Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
292 changes: 292 additions & 0 deletions .github/workflows/repository-overseer.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,292 @@
name: Repository Overseer

on:
# Run on schedule
schedule:
- cron: '0 0 * * 0' # Weekly on Sunday at midnight

# Allow manual trigger
workflow_dispatch:
inputs:
analysis_type:
description: 'Type of analysis to run'
required: false
default: 'full'
type: choice
options:
- full
- code
- docs
- deps
- cicd
- issues
- automation
- monitor

# Run on push to main branches
push:
branches:
- main
- master
paths:
- '**.py'
- 'requirements.txt'
- 'package.json'
- '.github/workflows/**'

# Run on pull requests
pull_request:
types: [opened, synchronize, reopened]

jobs:
overseer-analysis:
name: Run Repository Overseer
runs-on: ubuntu-latest
permissions:
contents: write
issues: write
pull-requests: write

steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # Full history for better analysis

- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
cache: 'pip'

- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt

- name: Run Repository Overseer
id: overseer
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
ANALYSIS_TYPE="${{ github.event.inputs.analysis_type }}"
else
ANALYSIS_TYPE="full"
fi

if [[ "$ANALYSIS_TYPE" == "full" ]]; then
python run_overseer.py --verbose --output overseer-results.json
else
python run_overseer.py --only "$ANALYSIS_TYPE" --verbose --output overseer-results.json
fi
continue-on-error: true

- name: Upload analysis results
uses: actions/upload-artifact@v4
if: always()
with:
name: overseer-results
path: overseer-results.json
retention-days: 30

- name: Generate analysis summary
if: always()
run: |
python -c "
import json
import os

with open('overseer-results.json') as f:
data = json.load(f)

summary = []
summary.append('# 🔍 Repository Overseer Analysis')
summary.append('')
summary.append(f'**Timestamp:** {data.get(\"timestamp\", \"N/A\")}')
summary.append('')

analyses = data.get('analyses', {})

# Code Analysis
code = analyses.get('code', {})
if code:
summary.append('## 📊 Code Quality')
summary.append(f'- **Quality Score:** {code.get(\"code_quality_score\", code.get(\"quality_score\", 0))}/100')
summary.append(f'- **Refactoring Opportunities:** {len(code.get(\"refactoring_opportunities\", []))}')
summary.append(f'- **Architectural Improvements:** {len(code.get(\"architectural_improvements\", []))}')
summary.append(f'- **Performance Issues:** {len(code.get(\"performance_optimizations\", []))}')
summary.append('')

# Dependencies
deps = analyses.get('dependencies', {})
if deps:
vuln_count = len(deps.get('vulnerable_packages', []))
outdated_count = len(deps.get('outdated_packages', []))

summary.append('## 📦 Dependencies')
if vuln_count > 0:
summary.append(f'- ⚠️ **Vulnerable Packages:** {vuln_count}')
else:
summary.append('- ✅ **No vulnerable packages found**')
summary.append(f'- **Outdated Packages:** {outdated_count}')
summary.append(f'- **Upgrade Recommendations:** {len(deps.get(\"upgrade_recommendations\", []))}')
summary.append('')

# CI/CD
cicd = analyses.get('cicd', {})
if cicd:
summary.append('## ⚙️ CI/CD')
summary.append(f'- **Workflow Optimizations:** {len(cicd.get(\"workflow_optimizations\", []))}')
summary.append(f'- **Test Improvements:** {len(cicd.get(\"test_improvements\", []))}')
summary.append(f'- **Linting Suggestions:** {len(cicd.get(\"linting_suggestions\", []))}')
summary.append('')

# Recommendations
recs = data.get('recommendations', [])
if recs:
summary.append('## 💡 Top Recommendations')
critical = [r for r in recs if r.get('priority') == 'critical']
high = [r for r in recs if r.get('priority') == 'high']

if critical:
summary.append('### 🔴 Critical')
for rec in critical[:3]:
summary.append(f'- {rec.get(\"message\", \"\")}')

if high:
summary.append('### 🟡 High Priority')
for rec in high[:5]:
summary.append(f'- {rec.get(\"message\", \"\")}')
summary.append('')

summary.append('---')
summary.append('📁 Full results available in the workflow artifacts')

# Write to step summary
with open(os.environ['GITHUB_STEP_SUMMARY'], 'w') as f:
f.write('\n'.join(summary))
"

- name: Create issue for critical findings
if: always()
uses: actions/github-script@v7
with:
script: |
const fs = require('fs');
const results = JSON.parse(fs.readFileSync('overseer-results.json', 'utf8'));

const recommendations = results.recommendations || [];
const critical = recommendations.filter(r => r.priority === 'critical');
const high = recommendations.filter(r => r.priority === 'high');

if (critical.length > 0 || high.length > 0) {
const deps = results.analyses?.dependencies || {};
const vulnerabilities = deps.vulnerable_packages || [];

let body = '## 🔍 Repository Overseer - Critical Findings\n\n';
body += `**Analysis Date:** ${results.timestamp}\n\n`;

if (critical.length > 0) {
body += '### 🔴 Critical Issues\n\n';
critical.forEach(rec => {
body += `- **[${rec.category}]** ${rec.message}\n`;
});
body += '\n';
}

if (vulnerabilities.length > 0) {
body += '### ⚠️ Security Vulnerabilities\n\n';
vulnerabilities.slice(0, 5).forEach(vuln => {
body += `- **${vuln.package}** (${vuln.current_version}): ${vuln.vulnerability}\n`;
if (vuln.fixed_in) {
body += ` - Fix: Upgrade to ${vuln.fixed_in}\n`;
}
});
if (vulnerabilities.length > 5) {
body += `\n_...and ${vulnerabilities.length - 5} more vulnerabilities_\n`;
}
body += '\n';
}

if (high.length > 0) {
body += '### 🟡 High Priority Issues\n\n';
high.slice(0, 10).forEach(rec => {
body += `- **[${rec.category}]** ${rec.message}\n`;
});
if (high.length > 10) {
body += `\n_...and ${high.length - 10} more high priority issues_\n`;
}
body += '\n';
}

body += '\n---\n';
body += 'Full analysis results are available in the [workflow artifacts]';
body += `(${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}).\n`;

// Check if an issue already exists
const issues = await github.rest.issues.listForRepo({
owner: context.repo.owner,
repo: context.repo.repo,
labels: 'overseer-findings',
state: 'open'
});

if (issues.data.length > 0) {
// Update existing issue
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: issues.data[0].number,
body: `## 🔄 Updated Findings\n\n${body}`
});
} else {
// Create new issue
await github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: '🔍 Repository Overseer - Critical Findings',
body: body,
labels: ['overseer-findings', 'automated']
});
}
}

dependency-security-scan:
name: Security Vulnerability Scan
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write

steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'

- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install safety pip-audit

- name: Run safety check
continue-on-error: true
run: |
safety check --json --output safety-report.json || true

- name: Run pip-audit
continue-on-error: true
run: |
pip-audit --format json --output pip-audit-report.json || true

- name: Upload security reports
uses: actions/upload-artifact@v4
if: always()
with:
name: security-reports
path: |
safety-report.json
pip-audit-report.json
retention-days: 30
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -210,3 +210,4 @@ __marimo__/
overseer-results.json
README_ENHANCED.md
CONTRIBUTING_ENHANCED.md
coverage.json
48 changes: 48 additions & 0 deletions CONTRIBUTING_GENERATED.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
# Contributing Guide

Thank you for your interest in contributing to !

## Getting Started

1. Fork the repository
2. Clone your fork
3. Create a new branch for your feature
4. Make your changes
5. Run tests
6. Submit a pull request

## Development Setup

See the [User Guide](USER_GUIDE.md) for setup instructions.

## Code Style

### Python

- Follow PEP 8 style guide
- Use type hints where appropriate
- Write docstrings for all public functions and classes
- Maximum line length: 100 characters

## Testing

All new features must include tests.

Run tests with:

```bash
pytest
```

## Pull Request Process

1. Update documentation as needed
2. Add tests for new functionality
3. Ensure all tests pass
4. Update CHANGELOG.md
5. Request review from maintainers

## Code of Conduct

Please be respectful and constructive in all interactions.

Loading
Loading