core/php-devops
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
php-devops/.github/workflows/template-bootstrap.yml
Snider 7c4e9222ef feat: add template bootstrap workflow and setup guide 
When creating a new repo from this template:
- template-bootstrap.yml runs on first push
- Creates standard labels (agent:*, priority:*, type:*)
- Enables security features (Dependabot, vuln alerts)
- Creates setup checklist issue
- TEMPLATE_SETUP.md guides customization

Files to customize: repos.yaml, CLAUDE.md, README.md
Delete TEMPLATE_SETUP.md when done.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-31 22:24:05 +00:00

140 lines
5.8 KiB
YAML
Raw Blame History

name: Bootstrap from Template
on:
push:
branches: [main, dev]
workflow_dispatch:
inputs:
repo_type:
description: 'Repository type'
required: true
default: 'module'
type: choice
options:
- foundation
- module
- product
- service
- infra
- template
jobs:
bootstrap:
# Only run if this looks like a fresh repo (no releases, few commits)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check if bootstrap needed
id: check
run: |
COMMIT_COUNT=$(git rev-list --count HEAD)
if [ "$COMMIT_COUNT" -lt 5 ]; then
echo "needs_bootstrap=true" >> $GITHUB_OUTPUT
echo "Fresh repo detected ($COMMIT_COUNT commits)"
else
echo "needs_bootstrap=false" >> $GITHUB_OUTPUT
echo "Existing repo ($COMMIT_COUNT commits) - skipping bootstrap"
fi
- name: Create standard labels
if: steps.check.outputs.needs_bootstrap == 'true'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# Agent workflow labels
gh label create "agent:ready" --description "Task ready for AI agent" --color "0E8A16" --force || true
gh label create "agent:wip" --description "Work in progress by agent" --color "F9D0C4" --force || true
gh label create "agent:review" --description "Needs verification" --color "FBCA04" --force || true
gh label create "agent:blocked" --description "Needs human input" --color "D93F0B" --force || true
gh label create "verified" --description "Work verified" --color "0E8A16" --force || true
gh label create "verify-failed" --description "Verification failed" --color "D93F0B" --force || true
gh label create "agentic" --description "AI-consumable task" --color "5319E7" --force || true
# Type labels
gh label create "type:feature" --description "New feature" --color "0052CC" --force || true
gh label create "type:bug" --description "Bug fix" --color "D93F0B" --force || true
gh label create "type:security" --description "Security issue" --color "D93F0B" --force || true
gh label create "type:docs" --description "Documentation" --color "0075CA" --force || true
# Priority labels
gh label create "priority:critical" --description "Critical priority" --color "B60205" --force || true
gh label create "priority:high" --description "High priority" --color "D93F0B" --force || true
gh label create "priority:medium" --description "Medium priority" --color "FBCA04" --force || true
gh label create "priority:low" --description "Low priority" --color "0E8A16" --force || true
echo "✅ Labels created"
- name: Set dev as default branch
if: steps.check.outputs.needs_bootstrap == 'true'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# Create dev branch if it doesn't exist
git checkout -b dev 2>/dev/null || git checkout dev
git push origin dev --force-with-lease || true
# Set as default (requires admin token, may fail with GITHUB_TOKEN)
gh repo edit --default-branch dev || echo "⚠️ Could not set default branch (needs admin)"
- name: Enable security features
if: steps.check.outputs.needs_bootstrap == 'true'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# Enable vulnerability alerts
gh api -X PUT repos/${{ github.repository }}/vulnerability-alerts || true
# Enable automated security fixes
gh api -X PUT repos/${{ github.repository }}/automated-security-fixes || true
echo "✅ Security features enabled"
- name: Create setup instructions issue
if: steps.check.outputs.needs_bootstrap == 'true'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh issue create \
--title "🚀 Repository Setup Checklist" \
--label "agentic,type:docs" \
--body "## Post-Template Setup
This repo was created from the [core-devops template](https://github.com/host-uk/core-devops).
### Automated ✅
- [x] Standard labels created
- [x] Security features enabled
- [x] CodeRabbit config present
### Manual Steps
- [ ] Update \`repos.yaml\` with your package details
- [ ] Update \`CLAUDE.md\` with project-specific guidance
- [ ] Update \`README.md\` with project description
- [ ] Add to org project if needed
- [ ] Set up any required secrets (\`PROJECT_TOKEN\` for auto-project)
- [ ] Remove/customize template files
### Optional
- [ ] Enable GitHub Pages for docs
- [ ] Add to CodeRabbit (if not auto-enabled)
- [ ] Configure branch protection rules
---
_This issue was auto-created by the template bootstrap workflow._"
echo "✅ Setup issue created"
- name: Summary
if: steps.check.outputs.needs_bootstrap == 'true'
run: |
echo "## 🎉 Bootstrap Complete" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "Your repo has been configured with:" >> $GITHUB_STEP_SUMMARY
echo "- ✅ Standard labels for agent workflow" >> $GITHUB_STEP_SUMMARY
echo "- ✅ Security features enabled" >> $GITHUB_STEP_SUMMARY
echo "- ✅ Setup checklist issue created" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "See the created issue for remaining manual steps." >> $GITHUB_STEP_SUMMARY
Reference in a new issue View git blame Copy permalink