 Subject: [PATCH 3/3] [DEVOPS-1066] (minor) fix flipped job names --- .github/workflows/security_scan.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/security_scan.yml b/.github/workflows/security_scan.yml index 6fe1dce..18543a7 100644 --- a/.github/workflows/security_scan.yml +++ b/.github/workflows/security_scan.yml @@ -24,7 +24,7 @@ concurrency: cancel-in-progress: true jobs: - call-workflow-zizmor-annotate: + call-workflow-zizmor-advanced-security: name: Zizmor analysis (advanced security) if: ${{ github.event_name != 'pull_request' }} permissions: @@ -33,7 +33,7 @@ jobs: actions: read uses: MiraGeoscience/CI-tools/.github/workflows/reusable-zizmor-advanced-security.yml@v3 - call-workflow-zizmor-advanced-security: + call-workflow-zizmor-annotate: name: Zizmor analysis (annotate) if: ${{ github.event_name == 'pull_request' }} permissions: